Sophos – Page 118 – PossibleThreat Articles

ISS World “malware attack” leaves employees offline

February 20, 2020 0 Comments iss, iss world, malware

Credit to Author: Paul Ducklin| Date: Thu, 20 Feb 2020 20:18:04 +0000

A global facilities company with half-a-million staff has shuttered most of its IT systems after a malware attack.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/y0hNTP9Tc8U” height=”1″ width=”1″ alt=””/>

Security Sophos

Ransomware attack forces 2-day shutdown of natural gas pipeline

February 20, 2020 0 Comments cisa, cybersecurity and infrastructure security agency, department of homeland security, dhs, Government security, infrastructure, malware, natural gas facility, phishing, Ransomware, security threats, spearphishing, utilities

Credit to Author: Lisa Vaas| Date: Thu, 20 Feb 2020 14:35:31 +0000

The attacker(s) infected both IT and operational networks with an unspecified ransomware strain, though the facility never lost control.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/YqiqInxA_Kc” height=”1″ width=”1″ alt=””/>

Security Sophos

Nearly half of hospital Windows systems still vulnerable to RDP bugs

February 20, 2020 0 Comments BlueKeep, dejablue, Government security, Medical Devices, Microsoft, nhs, Operating Systems, security threats, vulnerability, Windows, wormable, worms

Credit to Author: Danny Bradbury| Date: Thu, 20 Feb 2020 13:58:46 +0000

Almost half of connected hospital devices are still exposed to the wormable BlueKeep Windows flaw nearly a year after it was announced, according to a report released this week.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/wGhEwriWtkU” height=”1″ width=”1″ alt=””/>

Security Sophos

Firefox 73.0.1 fixes crashes, blank web pages and DRM niggles

February 20, 2020 0 Comments 0patch, DNS-over-HTTPS, firefox, Mozilla, nextdns, security threats, vulnerability, Web Browsers

Credit to Author: John E Dunn| Date: Thu, 20 Feb 2020 11:20:44 +0000

Firefox version 73 has only been out for a week but already Mozilla has had to update it to v73.0.1 to fix a range of browser problems.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/caf79LMUoQo” height=”1″ width=”1″ alt=””/>

Security Sophos

Ring makes 2FA mandatory to keep hackers out of your doorbell account

February 20, 2020 0 Comments 2-factor Authentication, 2fa, amazon, credential stuffing, Data Sharing, doorbell, Internet of Things, IoT, neighbors, password reuse, ring, security threats, video doorbell, webcam

Credit to Author: Lisa Vaas| Date: Thu, 20 Feb 2020 10:03:25 +0000

Amazon is following Google’s lead by forcing all users to use two-factor authentication when logging into their Ring accounts.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/ZP4hOfnjH24″ height=”1″ width=”1″ alt=””/>

Security Sophos

Private photos leaked by PhotoSquared’s unsecured cloud storage

February 19, 2020 0 Comments amazon s3, amazon simple storage service (s3) bucket, Amazon web services, amazon web services (aws) storage bucket, Android, AWS, breach, CCPA, Cloud, cloud storage, credit card fraud, data breach, data leak, data loss, exposed database, financial fraud, identity theft, iOS, leak, Mobile, personally identifiable information, phishing, photo apps, photosquared, PII, port scanning, Privacy, s3 database, security threats, vpnMentor, web mapping

Credit to Author: Lisa Vaas| Date: Wed, 19 Feb 2020 11:49:20 +0000

With no password required and no encryption in place, a burglar or ID thief could have seen your photos, your address and more.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/v6L-VwD68-Y” height=”1″ width=”1″ alt=””/>

Security Sophos

Facebook asks to be regulated kinda like a newspaper, kinda like telco

February 19, 2020 0 Comments content moderation, european commission, extremist content, facebook, fake news, harms regulation, Law & order, Mark Zuckerberg, political advertising, Privacy, regulations, regulators, rules for the internet, Social networks, uk

Credit to Author: Lisa Vaas| Date: Wed, 19 Feb 2020 11:37:17 +0000

Zuckerberg is in Brussels right in time for the European Commission’s release of its manifesto on regulating AI.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/vD36QJcf5Ls” height=”1″ width=”1″ alt=””/>

Security Sophos

WordPress plugin hole could have allowed attackers to wipe websites

February 19, 2020 0 Comments data loss, demo importer plugin, plugin developer, plugins, security threats, themegrill, vulnerability, webarx, Wordpress, WordPress plugin

Credit to Author: Danny Bradbury| Date: Wed, 19 Feb 2020 11:21:03 +0000

A WordPress plugin with over 100,000 active installations had a bug that could have allowed unauthorised attackers to wipe its users’ blogs clean, it emerged this week.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/GCOxf6ngpvk” height=”1″ width=”1″ alt=””/>

Security Sophos

OpenSSH eases admin hassles with FIDO U2F token support

February 19, 2020 0 Comments 2fa, cryptographic keys, Cryptography, fido, fido u2f, hashing, openssh, passwordless login, Privacy, sha-1, ssh

Credit to Author: John E Dunn| Date: Wed, 19 Feb 2020 11:00:53 +0000

OpenSSH version 8.2 is out and the big news is that the world’s most popular remote management software now supports authentication using any FIDO (Fast Identity Online) U2F hardware token.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/sDQy3vGdNuw” height=”1″ width=”1″ alt=””/>

Security Sophos

XG Firewall v18 is now available

February 18, 2020 0 Comments Corporate, Network, sidebar, Sophos Central, xg firewall v18, xstream architecture

Credit to Author: Chris McCormack| Date: Tue, 18 Feb 2020 14:00:18 +0000

Introducing the all-new Xstream Architecture<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/wTiPAHQ-dzk” height=”1″ width=”1″ alt=””/>