Collaborate Disseminate
The Jokeroo ransomware-as-a-service (RaaS) offers various membership plans through which would-be digital criminals can become affiliates. In his analysis of the ransomware-as-a-service, Bleeping Computer creator and owner Lawrence Abrams found that Jo… Continue reading Various Membership Plans Offered by Jokeroo Ransomware-as-a-Service
TikTok has agreed to pay a penalty of $5.7 million in order to settle allegations that it illegally collected children’s personal data. The penalty effectively settles a complaint submitted by the U.S. Federal Trade Commission against TikTok alle… Continue reading TikTok Fined $5.7M for Illegally Collecting Children’s Personal Data
Ring Doorbell has patched a flaw that allowed attackers to spy on and inject their own application footage, thereby undermining users’ home security. Researchers at Dojo, Bullguard’s Internet of Things (IoT) security team, discovered the vu… Continue reading Ring Doorbell Fixes Flaw that Allowed Attackers to Spy on, Inject Footage
Researchers have uncovered a new family of malware called “Farseer” that’s designed to conduct surveillance against Windows users. Discovered by Palo Alto Networks, Farseer works by using a technique known as “DLL sideloading… Continue reading New ‘Farseer’ Malware Designed to Spy on Windows Users
A couple of phishing schemes are currently targeting contractors who do business with two U.S. federal government agencies. Anomali Labs uncovered a malicious server hosting the two schemes in late February 2019. The first scheme begins when users visi… Continue reading Online Bidding Phishing Schemes Targeting U.S. Government Contractors
A new bill would strengthen California’s data breach notification law by expanding the types of information of whose exposure businesses are legally obligated to inform their customers. On 21 February, California Attorney General Xavier Becerra a… Continue reading Proposed Bill Would Strengthen California’s Data Breach Notification Law
The Separ infostealer is using what’s known as “Living off the Land” tactics to target businesses as part of an ongoing attack campaign. Digital security company Deep Instinct detected the campaign and observed that an infection begin… Continue reading Separ Infostealer Using “Living off the Land” Tactics to Target Businesses
Researchers have released an updated decryptor that allows victims of GandCrab ransomware version 5.1 to recover their affected files for free. On 19 February, Bitdefender announced that they had developed the decryptor in collaboration with the Romani… Continue reading Decryptor Now Available for Files Affected by GandCrab Ransomware v5.1
Some customers of Optus said they saw incorrect information when they attempted to log into their profiles using the My Account website. On 13 February, customers of Australia’s second-largest telecommunications company took to Twitter to explain… Continue reading Optus Customers Saw Incorrect Info After Logging Into My Account Site
Online data science learning platform DataCamp implemented a password reset for some of its users potentially affected by a data security incident. According to a statement published on its website, DataCamp discovered on 11 February 2019 that a third … Continue reading DataCamp Implements Partial Password Reset After Data Security Incident