Mysterious Bugs Were Used to Hack iPhones and Android Phones and No One Will Talk About It

Image: Cathryn Virginia/VICE "This feels like spy shit." Do you have any information on these vulnerabilities, or the hackers who used them? We'd love to hear from you. Using a non-work phone or computer, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, on Wickr at lorenzofb, OTR chat at lorenzofb@jabber.ccc.de, or email lorenzofb@vice.com .

Vice

Vietnamese hacking group OceanLotus uses imitation news sites to spread malware

Suspected Vietnamese government-linked hackers are behind a series of fake news websites and Facebook pages meant to target victims with malicious software, according to Volexity research published Friday. The hackers, known as OceanLotus or APT32, historically have targeted companies that have business interests in Vietnam.

CyberScoop

What's stopping job seekers from considering a career in cybersecurity? - Help Net Security

The cybersecurity industry no longer has an image problem, but many things are still stopping individuals from considering a career in cybersecurity: a high cost of entry (the need for more education /certification / technical knowledge / training), the inability to code and the perception of the field as too intimidating.

Help Net Security

Windows 10, iOS, Chrome, and many others fall at China's top hacking contest | ZDNet

Many of today's top software programs have been hacked using new and never-before-seen exploits at this year's edition of the Tianfu Cup - China's largest and most prestigious hacking competition. Held in the city of Chengdu, in central China, the third edition of the Tianfu Cup ended earlier today.

ZDNet

FTC Requires Zoom to Enhance its Security Practices as Part of Settlement

Note: The FTC will host a conference call TODAY for media at Noon ET. The Call-in number is 844-291-6360 and the access code is 389969. Call-in lines, which are for media only, will open 15 minutes prior to the start of the call.

Federal Trade Commission

Thread by @cain_nate on Thread Reader App

I've spent 23 years in cybersecurity/information security. The bulk of my work has been in vulnerability assessment and validation. I hold credentials as a Certified Information Systems Security Professional (CISSP) with ISC2. I'm a Navy Qualified Validator (NQV) authorized to...

Threadreaderapp

Ransomware Group Turns to Facebook Ads

It's bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.

Krebsonsecurity

5 Lessons Learnt from BJJ that Are Applicable to Cybersecurity

Over the last decade, I have focused quite heavily on technology and the cybersecurity space. I've been motivated to create a world that is more inclusive and safer. In 2019, I began a bit of a different journey.

The State of Security

Malicious File Transfer: What You Need To Know About an Attacker's Methods and Techniques To Protect Your Organization From Malware

One of the most effective ways for threat actors to infiltrate a network's defenses is through the use of malware. As I discussed in our Security Effectiveness Report: Malicious File Transfer video, there are a few main ways that malware enters a network: malicious websites, social engineering, insider threat, and phishing.

FireEye

Ink-Stained Wretches: The Battle for the Soul of Digital Freedom Taking Place Inside Your Printer

Since its founding in the 1930s, Hewlett-Packard has been synonymous with innovation, and many's the engineer who had cause to praise its workhorse oscillators, minicomputers, servers, and PCs. But since the turn of this century, the company's changed its name to HP and its focus to sleazy ways to...

Electronic Frontier Foundation

Luxottica data breach exposes LensCrafters, EyeMed patient info

A Luxottica data breach has exposed the personal and protected health information for patients of LensCrafters, Target Optical, EyeMed, and other eye care practices. Luxottica is the world's largest eyewear company with a portfolio of well-known eyeglass brands, including Ray-Ban, Oakley, Oliver Peoples, Ferrari, Michael Kors, Bulgari, Armani, Prada, Chanel, and Coach.

BleepingComputer