Security News

• Senate to probe Commonwealth digital service delivery following annus horribilis
  The Australian government has opposed a probe into the recurring failure of its digital initiatives, labelling it a waste of time and money.
  
• Australian businesses targeted in Cisco switch and router attacks: ACSC
  Attackers are leveraging misconfigurations in networks' Cisco Smart Install and SNMP protocols. Businesses are urged to review their device logs for any unusual activity.
  
• Following criticism, Cloudflare drops neo-Nazi site Daily Stormer
  The Daily Stormer website has found hosting trouble after several companies pulled the plug on the site after breaking terms of service.
  
• Claims resurface that Kaspersky helped Russian intelligence
  Yes, Kaspersky Lab works with government law enforcement agencies, just like American ones do. The company denies any wrongdoing with its work with Russia's government.
  
• Nokia 8: HMD Global's flagship smartphone is aimed at content creators
  With a new partnership with Zeiss optics, HMD Global brings a unique dual camera experience with advanced audio recording capability that is designed to capture the world around you.
  
• DJI modifies security over US Army drone concerns
  DJI will introduce a local data mode that will enable drone pilots to disconnect from the internet during flights.
  
• Cities might be getting smart, but are they secure?
  Connected devices and buildings can bring great efficiencies -- as well as new threats
  
• Locky ransomware is back from the dead again - with new 'Diablo' variant
  One of the most successful families of file-encrypting malware is back -- again -- with a new spam campaign.
  
• Amazon wants your enterprise database
  Amazon's awaited release of PostgreSQL on Aurora sharply raises the stakes in its competition with Oracle. Still in public preview, when will Aurora PostgresSQL go GA, and what can we look forward to in the roadmap? Here are some hints of what we expect.
  
• Google Chrome under attack: Have you used one of these hijacked extensions?
  Recent versions of several Chrome extensions have been compromised to spread malicious ads.
  

• Locky Ransomware Variant Slips Past Some Defenses
  Ransomware called IKARUSdilapidated is managing to slip into unsuspecting organizations as an unknown file.
  
• Flash’s Final Countdown Has Begun
  The impending demise of Adobe Flash will create legacy challenges similar to Windows XP as companies begin to wean themselves off the vulnerable code base.
  
• Maersk Shipping Reports $300M Loss Stemming from NotPetya Attack
  A.P. Moller -Maersk said June's NotPetya wiper malware attacks would cost the world's largest shipping container company $300M USD in lost revenue.
  
• Google Removes Chrome Extension Used in Banking Fraud
  Google has removed the Interface Online Chrome extension from the Chrome Web Store. The plugin was used by criminals in Brazil to target corporate users with the aim of stealing banking credentials.
  
• Seven More Chrome Extensions Compromised
  The list of compromised Chrome extensions that hijack traffic and substitute advertisements on victims’ browsers grows.
  
• Attackers Backdoor Another Software Update Mechanism
  Researchers at Kaspersky Lab said today that the update mechanism for Korean server management software provider NetSarang was compromised and serving a backdoor called ShadowPad.
  
• Spam Domains Imitating Popular Banks Spreading Trickbot Banking Trojan
  Researchers at My Online Security and the SANS Internet Storm Center have analyzed spam campaigns utilizing plausible imitations of legitimate banking domains to spread the Trickbot banking malware.
  
• Blizzard Entertainment Hit With Weekend DDoS Attack
  Blizzard Entertainment was hit with a crippling DDoS attack over the weekend that followed similar attacks last week that knocked gamers offline.
  
• Windows Search Bug Worth Watching, and Squashing
  Patches are available—and should be applied—that address a critical vulnerability in Windows Search that some are calling the next WannaCry. Others aren't so ready to do that.
  
• Smart Locks Bricked by Bad Update
  LockState's CEO says he is “deeply sorry” about an erroneous wireless update that bricked hundreds of smart locks.