Updates to Anti-Social Media
The Register: Happy having Amazon tiptoe into your house? Why not the car, then? In-trunk delivery – what could go wrong? – “New Bezos scheme opens up vehicles as drop-off points” What could go wrong?
Sophos: Ex-Reddit mogul apologizes for making the world ‘a worse place’ “New York Magazine recently interviewed McComas for a project called “The Internet Apologizes.”That project has involved interviews with more than a dozen prominent technology figures about “what has gone wrong with the contemporary internet.” “
Graham Cluley for ESET: Ethereum cryptocurrency wallets raided after Amazon’s internet domain service hijacked
Help Net Security: Exfiltrating private keys from air-gapped cold wallets
Bill Harris for Recode: Bitcoin is the greatest scam in history “It’s a colossal pump-and-dump scheme, the likes of which the world has never seen.” Harsh!
Kyle Orland for Ars Technica: The “unpatchable” exploit that makes every current Nintendo Switch hackable [Updated] “Newly published Tegra bootROM exploit could be a big headache for Nintendo and others.” Commentary from The Verge: Nintendo’s Switch can be hacked to run custom apps and games.
Help Net: Effective intrusion detection for the Internet of Things – summarizes the research paper D¨IOT: A Crowdsourced Self-learning Approach for Detecting Compromised IoT Devices
Help Net: Cybersecurity task force addresses medical device safety. Also: Help Net – FDA plans to improve medical device cybersecurity
Updates to Tech support scams resource page
Christopher Burgess for Security Boulevard: When Scammers Fill the Tech Support Void Burgess says: “I still haven’t figured out why those companies that provide tech support tend to hide the connectivity to these saviors of their brand in the weeds of the website, but they do, and we search—and sometimes we strike gold.” (I have some thoughts to add on this.)
Updates to: Ransomware Resources
Graham Cluley: The firms that piggyback on ransomware attacks for profit “DON’T WANT TO PAY THE RANSOM? PAY US, AND WE’LL PAY IT FOR YOU! … It seems there are firms out there who are charging ransomware victims a hefty premium for the safe return of your data – when all that’s actually happening is they are paying the ransom on your behalf.”
Ross Ryan for the Prince Edward Island Guardian: P.E.I. government website hit by ransomware attack
Updates to Specific Ransomware Families and Types
Updates to Mac Virus
- Bleeping Computer: macOS App Can Detect Evil Maid Attacks. Describes Do Not Disturbfrom Patrick Wardle, a free open-source utility that detects ‘evil maid’ (physical access) attacks on Macs.
- The Register: Apple debugs debugger, nukes pesky vulns in iOS, WebKit, macOS – “Cook’s Cupertino crew corrects coding cockups”