SecurityWeek
Russian Pleads Guilty in Virginia to Large-Scale Card Fraud
A Russian national pleaded guilty Thursday to running a website that helped people commit more than $20 million in credit-card fraud.
Aleksei Burkov, 29, of St. Petersburg, Russia, entered the plea to charges including fraud and money laundering in a federal court in Alexandria.
Safari's Intelligent Tracking Prevention Fails to Prevent Tracking
The privacy mechanism implemented by Apple’s Safari browser to prevent user tracking across websites is not efficient at protecting users’ privacy, Google security researchers have discovered.
Some Hackers Take the Ransom and Run: Researchers
Paying off hackers after a ransomware infection could end up being a total loss, according to a study released Thursday which finds some attackers just take the money and run.
Cisco Patches Critical Vulnerability in Network Security Tool
A critical vulnerability in the Cisco Firepower Management Center (FMC) could allow a remote attacker to bypass authentication and execute arbitrary actions on affected devices as administrator.
CloudKnox Security Raises $12 Million in Funding
Cloud security firm CloudKnox Security today announced that it has raised $12 million in a new funding round, which brings its total funding to $22.75 million.
Vulnerabilities Found in GE Healthcare Patient Monitoring Products
Several potentially serious vulnerabilities have been found in patient monitoring products made by GE Healthcare, the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) and healthcare cybersecurity firm CyberMDX revealed on Thursday.
Targeted Phishing Campaign Leverages Death of Iranian General Qasem Suleimani
A targeted phishing campaign against government entities in Persian Gulf and Middle East countries was detected earlier this month. The campaign was using the heightened tension in the region following the killing of Iranian general Qasem Suleimani at a Baghdad airport, and used emails purporting to come from the Ministry of Foreign Affairs of the Kingdom of Bahrain, Saudi Arabia, and the United Arab Emirates.
What We Know, And Don’t, About the Alleged Bezos Phone Hack
U.N. human rights experts are asking Washington to investigate a suspected Saudi hack that may have siphoned data from the personal smartphone of Jeff Bezos, Amazon founder and owner of The Washington Post. But the forensic evidence they cite comes from an incomplete study of Bezos’s phone, raising multiple questions.
Data Security Startup Privafy Emerges From Stealth Mode
Data security solutions provider Privafy has emerged from stealth mode with $22 million in funding, which it will use to scale product development.
Iran-Linked RAT Used in Recent Attacks on European Energy Sector
Attacks recently identified to target a key organization in the European energy sector have employed a remote access Trojan (RAT) previously associated with Iran-linked threat actors, Recorded Future reports.
Serious Vulnerabilities Expose Honeywell Surveillance Systems to Attacks
Some of Honeywell’s MAXPRO video surveillance systems are affected by serious vulnerabilities that can be exploited by hackers to take complete control of the system, a researcher has discovered.
US Presses France for 'Strong Security Measures' Against Huawei
The United States pressed France on Wednesday to take "strong security measures" against potential breaches from 5G services provided by Chinese telecommunications firm Huawei, saying failure to do so could imperil intelligence exchanges.
Multiple Vulnerabilities Found in AMD ATI Radeon Graphics Cards
Security vulnerabilities in some AMD ATI Radeon graphics cards could allow attackers to remotely execute code or cause a denial of service condition, researchers from Cisco Talos have warned.
Wednesday is Deadline for Claims in 2017 Equifax Data Breach
Wednesday is the deadline to seek cash payments and claim free services as part of Equifax's $700 million settlement over a massive data breach.
Cyber Insurance Provider Coalition Acquires BinaryEdge
Coalition, a San Francisco-based cyber insurance provider for SMBs, on Wednesday announced that it has acquired internet scanning and threat intelligence services provider BinaryEdge. Financial terms of the deal have not been disclosed.
UN Experts Urge Probe Into Alleged Saudi Hacking of Bezos Phone
Independent UN rights experts said Wednesday they had received information that Amazon owner Jeff Bezos's phone was hacked through a WhatsApp account belonging to Saudi Crown Prince Mohammad bin Salman.
Intezer Raises $15 Million in Series B Funding
Cyber threat detection provider Intezer this week announced it has raised $15 million in a Series B funding round.
The New York-based cyber-security company helps organizations detect threats by revealing the “genetic” origins of software code, and also provides context on how to respond to incidents.
World Economic Forum Global Risks Report Highlights Dangers of Digital innovation
Source Code Released for All ProtonVPN Apps
Proton Technologies, the company best known for its privacy-focused email service ProtonMail, this week announced that the source code for all of its ProtonVPN virtual private network (VPN) applications has been made public after each app underwent independent security audits.