News Wrap: Twitter Hack, Apple Under Fire and Global Privacy Finger Wags
Threatpost editors talk about the biggest security news stories for the week ended Jul. 24.
START GROUP_REPLICATION can now take recovery credentials as parameters
From MySQL 8.0.21 onwards, START GROUP_REPLICATION includes new options which allow a user to specify credentials to be used for distributed recovery. You can now pass credentials when invoking START GROUP_REPLICATION instead of setting them when configuring the group_replication_recovery channel. START GROUP_REPLICATION command now has the options: USER: User name. … Tweet Share
Malicious ‘Blur’ Photo App Campaign Discovered on Google Play
Twenty-nine bad mobile apps with a combined 3.5 million downloads bombard users with out-of-context ads.
Cisco Network Security Flaw Leaks Sensitive Data
The flaw exists in Cisco’s network security Firepower Threat Defense (FTD) software and its Adaptive Security Appliance (ASA) software.
Garmin Suffers Reported Ransomware Attack
Garmin’s services, websites and customer service have all been down since Wednesday night.
Sharp Spike in Ransomware in U.S. as Pandemic Inspires Attackers
COVID-19 has changed the face of cybercrime, as the latest malware statistics show.
ASUS Home Router Bugs Open Consumers to Snooping Attacks
The two flaws allow man-in-the-middle attacks that would give an attacker access to all data flowing through the router.
Cisco, Zoom and Others Must Bolster Security, Say Privacy Chiefs
Privacy commissioners worldwide urged video conferencing systems like Microsoft, Cisco and Zoom to adopt end-to-end encryption, two-factor authentication and other security measures.
Twitter: Hackers Accessed Private Messages for Elite Accounts
A Dutch elected official is among those whose DMs were hijacked, the company said.
OilRig APT Drills into Malware Innovation with Unique Backdoor
The RDAT tool uses email as a C2 channel, with attachments that hide data and commands inside images.