Rohit KVN reports: For the past few years, people have increasingly embracing Internet-of-Things (IoT)-based smart speakers and related accessories like lights and other consumer electronics. …. During a routine security screen, Check Point researchers tested popular Philips Hue smart bulbs and bridge, and to their shock, found vulnerabilities (CVE-2020-6007) that easily allowed them to breach…
Category: Commentaries and Analyses
DoppelPaymer Ransomware Sells Victims’ Data on Darknet if Not Paid
Lawrence Abrams reports: The DoppelPaymer Ransomware is the latest family threatening to sell or publish a victim’s stolen files if they do not pay a ransom demand. A new tactic being used by ransomware operators that perform network-wide encryption is to steal a victim’s files before encrypting any devices. They then threaten to publish or sell this…
Genesis market 2020 overview, a bazaar for buying data out of compromised computers.
Under The Breach explains: A group of sophisticated hackers team up to sell the data of computers they managed to infect. The site began operating around the beginning of 2019 and only let users with an invitation code to join (it maintains this exclusivity until today). To find a person who has invitation codes is…
Lawsuit in India Seeks to Shut Down Access to U.S. Journalism Website
Naomi Gilens of EFF writes: Computer security researchers and journalists play a critical role in uncovering flaws in software and information systems. Their research and reporting allows users to protect themselves, and vendors to repair their products before attackers can exploit security flaws. But all too often, corporations and governments try to silence reporters, and…
Trello exposed! Search turns up huge trove of private data
John E. Dunn reports: Hands up who’s used the increasingly popular online collaboration platform Trello? Trello is great for organising to-do lists and for coordinating team tasks. But it has its downsides too. […] Our global cybersecurity operations director at Sophos, Craig Jones, has been keeping an eye on this for a couple of years, first…
The cyber attack the UN tried to keep under wraps
The New Humanitarian reports: While researching cybersecurity last November, we came across a confidential report about the UN. Networks and databases had been severely compromised – and almost no one we spoke to had heard about it. This article about that attack adds to The New Humanitarian’s previous coverage on humanitarian data. We look at how the…