[ad_1]
Verizon notifies customers that their accounts have been compromised
This week, Verizon announced an undisclosed number that hackers may have gained access to accounts and processed unauthorized SIM card changes between October 6 and October 10, 2022. of customers were warned. Verizon indicated that the attackers may have also accessed customer names, phone numbers, billing addresses, pricing plans, and other service-related information. The company said it reset his PIN on the account and reverted the unauthorized account changes. He reported that at least one customer believed he used details exposed in the Verizon breach to access his cryptocurrency accounts.
(computer beeping)
German cyber chief sacked over alleged ties to Russia
On Tuesday, Germany’s chief cybersecurity officer, Arne Schönbohm, was dismissed from his post after a hit comedy TV show highlighted ties to Russia’s intelligence services. German satirical news show ZDF Magazin Royale claims that Schoenbaum co-founded and was in contact with a lobbying group that included a Russian cybersecurity firm set up by Russian intelligence services. A spokeswoman for the German Interior Ministry said the news had “permanently undermined much-needed public confidence in neutrality and impartiality”.
(New York Times)
Fortinet Vulnerabilities Actively Exploited
Last week’s Cyber Security Headlines covered a critical Fortinet zero-day authentication bypass vulnerability tracked as CVE-2022-40684. Fortinet has confirmed that this bug is being actively exploited in the wild. At least 17,000 FortiOS (7.0.0 to 7.0.6 and 7.2.0 to 7.2.1) and FortiProxy (7.0.0 to 7.0.6 and 7.2.0) devices are exposed online and remain vulnerable. Customers should upgrade their systems as soon as possible, or if an upgrade is not possible, disable the HTTP/HTTPS management interface or limit the IP addresses that can access it.
(Security affairs)
European police arrest car hacker suspect
European police have arrested 31 suspects on suspicion of being involved in a sophisticated conspiracy to steal connected cars. Car thieves targeted two unnamed French automakers and used a tool marketed as an “auto diagnostic solution” to replace legitimate software loaded into their vehicles. This software allowed us to open the door and start the ignition without having to use the key fob. The hack in question has evidence that his tools were sold to third parties online. Authorities seized more than €1 million of his criminal assets and arrested some of the car theft suspects, as well as a suspected malware developer and reseller.
(Info Security Magazine)
Thanks to SafeBase for sponsoring today’s episode
Gen Z and Millennials Are Less Serious About Cybersecurity for Work Devices
New Ernst & Young report finds most U.S. employees understand their employer’s cybersecurity protocols, but Gen Z and millennial employees are least likely to prioritize or adhere to them It became clear. Nearly half of Gen Z (48%) and nearly one-third (39%) of millennial employees take cybersecurity protection for personal devices more seriously than work devices, putting businesses at risk I accept that it can be exposed. Also, Gen Z and millennial employees are more likely than older generations to use the same password for both work and personal accounts, and that on work devices he is more likely to accept her cookies in web browsers. is higher.
(ray)
Microsoft shares fixes for Exchange Online mailbox issues
Microsoft is working on a fix for a known issue that may prevent customers from configuring their Exchange Online mailbox in Outlook for Windows. These configuration issues are due to Autodiscover flow 603 errors that occur during Outlook connectivity tests. This known issue affects several Outlook desktop clients, including Outlook for Microsoft 365, Outlook 2021, Outlook 2019, and Outlook 2016.
(computer beeping)
Phishing is the number one cybersecurity threat targeting car dealerships
A new report from CDK Global reveals that 15% of auto dealers have experienced a cybersecurity incident in the past year. Of these, a whopping 85% of incidents were caused by phishing attacks, resulting in data breaches, IT-related business disruptions, and lost revenue. The survey found that only 37% of auto retailers are confident in their current cybersecurity protections, a 21% drop in preparedness from last year’s survey. The report also found that nearly 60% of dealers plan to prioritize investments in cybersecurity infrastructure, hire cybersecurity professionals, and provide cybersecurity training to staff. understood.
(Security Magazine)
Apple restores Russian social network without explanation
Apple has restored Russian social network VKontatke and webmail provider Mail.Ru to the App Store three weeks after removing them for sanctions violations. Developed in Russia, his two services serve as alternatives to Facebook and Gmail, with a comparable domestic market share. The apps were removed from Apple’s platform in late September following a series of UK sanctions targeting the financial institutions that own them. Critics of censorship accuse Apple of “random and opaque” control over App Store content.
(guardian)
[ad_2]
Source link
