Vietnam-Linked Hackers Targeted Chinese Government Over Coronavirus Response: Researchers

Vietnam-Linked Hackers Targeted Chinese Government Over Coronavirus Response: ResearchersHackers working in support of the Vietnamese government have attempted to break into Chinese state organisations at the centre of Beijing’s effort to contain the coronavirus outbreak, U.S. cybersecurity firm FireEye said on Wednesday.

FireEye said a hacking group known as APT32 had tried to compromise the personal and professional email accounts of staff at China’s Ministry of Emergency Management and the government of Wuhan, the Chinese city at the centre of the global coronavirus pandemic.

Investigators at FireEye and other cybersecurity firms have said they believe APT32 operates on behalf of the Vietnamese government. The group’s recent activity mirrors attempts by a host of state-backed hackers to compromise governments, businesses and health agencies in search of information about the new disease and attempts to combat it .. more

Chinese hacker group caught bypassing 2FA

Chinese state-sponsored group APT20 has been busy hacking government entities and managed service providers.

Security researchers say they found evidence that a Chinese government-linked hacking group has been bypassing two-factor authentication (2FA) in a recent wave of attacks.

The attacks have been attributed to a group the cyber-security industry is tracking as APT20, believed to operate on the behest of the Beijing government, Dutch cyber-security firm Fox-IT said in a report published last week.

New Password Study by HYPR Finds 78% of People Had to Reset a Password They Forgot in Past 90 Days

35% Of People Keep All Their Passwords in Notebooks, Excel Files, Sticky Notes, etc.
2+ Year Study Examines Human Behavior, Providing Insight to How Personal and Work Related Passwords are Utilized

NEW YORK, December 10, 2019 — Passwords are the dominant way online services manage access to our personal and work-related lives. But often times, they’re more of a headache than a security tool. Today, HYPR, the leading provider of True Passwordless Security, released the findings of a two and a half year Password Usage Study, which compiled data from over 500 full-time workers across the United States and Canada to better understand how individuals use, treat and manage their passwords.

The study was developed by Yan Grinshtein, Head of User Experience at HYPR, who oversees the personal journeys users have for the company’s enterprise-facing solutions. It was split between two parts. The first part, purely workforce-related, helped understand how people use and manage passwords at their workplaces, while the second part was aimed to understand how people use and manage passwords in their personal life such as shopping, financial services, social, and more…

Ransomware gang breach data backup software used by hundreds of US dental offices

Hundreds of dental offices across the US have been crippled by a ransomware attack targeting a remote data backup service offered by a third-party.

PerCSoft and Digital Dental Record (DDR) — the two Wisconsin-based software companies — provide a solution called DDS Safe that delivers triple-layer protection by backing up sensitive medical records to the cloud, an offline workstation, and an in-office hard disk drive.

The irony here is that the attackers managed to breach this very infrastructure over the last weekend to deploy REvil (aka Sodinokibi) ransomware package on compromised devices. Interestingly, the strain is also responsible for the recent wave of infections across 23 local Texas agencies.

DDR was alerted to the attack on the morning of August 26, with roughly 400 dental practices across the country that rely on DDS Safe having their files locked out by the ransomware…

FAA asks public not to attach guns, bombs, or flamethrowers to drones

The Federal Aviation Administration would like you to know that drones and weapons are “a dangerous mix.” The government agency sent out a notice on Thursday “warning” the public “that it is illegal to operate a drone with a dangerous weapon attached.” A dangerous weapon is broadly defined as “any item that is used for, or is readily capable of, causing death or serious bodily injury.”

“Perhaps you’ve seen online photos and videos of drones with attached guns, bombs, fireworks, flamethrowers, and other dangerous items,” the FAA writes, nailing us to the wall. “Do not consider attaching any items such as these to a drone because operating a drone with such an item may result in significant harm to a person and to your bank account.” …

Why there’s no antivirus for iOS

It might seem strange that Kaspersky Lab doesn’t offer an antivirus app for iOS, but there’s a good reason: Apple doesn’t allow any proper antivirus apps into the App Store, saying “Apple designed the iOS platform with security at its core” and that the operating system does not need an antivirus utility.

That sounds rather arrogant, but it’s not marketing nonsense: Apple iOS is indeed designed to be very secure. iOS apps are executed in their own sandboxes — secure environments that seclude the apps, keeping them away from other apps’ data, not to mention from tampering with the operating system’s files. Under iOS, a wanna-be-malicious app won’t be able to steal or compromise anything; it won’t be permitted outside its own sandbox, where only its own data is stored and processed. That’s really helpful in terms of security…

都道府県別「危ない交差点ワースト5」を発表 ~交通事故の54.1%が交差点・交差点付近で発生、高齢者の交通事故が多発~ 【No.18-029】

一般社団法人 日本損害保険協会(会長:西澤 敬二)では、交差点での交通事故防止・軽減を目的として、9月21日(金)から始まる「秋の全国交通安全運動」に合わせ、全国地方新聞社連合会および警察庁の協力を得て、当協会ホームページに、最新の2017年「全国交通事故多発交差点マップ」を発表しました。


Facebook Gave Device Makers Deep Access to Data on Users and Friends

The company formed data-sharing partnerships with Apple, Samsung and dozens
of other device makers, raising new concerns about its privacy protections.
As Facebook sought to become the world’s dominant social media service, it struck agreements allowing phone and other device makers access to vast amounts of its users’ personal information.

Facebook has reached data-sharing partnerships with at least 60 device makers — including Apple, Amazon, BlackBerry, Microsoft and Samsung — over the last decade, starting before Facebook apps were widely available on smartphones, company officials said. The deals allowed Facebook to expand its reach and let device makers offer customers popular features of the social network, such as messaging, “like” buttons and address books…

Judge dismisses Kaspersky lawsuits about US government software ban

Kaspersky has had something of a tough time of it over the last year, first being hit by a ban on its software being used by the US government, and then a ban on advertising on Twitter. The Russian company sued the Trump administration over the software ban, and a judge has now dismissed the suits.

Kaspersky Lab had been looking to overturn the governmental ban, saying “we’ve done nothing wrong” in response to claims that the company is linked to the Russian government. The firm says it plans to appeal against the latest ruling…