The Week in Cyber Security News, August 3 - 9
01.Prominent Pakistani news channel 'Dawn' has had its transmission hacked and an Indian flag, along with a ‘Happy Independence Day’ message, shown.
02.BlackBerry has announced that its open-source internal tool, PE Tree, is now available for all security professionals to use for reverse engineering malware.
03.The Federal Bureau of Investigation has issued a warning to online shoppers after a rise in the number of Americans not receiving items purchased on the internet.
04.The bond hearing of the Florida teen accused of hacking numerous high-profile Twitter accounts has itself been hacked, after Zoombombers took advantage of the the password-free Zoom hearing and shouted racial slurs, played music, and showed pornographic images.
05.Intelligence agencies in the US have released information about a new variant of the 12-year-old Taidoor computer virus used by China's state-sponsored hackers targeting governments, corporations, and think tanks.
06.Attackers looking to steal sensitive information like contacts, call history, and SMS verification codes from Android devices only need to target Bluetooth protocols.
07.The United States National Security Agency has issued new advice on securing mobile devices that says location services create a security risk for staff who work in defence or national security.
08.Intel is investigating the purported leak of more than 20 gigabytes of its proprietary data and source code that a security researcher said came from a data breach earlier this year.
09.It's been revealed that an exploit commonly used against Windows users who own Microsoft Office can sneak into MacOS systems as well, with one of the weak spots being a nearly 30-year-old file format, SYLK Excel file format (.SLK).
10.Researchers have discovered 20-year-old code in Windows Print Spooler that allows a denial of service vulnerability, reported earlier this year, to crash the service on Windows 2000.
11.Canon Inc., a Japanese multinational corporation specializing in optical and imaging products, has allegedly fallen victim to a ransomware attack deployed by Maze group that affected "multiple applications, Teams, Email and other systems", as well as Canon-related websites.
12.A phishing scam has been discovered targeting cPanel users with a fake security advisory alerting them of critical vulnerabilities in their web hosting management panel.
13.Australian universities using the ProctorU online exam monitoring tool are included in a data breach affecting 444,000 users of the platform.
14.The Chinese government has deployed an update to its national censorship tool, known as the Great Firewall (GFW), to block encrypted HTTPS connections that are being set up using modern, interception-proof protocols and technologies.
. . .
If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.
