Petition Asks Supreme Court to Review Section 702 Surveillance
Privacy advocates are asking the United States Supreme Court to review the section of the Foreign Intelligence Surveillance Act that allows the NSA to collect massive amounts of electronic communications, including some belonging to Americans. In a petition filed this week, the EFF urged the country’s highest court to look at Section 702 of FISA, […]
Phone Scammers Now Pushing Fake Government Grants
Not content with impersonating IRS agents, phone scammers now are pretending to work for the National Institutes of Health and telling victims that they’ve won an NIH grant but must pay a fee in order to get the money. The scam is a variation of the broader scheme in which fraudsters impersonate employees of various […]
Ukrainian Police Arrest Suspect in Petya Ransomware Campaign
Police in Ukraine have arrested a 51-year-old man in connection with spreading the notorious Petya ransomware earlier this summer. In their statement, the Ukraine Cyberpolice did not say that the man was accused of creating Petya, only that he allegedly helped spread it. The outbreak of a ransomware connected to Petya in June was centered in Ukraine […]
Mamba Ransomware Pokes Its Head Back Up
The ransomware that wreaked havoc on San Francisco’s Muni mass transit system last Thanksgiving has resurfaced and is infecting enterprises in several countries around the world. The Mamba ransomware used in these attacks isn’t one of the big-name variants like Cryptolocker or Petya, but it has the potential to cause serious problems. Last November the malware infected […]
EFF Asks Court to Require Warrants For Device Searches at the Border
A case making its way through the United States court system right now could have long-lasting effects on how much–if any–privacy travelers have when they reach the border. The case revolves around the prosecution of a woman named Maria Isabel Molina-Isidoro, whose phone was searched at the U.S. border. Some of the information found on the […]
Microsoft Will Drop Trust For WoSign Certificates
Microsoft is following the lead of Google, albeit quite slowly, and removing trust for certificates issued by Chinese CAs WoSign and StartCom in its products. The decision is a result of the companies issuing some certificates in 2015 and 2016 that violated rules established by the CA/Browser forum. Specifically, researchers discovered that the CAs had […]
10 Critical Remotely Exploitable Bugs Patched in Android
Google has released fixes for a long list of vulnerabilities in Android, including 10 critical flaws that could lead to remote code execution. All of the critical vulnerabilities fixed in Android’s August security update are in the operating system’s media framework. Google doesn’t provide many details about the vulnerabilities fixed in Android any longer, but […]
Tech Support Scammers Turn to Spam
Criminals who run fake tech support scams are expanding their range of tactics, and now are using spam messages to push victims to their scam sites. Historically, these schemes have been run through two main channels: phone calls or malicious online ads. Victims who visit sketchy sites containing malicious ads connected to fake tech support scams will […]
Siemens Medical Scanners Open to Simple Remote Exploitation
Siemens is warning customers that some of its CT and PET scanning machines have a pair of remotely exploitable vulnerabilities that attackers can use to execute arbitrary code. The flaws actually lie in Windows XP, the operating system on which the imaging equipment runs. One of the vulnerabilities was disclosed earlier this summer, while the […]