720-891-1663

Security News for the Week Ending May 6, 2022

Tomorrow is the one-year anniversary of the Colonial Pipeline attack. The government has done more to improve cybersecurity in the last year than it had done in the last 10 years. But there is still a lot more to do.

Jury Finds Norton/Lifelock Infringed on Two Columbia University Patents

Even in the world of cybersecurity, patent infringement is a problem. A jury decided that Norton’s use of emulators to detect malicious behavior violated patents owned by Columbia. Norton says they will stop using the technology and appeal the verdict. Among the Norton products affected are Norton Security and Symantec Endpoint Protection. Since the infringement was deemed to be willful, the judge could triple the $185 million judgement. The suit goes back to 2013. Credit: Data Breach Today

Data Broker Stops Selling Location Data of Planned Parenthood Visitors One Day After Being Outed

Yesterday I read a piece that one of the security trade magazines bought data on visitors to all Planned Parenthood visitors, including where they went after (home) and where they came from before (work). They paid $160. I think the company, SafeGraph, decided the incredibly negative PR wasn’t worth $160, so today they decided to stop selling it. That doesn’t mean other greedy data brokers will do the same – In the U.S. there is nothing illegal about it. Credit: Motherboard by Vice

Cryptocurrency Projects Are As Secure As a Screen Door

In just four days hackers stole over $100 million in cryptocurrency. Who pays for that? Fei Protocol lost $77 million, Saddle Finance $10 million, Deus Finance $13 million and Bored Apes $6 million. There is no government insurance for cryptocurrency owners. Credit: Metacurity

Ukrainians Figure Out How to Beat Russia – Shut Off its Booze

Ukraine’s army of hackers have figured out how to hit Russia where it hurts. Russia requires the booze industry to use a government run portal call EGAIS. Hackers have kept it out of commission, so stores can’t “receive” alcohol, factories can’t accept tanks of alcohol, and distributors can’t ship or receive products. As a result, factories are reducing or stopping production. Interesting attack. Credit: Bleeping Computer

Spain Admits It Hacked Some of its Politician’s Phones

After a week of public reporting that some Spanish politician’s phones had been hacked using the Pegasus spyware, a leading Catalan separatist politician said that Spain’s top intelligence official said that her agency did, in fact, hack some opposing politician’s phones. But, she said, it was all legal. Reports say that the court orders were for far fewer people than Citizen Labs found infected, so who hacked the rest of the phones? If you are high profile in any way you should assume your phone is not secure. Even secure message apps like Signal or iMessage would not be secure since the phone itself is compromised. This follows the disclosure, earlier in the week, that Spain’s Prime Minister and Defense Minister’s phones were both infected with Pegasus spyware by someone. Pegasus is so stealthy that even the government’s cyber sleuths did not detect it until the facts were reported in the media. Credit: ABC News

Treasury Sanctions Cryptocurrency Mixer BLENDER

Mixers are apps that are designed to obfuscate cryptocurrency transactions, to make them harder to track. I am not sure that sanctioning one of the hundreds of these mixers will really help, but I guess it can’t hurt. Credit: The Register

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *