News

Google has rolled back an experimental WebContent Occlusion feature that caused major disruption for enterprise users using Chrome in a multi-user terminal server environment. While the issue is now fixed, enterprise admins are furious that this feature was enabled in the first place without their knowledge or permission. For approximately 5 months, Google has been experimenting with a feature called WebContent Occlusion that hides the content of not-visible tabs so that they use less resources and cause...

A new phishing campaign is actively targeting Microsoft Office 365 administrators with the end goal of compromising their entire domain and using newly created accounts on the domain to deliver future phishing emails. The attackers use phishing emails designed to look like they are coming from Microsoft, with the Office 365 logo shown at the top, and delivered using "validated domains" "from a legitimate organization’s Office 365 infrastructure" as PhishLabs found. They also use "Services admin center" as the sender...

Microsoft has announced that they will no longer support the Cortana digital personal assistant app on Android and iOS devices starting in 2020. In support articles for the UK, Australian, and Canadian markets, Microsoft has stated that they will no longer support the Cortana digital assistant apps on iOS and Android stating on January 31st, 2020. Instead, Microsoft will be integrating Cortana into the Microsoft 365 productivity apps. At that time, any Cortana content that was created,...

FedEx says exposed driver database was a 'test system'. US parcel delivery company FedEx has acknowledged that it left an exposed database containing detailed driver and delivery information, but says the infomation was part of a test system. Security researcher Devin Stokes found and responsibly disclosed the open database to FedEx. Once it was removed (after more than a week of trying to get the company's attention), Stokes exclusively shared with El Reg the details on what was within:...

There has been a rampant growth of look-alike domains, which are often used to steal sensitive data from online shoppers. Venafi analysed suspicious domains targeting 20 major retailers in the U.S., U.K., France, Germany and Australia and found over 100,000 look-alike domains that use valid TLS certificates to appear safe and trusted. According to the research, growth in the number of look-alike domains has more than doubled since 2018, outpacing legitimate domains by nearly four...

Two men from Massachusetts were arrested and charged by the Boston U.S. District Court with stealing high-value social media accounts and hundreds of thousands worth of cryptocurrency from at least ten victims by using SIM swapping, death threats, and hacking. Eric Meiggs and Declan Harrington, the two defendants, were charged with one count of conspiracy, eight counts of wire fraud, one count of computer fraud and abuse, and one count of aggravated identity theft in an...

Scottish Widows has been accused of breaching data protection rules after it sent sensitive client information to the wrong policy holder by accident. Last month, one of Scottish Widows’ clients received a letter, seen by Financial Adviser, which included various pieces of information about another client’s pension pot. This included details such as the start date of the plan, the amount of assets held, the membership number and the level of employer contributions. Source: FT...

Researchers stressing the code related to Qualcomm's implementation of the secure execution area on mobile devices found a new vulnerability that could allow access to critical data. Top smartphone brands like Samsung, LG, or Motorola rely on Qualcomm's implementation of the Trusted Execution Environment (TEE)  based on the TrustZone technology from ARM to store and handle sensitive information in a secure area inside the main processor. TEE runs at the same time as the Android...

Since October, a threat actor has been impersonating governmental agencies in phishing emails designed to infect American, German and Italian organizations with various forms of malware, including the Cobalt Strike backdoor, Maze ransomware and the IcedID banking trojan. Source: SC Magazine    

A silly phishing campaign is underway where the attackers state that your password will expire and be changed unless you login and confirm that you want to keep it the same. As people get better at spotting the phishing scams pretending to be shipping information, receipts, and voicemails, scammers need to come with new methods to get people to click the links in their emails. Such is the case with a new phishing email that...