Security Alerts & News
by Tymoteusz A. Góral

History
#188 Fraudsters Tap Kohl’s Cash for Cold Cash
Scam artists have been using hacked accounts from retailer Kohl’s.com to order high-priced, bulky merchandise that is then shipped to the victim’s home. While the crooks don’t get the stolen merchandise, the unauthorized purchases rack up valuable credits called “Kohl’s cash” that the thieves quickly redeem at Kohl’s locations for items that can be resold for cash or returned for gift cards.
#187 Netflix finishes its massive migration to the Amazon cloud
Netflix has been moving huge portions of its streaming operation to Amazon Web Services (AWS) for years now, and it says it has finally completed its giant shift to the cloud. “We are happy to report that in early January of 2016, after seven years of diligent effort, we have finally completed our cloud migration and shut down the last remaining data center bits used by our streaming service,” Netflix said in a blog post that it plans to publish at noon Eastern today.
#186 Chrome on Android to get physical with new IoT beacon support
Google's next version of Chrome will allow developers to send notifications and URLs from Bluetooth beacon-equipped objects. The new feature supports the Physical Web, a project that envisages every object, from movie posters to parking meters, being capable of broadcasting a URL that direct smartphones to a relevant web page or app.
#185 VTech 'is responsible' for kids' data says UK watchdog
The UK's data watchdog has said that VTech's new terms and conditions would not absolve it of liability in the case of future hack attacks. It emerged earlier this week that the toy company had changed its terms to say that families using its software did so at their "own risk".
#184 Qualcomm promises gigabit LTE speeds with Snapdragon X16 modem
New Snapdragon X16 modem, which together with the WTR5975 transceiver boasts Category 16 LTE download speeds of up to 1Gbps.
#183 Netflix malware and phishing campaigns help build emerging black market
Netflix’s popularity has sharply grown since its creation in 1997. The company recently launched its streaming service globally. It is now available in more than 190 regions around the world. This success has attracted the attention of attackers. We have observed malware and phishing campaigns targeting Netflix users’ information. The details are then added to a growing black market that claims to provide cheaper access to the service.
#182 New report contends mandatory crypto backdoors would be futile
The report, prepared by security researchers Bruce Schneier, Kathleen Seidel, and Saranya Vijayakumar, identified 865 hardware or software products from 55 countries that incorporate encryption. Of them, 546 originated from outside the US. The most common non-US country was Germany, a country that has publicly disavowed the kinds of backdoors advocated by FBI Director James Comey and other US officials. Although the Obama administration is no longer asking Congress for legislation requiring them
#181 Google takes wider action on 'right to be forgotten'
Under the "right to be forgotten" ruling, EU citizens may ask search engines to remove information about them. Now, removed results will not appear on any version of Google when viewed from Europe. EU privacy regulators previously asked the firm to do this. Until now, search results removed under the "right to be forgotten" were only omitted from European versions of Google - such as google.co.uk or google.fr.
#180 IoT Reality: Smart Devices, Dumb Defaults / CISCO about ComfortLink
Cisco researchers found that the ComfortLink devices allow attackers to gain remote access and also use these devices as a jumping off point to access the rest of a user’s network. Trane has not yet responded to requests for comment.
#179 Remtasu is disguising itself as a tool to appropriate Facebook accounts
Win32/Remtasu.Y variants are the most common in Latin America, mainly in Colombia but also in Turkey, Thailand, and other countries. One of the latest campaigns has been associated with a malicious tool supposedly aimed at obtaining Facebook account passwords.
#178 Rooting Malware Found in 3rd Party App Stores
Malicious apps were recently seen making the rounds in some third-party app stores. They spoof popular apps, increasing the chances of getting selected and downloaded. These include popular mobile games, mobile security apps, camera apps, music streaming apps, and so on. They even share the exact same package and certification with their Google Play counterpart.
#177 Banks remain a tempting target for cyber criminals
The ThreatMetrix Cybercrime Report for Q4 2015 found there has been a 40 per cent increase in cybercriminal activity against banks over the past 12 months, which includes more than 100 million attempts at fraud during this period: 21 million of these attempts came in just 90 days between October and December.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12