General Cyber News via Ars Technica Risk Assessment

Hackers alter stolen regulatory data to sow mistrust in COVID-19 vaccine

Post titled “Astonishing fraud! Evil Pfffizer! Fake vaccines!” found on the dark Web.
Publish Date: 1/15/2021
read more -->

How law enforcement gets around your smartphone’s encryption

Openings provided by iOS and Android security are there for those with the right tools.
Publish Date: 1/15/2021
read more -->

The NSA warns enterprises to beware of third-party DNS resolvers

Yes, plaintext DNS is insane, but encrypting it has its own tradeoffs.
Publish Date: 1/15/2021
read more -->

Hackers used 4 zero-days to infect Windows and Android devices

Boobytrapped websites are used by attackers to infect people who visited them.
Publish Date: 1/13/2021
read more -->

AT&T kills off the failed TV service formerly known as DirecTV Now

AT&T TV Now folded into AT&T TV, which finally gets a no-contract option.
Publish Date: 1/13/2021
read more -->

Hackers steal Mimecast certificate used to encrypt customers’ M365 traffic

Compromise by "sophisticated threat actor" prompts company to issue new certificate.
Publish Date: 1/12/2021
read more -->

Parler’s amateur coding could come back to haunt Capitol Hill rioters

Some 80 terabytes of posts, many already deleted, preserved for posterity.
Publish Date: 1/12/2021
read more -->

Jared Mauch didn’t have good broadband—so he built his own fiber ISP

"I had to start a telephone company to get [high-speed] Internet access."
Publish Date: 1/12/2021
read more -->

SolarWinds malware has “curious” ties to Russian-speaking hackers

Similarities could prove a link or might be part of a false flag operation.
Publish Date: 1/11/2021
read more -->

New York City proposes regulating algorithms used in hiring

Bill would require firms to disclose when they use software to assess candidates.
Publish Date: 1/10/2021
read more -->

Reddit’s largest remaining Trump community banned for “inciting violence” [Updated]

Friday ban comes with clear notice: "Do not post violent content." Discord follows suit.
Publish Date: 1/8/2021
read more -->

Hackers can clone Google Titan 2FA keys using a side channel in NXP chips

Yubico and Feitian keys that use the same chip are likely susceptible, too.
Publish Date: 1/8/2021
read more -->

DoJ says SolarWinds hackers breached its Office 365 system and read email

Department discovered the intrusion 9 days after SolarWinds hack came to light.
Publish Date: 1/7/2021
read more -->

Bucking Trump, NSA and FBI say Russia was “likely” behind SolarWinds hack

Trump has downplayed the mass compromise and Russia's involvement. Underlings disagree.
Publish Date: 1/6/2021
read more -->

Telegram feature exposes your precise address to hackers

Messenger maker has expressed no plans to fix location disclosure flaw.
Publish Date: 1/5/2021
read more -->

Comcast data cap blasted by lawmakers as it expands into 12 more states

Data cap harms poor people and isn't needed to manage network, Mass. reps say.
Publish Date: 1/5/2021
read more -->

Cryptocurrency stealer for Windows, macOS, and Linux went undetected for a year

ElectroRAT was written from scratch and was likely installed by thousands.
Publish Date: 1/5/2021
read more -->

Hackers are exploiting a backdoor built into Zyxel devices. Are you patched?

Recently discovered account with admin rights is hardcoded into multiple device models.
Publish Date: 1/4/2021
read more -->

Ticketmaster admits it hacked rival company before it went out of business

Ticketmaster used stolen passwords and URL guessing to access confidential data.
Publish Date: 1/4/2021
read more -->

Google employees kick off union membership drive for 120,000 workers

The new union is open to all types of Google employees, including contractors.
Publish Date: 1/4/2021
read more -->


Copyright Ⓒ 2010 SecuritySpecifiers™