Eskenzi PR ad banner Eskenzi PR ad banner

Cyber Bites

Signal fixed a bug that could have allowed attackers to eavesdrop on victims by placing and then immediately auto-answering a call, without the callee's permission. The bug is reminiscent of Apple's FaceTime bug discovered in January, which similarly allowed attackers to eavesdrop on other iPhone users by placing and auto-approving a FaceTime audio or video call. This time, the bug only works via Signal audio calls, and not video, as the Signal app requires users to manually...

Read more

The United States and Baltic states on Sunday agreed to beef up cooperation to protect the Baltic energy grid from cyber attacks as they disconnect from the Russian electricity grid. US Energy Secretary Rick Perry and his Lithuanian, Latvian and Estonian counterparts termed the agreement "a critical moment for the Baltic States in strengthening cybersecurity" in strategic energy infrastructure. Source: France24

Read more

Alabama-based DCH Health System said it has paid off the hackers behind a ransomware attack that severely disrupted operations at three hospitals beginning on Tuesday morning, according to a Saturday report by Tuscaloosa News. The news closely follows an FBI warning that the number of sophisticated attacks on businesses and state and local governments is continuing to climb. Source: Gizmodo

Read more

Gaming company Electronic Arts (EA) has plugged a website glitch that has accidentally leaked the personal details of approximately 1,600 users who signed up on one of its websites. The website was for EA's FIFA 20 Global Series, a competitive tournament for the company's recently launched FIFA 20 soccer-themed game. The company launched the website yesterday, on October 3, and the glitch was spotted right away by players signing up for the upcoming competition. Source: ZDNet

Read more

The information technology systems at a number of hospitals and health services in Gippsland and south-west Victoria have been impacted by a cyber security incident. The cyber incident, which was uncovered on Monday September 30, blocked access to several systems by the infiltration of ransomware, including financial management. Emergency surgery and emergency departments were not compromised in the incident. Hospitals isolated and disconnected a number of systems such as the internet to quarantine the infection....

Read more

The FBI yesterday issued a new public service announcement regarding the ongoing ransomware epidemic, emphasizing that attacks are becoming more targeted since early 2018, with losses increasingly significantly in that time. The alert is intended to update and supplement a previous ransomware warning that the FBI issued back in September 2016, and specifically identifies state and local governments, health care providers, industrial companies and the transportation sector as key targets. Source: SC Magazine

Read more

Google has added a new feature to its password manager that will study a person’s passwords and then inform them on its strength and whether it has been compromised. Password Checkup will not only check a user’s personal choices, but also make personalized recommendations, wrote Andreas Tuerk, product manager for Password Manager. The three primary areas Checkup will test are whether the passwords have been compromised in a third-party breach, if they are being used across different...

Read more

A “double-free” bug in WhatsApp lets attackers exploit it using a malicious GIF to access user content, according to a blog post by a self-described technologist and information security enthusiast that goes by the handle Awakened on GitHub. An attacker would need to send the GIF via a messaging platform to a victim’s device where the vulnerability is exploited and allows access to content once the user opens the photo gallery to send any image. Source: SC...

Read more

Hackers caused havoc at four restaurant chains in the U.S. over the summer after compromising their payment systems with malware that stole customers' payment card information. In the last two days, McAlister's Deli, Moe’s Southwest Grill, Schlotzsky’s, and Hy-Vee disclosed publicly that their networks were infected with point-of-sale malware copying data from cards used in person at certain locations. Source: Bleeping Computer

Read more

An unprotected Elasticsearch cluster contained personally identifiable information on Russian citizens from 2009 to 2016. A database holding more than 20 million Russian tax records was found unprotected, leaving personal tax data accessible to anyone with a web browser, researchers reported this week. The AWS Elasticsearch cluster contained data on Russian citizens spanning 2009 to 2016, according to Comparitech, which partnered with security researcher Bob Diachenko to investigate the leak. No password or any authentication...

Read more
Page 200 of 262 1 199 200 201 262