Top 10 Stories

A Canadian political data firm called AggregateIQ (AIQ) left a large code repository downloadable online, according to a security researcher, exposing the political data and microtargeting tools that various Republican campaigns used to try to influence voters in the United States' 2016 election cycle. View full story ORIGINAL SOURCE: ZDNet

A Canadian political data firm called AggregateIQ (AIQ) left a large code repository downloadable online, according to a security researcher, exposing the political data and microtargeting tools that various Republican campaigns used to try to influence voters in the United States' 2016 election cycle. View full story ORIGINAL SOURCE: ZDNet

The UK clearly sees its cyber-capabilities and its robust approach to security as an asset that it can offer to partners and allies and a driver of UK exports. Cyber-security expertise as a UK specialisation is being made more explicit later today  (Monday 26 March) when International Trade Secretary Dr Liam Fox launches the UK government's new Cyber Security Export Strategy to promote UK expertise and strengthen defence capabilities in the UK and allied countries....

Mississippi Attorney General Jim Hood and 31 of his colleagues have written Congress to urge them to oppose parts of a pending bill that would allow businesses attacked by security breaches to take more time to notify the public. View full story ORIGINAL SOURCE: Clarion Ledger

The team from Phish.ai has developed and released a Google Chrome extension that can detect when users are accessing domains spelled using non-standard Unicode characters and warn the users about the potential of a homograph attack. Miscreants often use such intentionally misspelled domains to lure users on phishing sites, where they collect user credentials or trick victims into downloading files laced with malware. View full story ORIGINAL SOURCE: Bleeping Computer

On Thursday, a report from the Daily Beast alleged that the Guccifer 2.0 hacking persona—famous for leaking data stolen from the Democratic National Committee in 2016—has been linked to a GRU Russian intelligence agent. What appears to have given Guccifer away: The hacker once failed activate a VPN before logging into a social media account. This slip eventually allowed US investigators to link the persona to a Moscow IP address. In fact, they traced it...

A group of Russian “troll factory” operators indicted in February were tagged by Tumblr last year. The Oath-owned microblogging site said last Friday that it identified the suspect accounts during (northern hemisphere) Autumn 2017. The outfit's post said “we uncovered 84 Tumblr accounts linked to the Russian government through the Internet Research Agency, or IRA. These accounts were being used as part of a disinformation campaign leading up to the 2016 U.S. Election”. View full...

Attackers are constantly trying new ways to get around established defenses. The data, collected throughout 2017 by Webroot, illustrates that attacks such as ransomware are becoming a worldwide threat and are seamlessly bypassing legacy security solutions because organizations are neglecting to patch, update, or replace their current products. View full story ORIGINAL SOURCE: Help Net Security

A security vulnerability that is nearly 5 years old has now become the favorite tool of hackers as they are using it to infect Linux servers with crypto mining malware. The vulnerability that is being exploited in this cryptojacking campaign is classified as CVE-2013-2618. The miner is an altered XMRig tool, which is a legitimate, open-source Monero miner. View full story ORIGINAL SOURCE: Hackread

It took a while, but Mark Zuckerberg broke his silence on the Cambridge Analytica scandal a few days ago and posted a response on his Facebook page saying, "We have a responsibility to protect your data, and if we can't then we don't deserve to serve you." View full story ORIGINAL SOURCE: Techradar