The FBI might have gone ahead and fixed your Microsoft email server

The FBI might have gone ahead and fixed your Microsoft email server

The FBI has begun quietly accessing hundreds of American computers hacked through Microsoft’s Exchange email program, removing malicious code that the hackers left behind.

Chinese hackers targeted Uyghurs living in US, Facebook security team finds

Chinese hackers targeted Uyghurs living in US, Facebook security team finds

"They targeted activists, journalists and dissidents among Uyghurs and other Muslim minorities from Xinjiang in China primarily living abroad in Turkey, Kazakhstan, the United States and other countries," Facebook said in a post Wednesday detailing its findings about the cyber espionage campaign.

2020 was a ‘record-breaking’ year in US school hacks, security failures

2020 was a ‘record-breaking’ year in US school hacks, security failures

This disruption continues, and while the report acknowledges the "heroic" efforts of IT staff, the analysis also says that "school district responses to the COVID-19 pandemic also revealed significant gaps and critical failures in the resiliency and security of the K-12 educational technology ecosystem.".

New Zealand central bank says its data system was breached

New Zealand central bank says its data system was breached

WELLINGTON (Reuters) - The Reserve Bank of New Zealand said on Sunday that it was responding with urgency to a breach of one of its data systems.In a November 2019 Financial Stability report, the RBNZ warned that the frequency and severity of cybersecurity incidents were on the rise in New Zealand.

Suspected Russian hackers spied on US federal agencies

Suspected Russian hackers spied on US federal agencies

On Monday, the US national security council said it was working closely with the FBI and the Cybersecurity and Infrastructure Security Agency (Cisa) “to coordinate a swift and effective whole-of-government recovery and response to the recent compromise.”.

EU Lawmakers Seek Access to Encrypted Signal, WhatsApp Chats: Reports

EU Lawmakers Seek Access to Encrypted Signal, WhatsApp Chats: Reports

Lawmakers in the European Union may push for access to end-to-end encrypted chats in popular apps such as Signal and WhatsApp, according to a draft proposal circulated by the German government—currently president of the EU—over the weekend.

Privacy News Online | Weekly Review: October 2, 2020

Privacy News Online | Weekly Review: October 2, 2020

With real time bidding, Google sends personal data about internet activity to hundreds of advertising companies, and there’s no way to prevent this data from leaking.Privacy News Online is brought to you by Private Internet Access, the world’s most trusted VPN service.

A hacker published thousands of students' grades and private information after a Nevada school district refused to pay ransom

A hacker published thousands of students' grades and private information after a Nevada school district refused to pay ransom

Brett Callow, a threat analyst with cybersecurity firm Emsisoft, told Business Insider that he discovered leaked documents published to an online hacking forum that purported to include records from Nevada's Clark County School District, including students' names, social security numbers, addresses, and some financial information.

Hackers, Taking Advantage of At-Home Work, Drilling into Fed Agencies

Hackers, Taking Advantage of At-Home Work, Drilling into Fed Agencies

Housing Data Hit. Four years after reporting that the personal files of almost 500,000 Americans safeguarded in its system had been compromised, the Department of Housing and Urban Development is still failing to protect citizens’s sensitive information, including Social Security numbers, phone numbers, home addresses and dates of birth, the GAO said.

Iranian Hackers Can Now Beat Encrypted Apps, Researchers Say

Iranian Hackers Can Now Beat Encrypted Apps, Researchers Say

The reports, which were reviewed by The New York Times in advance of their release, say that the hackers have successfully infiltrated what were thought to be secure mobile phones and computers belonging to the targets, overcoming obstacles created by encrypted applications such as Telegram and, according to Miaan, even gaining access to information on WhatsApp. Both are popular messaging tools in Iran.

Report: 97% of Cybersecurity Companies Have Leaked Data on the Dark Web

Report: 97% of Cybersecurity Companies Have Leaked Data on the Dark Web

97% of companies have data leaks and other security incidents exposed on the Dark Web. 631,512 verified security incidents were found with over 25% (or 160,529) of those classed as a high or critical risk level+ containing highly sensitive information such as plaintext credentials or PII, including financial or similar data.

Peter Dutton confirms Australia could spy on its own citizens under cybersecurity plan

Peter Dutton confirms Australia could spy on its own citizens under cybersecurity plan

Dutton said law enforcement agencies would target terrorists, paedophiles and drug traffickers operating in the dark web – promising proposed new powers will apply “to those people and those people only”.

After Twitter Hack, Senator Asks Why DMs Aren't Encrypted

After Twitter Hack, Senator Asks Why DMs Aren't Encrypted

After hackers managed to take over a wave of high profile accounts on Twitter by leveraging access to an internal tool, Senator Ron Wyden is highlighting that the social network has not implemented end-to-encryption for direct messages, even though the company previously explored the idea.

Student finds privacy flaws in connected security and doorbell cameras

Student finds privacy flaws in connected security and doorbell cameras

Ring, Nest, SimpliSafe and eight other manufacturers of internet-connected doorbell and security cameras have been alerted to "systemic design flaws" discovered by Florida Tech computer science student Blake Janes that allows a shared account that appears to have been removed to actually remain in place with continued access to the video feed.

Computer science student discovers privacy flaws in security and doorbell cameras

Computer science student discovers privacy flaws in security and doorbell cameras

Ring, Nest, SimpliSafe and eight other manufacturers of internet-connected doorbell and security cameras have been alerted to systemic design flaws discovered by Florida Tech computer science student Blake Janes that allows a shared account that appears to have been removed to actually remain in place with continued access to the video feed.

Hospitals Outdated Operating Systems Might Leave Patients Data at Risk!

Hospitals Outdated Operating Systems Might Leave Patients Data at Risk!

The research was conducted by Palo Alto Networks , a cybersecurity firm, it revealed that 83% devices ran on outdated services that can’t even be updated even when it contains several loopholes that hackers can easily bypass and exploit.

Australian Signals Directorate has already spied on Australians, boss confirms

Australian Signals Directorate has already spied on Australians, boss confirms

Noble said that “while much of our cybersecurity role, and the protection of Australia’s digital borders, is conducted domestically – ASD is prohibited by legislation from producing intelligence on Australian persons except in rare circumstances, and only then under the authority of a ministerial authorisation”.

Privacy is Cybersecurity for People

Privacy is Cybersecurity for People

Some people still imagine that companies Cybersecurity is about protecting assets like film footage from movies, or studio production tracks from recording sessions with music artists, or secret plans for the next Apple computer (duh, its another iPhone).

Hacker group targeted law firms, released veterans’ stolen data related to PTSD claims

Hacker group targeted law firms, released veterans’ stolen data related to PTSD claims

Hackers have gained access to sensitive data from at least five law firms in the past four months, releasing stolen data that includes pain diary entries from veterans’ personal injury cases, Emsisoft, a cybersecurity and anti-malware company, told Military Times.

Cyberattacks against North Dakota state government skyrocket to 15M per month

Cyberattacks against North Dakota state government skyrocket to 15M per month

Shawn Riley, North Dakota's chief information officer and head of the information technology department, said there were more than 15 million cyberattacks against the state's government per month in 2019, a 300 percent increase since 2018.In 2018, there were about 5 million attempted cyberattacks per month.

Firefox attacks: Homeland Security urges all users to update browsers immediately in rare warning

Firefox attacks: Homeland Security urges all users to update browsers immediately in rare warning

The issue is this: Firefox versions for desktop older than the just-patched version contain a critical vulnerability that could allow an attacker to take control of a user’s entire operating system—whether they use Windows or Mac. More alarming, the vulnerability is already being exploited in the wild, thus Homeland Security stepping in with the urgent plea for users to upgrade.

New Intel CPU Vulnerability Puts Protected Data At Risk

New Intel CPU Vulnerability Puts Protected Data At Risk

Intel CPUs are at the center of controversy once again as yet another vulnerability is discovered by Cybersecurity researchers.According to their findings, the security vulnerability can compromise SGX (software guard extensions) protected by undervolting the CPU when executing protected computations, to the degree that the SGX memory encryption failed to protect data.

A Saudi Telecom Exposed a Streaming List of GPS Locations

A Saudi Telecom Exposed a Streaming List of GPS Locations

STCS, a Saudi Arabian telecom company, was running a server containing hundreds of thousands of constantly updated GPS locations before Motherboard contacted the organization about the issue.

Why hospitals are a weak spot in U.S. cybersecurity

Why hospitals are a weak spot in U.S. cybersecurity

"Cybercriminals know they are a soft target where they can access patient records and social security numbers and other information," Suzanne Schwartz, a deputy director in the FDA's device center, tells Axios.

Starting December 1st, China’s new MLPS 2.0 cybersecurity laws will require submission of a facial scan to receive internet access

Starting December 1st, China’s new MLPS 2.0 cybersecurity laws will require submission of a facial scan to receive internet access

China’s new MLPS (Multi-level Protection of Information Security) 2.0 cybersecurity laws goes into full effect on December 1st, 2019 and will see all internet service providers (ISPs) and mobile data providers requiring facial scans to sign up for new service.

Legit-Looking iPhone Lightning Cables That Hack You Will Be Mass Produced and Sold

Legit-Looking iPhone Lightning Cables That Hack You Will Be Mass Produced and Sold

After demoing the cable for Motherboard at the Def Con hacking conference this summer, MG said "It’s like being able to sit at the keyboard and mouse of the victim but without actually being there.".

Can you give away your fingerprints in a photo?

Can you give away your fingerprints in a photo?

Going to such lengths to protect your fingerprints might seem extreme, but incentives to bypass biometric security are growing as it increasingly shows up in everything from smartphones to door locks.“As biometrics become more prevalent in the authentication process, motivated attackers will definitely find innovative ways to bypass them,” said Vivek Chudgar, senior director at Mandiant, a consulting arm of cybersecurity firm FireEye. But some experts say harvesting fingerprints from pictures requires some specific conditions.

This Online Black Market Will Sell Your Entire Digital Identity

This Online Black Market Will Sell Your Entire Digital Identity

An online marketplace called Richlogs is selling stolen digital fingerprints that include access to a person’s entire online presence or web activity.Basically, it’s enough data to let a buyer totally assume their identity online, according to a report published Wednesday by the cybersecurity firm IntSight.

Why You Should Never Borrow Someone Else's Charging Cable

Why You Should Never Borrow Someone Else's Charging Cable

For the moment, Henderson says, a bigger threat than malicious charging cables is USB charging stations you see in public places like airports.Many travelers know that, in a pinch, the hotel front desk will often have a drawer of charging cables that were left behind by guests.

Cybersecurity Protections for SMBs Found to Be Lacking

Cybersecurity Protections for SMBs Found to Be Lacking

The ransom demand is also likely to be considerably higher than the cost of cybersecurity protections for SMBs to prevent ransomware attacks.