Security

n September 2017, credit reporting giant Equifax came clean: It had been hacked, and the sensitive personal information of 143 million US citizens had been compromised—a number the company later revised up to 147.9 million. Names, birth dates, Social Security numbers, all gone in an unprecedented heist. On Monday, the Department of Justice identified the alleged culprit: China.

Attackers behind one of the world’s more destructive pieces of ransomware have found a new way to defeat defenses that might otherwise prevent the attack from encrypting data: installing a buggy driver first and then hacking it to burrow deeper into the targeted computer.

Many articles about cybersecurity risks in healthcare begin with descriptions of live simulations (so when in Rome). Imagine a doctor completely unaware of what they’re walking into triaging two patients: one in need of a hospital cardiac catheterization lab after an irregular electrocardiogram (EKG) reading, the other suffering from a stroke and needing a CT scan. All systems are down due to ransomware, so the physician working through the scenario can’t access electronic health records or use any of the assessment methods modern medicine is so reliant on. So, what to do?

A self-described "reverser/pwner [and] Windows kernel hacker" has demoed a working exploit for two recently discovered vulnerabilities in Windows Remote Desktop Gateway (RD Gateway).

The exploit takes advantage of the CVE-2020-0609 and CVE-2020-0610 vulnerabilities which have already been shown to make a denial of service attack possible. Now Luca Marcelli has shown how the same vulnerabilities can be exploited in a Remote Code Execution attack.

Nearly half of the teams in the National Football League appeared to have their Twitter accounts hacked Monday afternoon.

As of the time of this story's writing, 15 verified accounts belonging to professional football teams have tweeted out strange messages, and had their profile photos and banners disappear. The apparent hacks appear to have all happened within the span of a couple hours on Monday.

Over the last two years, security researchers have dug up one technique after another that lets a hacker trick Intel's microprocessors into spilling a computer's deepest secrets. As those flaws have been exposed, chipmakers have scrambled to patch them. But for one serious form of those attacks, it turns out that Intel still hasn't successfully patched the underlying problem despite 18 months of warnings—and not one but two failed attempts to do so.

Allegations that Amazon.com boss and Washington Post owner Jeff Bezos had his phone hacked by Saudi Crown Prince Mohammed bin Salman have put a spotlight on the security of smartphones and the secretive tools used to hack them.

Smartphones are effectively pocket-sized computers that run apps on operating systems such as Apple's iOS or Google's Android. Those devices have enabled a new world of connectivity unlimited free calls over WhatsApp, for example, or an atlas worth of up-to-the-second maps from Google - but also a parade of potential security problems.

Over the past two weeks, Mozilla's add-on review team has banned 197 Firefox add-ons that were caught executing malicious code, stealing user data, or using obfuscation to hide their source code.

The add-ons have been banned and removed from the Mozilla Add-on (AMO) portal to prevent new installs, but they've also been disabled in the browsers of the users who already installed them.

Citrix has finally released the last permanent fixes for the CVE-2019-19781 security flaw for version 10.5 of the Citrix Application Delivery Controller (ADC). The company now claims to have released permanent fixes for all supported versions of ADC, Gateway and SD-WAN WANOP.

Citrix has urged organisations to "patch immediately" - presumably, over the weekend. The flaw enables remote, unauthenticated attackers to perform arbitrary code execution, with exploits already having been detected in the wild.

Although macOS is traditionally considered to be a safe and secure operating system, cybercriminals are still trying to profit from macOS users according to new research from Kaspersky that revealed the Shlayer malware was the most widespread macOS threat last year.

The malware itself specializes in installing adware on users' devices which feeds illicit ads, intercepts and gathers users' browser queries and modifies search results to distribute even more advertising messages.