Jeff Butts and Andrew Orr join host Kelly Guimont to discuss this week’s security news, and some tips for better online safety.
Security Friday
Cybercrime Group 'Sandworm' Uses New Cyclops Blink Malware
A group or individual known as Sandworm or Voodoo Bear is using a piece of malware never before seen in the wild, called Cyclops Blink.
Security Friday: Actually Some Good News – TMO Daily Observations 2022-02-18
Andrew Orr and Kelly Guimont discuss the Security Friday news of the week including deepfake scams and nefarious AirTag schemes.
FBI Warns of Money Transfer Scams Over Video Calls
The FBI is warning consumers to be aware of scammers impersonating high-level company executives to trick employees into transferring money.
Passware's Cracking Tool Can Unlock Macs With T2 Chip
Passware’s forensic cracking tool can now be used on Macs that have Apple’s T2 security chip, a report says on Thursday.
GiveSendGo Data Breach Affects Donors of 'Freedom Convoy'
Attackers have breached the systems of GiveSendGo, a Christian fundraising platform. People who donated to the Freedom Convoy in Canada.
FBI: BlackByte Ransomware Attacks Critical Infrastructure
The FBI and Secret Service have seen signs of BlackByte ransomware attacking at least three critical infrastructure sectors in the U.S.
Security Friday: NDAs and Special Guests – TMO Daily Observations 2022-02-11
Andrew Orr and host Kelly Guimont discuss security news and sit down with John Kheit to talk about NDAs and using them for good or…less good.
Instagram Security Checkup Expands to Users Worldwide
Instagram Security Checkup is a feature that people can use if their accounts may have been hacked. It’s rolling out to people globally.
Security Friday: Everything Bad is New Again – TMO Daily Observations 2022-02-04
Andrew Orr and Kelly Guimont discuss Security Friday updates, including some suggested beverage pairings for each topic.
Intel Expands Bug Bounty Program With Project Circuit Breaker
Project Circuit Breaker is an expansion of Intel’s bug bounty program that hosts targeted time-boxed events on specific new platforms.
Here's How to Blur Your House on Apple Maps and Google Maps
Did you know you can blur your house on Apple Maps and Google Maps? This capability is open to everyone, here’s what you can do.
Civicom Data Leak Affects Over 100,000 Files
Video conference company Civicom has had a data leak, found by the Website Planet Security team. Over 100,000 files were included.
Security Friday: Not Entirely Bad News – TMO Daily Observations 2022-01-28
Andrew Orr joins host Kelly Guimont to discuss Security Friday news and updates, including fixes and a tip for passwords on iOS.
An NFT on OpenSea Can Steal Your IP Address
An NFT found on the OpenSea marketplace can steal visitors’ IP addresses, according to a repot from Motherboard.
Of course, websites often collect and store visitors’ IP addresses in virtue of how the sites function. OpenSea itself likely collects the IP addresses of visitors, like plenty of other sites, apps, or services. But here, an outside third party—the NFT seller—is able to gather information themselves on the people viewing the NFT, potentially without them knowing.
Apple Safety Guide: What You Need to Know About Device Access
An Apple safety guide has appeared to give customers information on how to protect themselves if their personal safety is at risk.
'AccessPress' Themes and Plugins for WordPress Contains Backdoor
JetPack discovered a backdoor found within AccessPress themes and plugins. Every theme and most plugins contain this malware.
Security Friday: This Week in (Sad) Data Breaches – TMO Daily Observations 2022-01-21
Andrew Orr joins host Kelly Guimont to discuss a Safari data leak, encrypted messaging, and as always, a new data breach.
Red Cross Data Breach Affects 515,000 Vulnerable People
A contractor for The International Committee of the Red Cross (ICRC) suffered a data breach, as revealed on Wednesday.
IRS and ID.me Makes Video Selfies a Requirement in 2022
The IRS is requiring people create an account with ID.me to access and submit taxes. One of the verification methods is a video selfie
Safari 15 IndexedDB Bug Leaks Your Browsing Activity to Third Parties
On Friday, a report from FingerprintJS revealed a Safari 15 IndexedDB bug that can leak your internet activity to any website.
Information Superhighway...to Hell – TMO Daily Observations 2022-01-14
Andrew Orr and Kelly Guimont discuss the latest security news including a happy headline, a practical tip, and an uplifting sendoff to the weekend.
Russian Authorities Arrest Members of REvil Ransomware Group
The Russian Federal Security Service (FSB) announced on Friday that it has arrested 14 members of the REvil ransomware group.
New 'SysJoker' Backdoor is a Multi-Platform Threat for macOS, Windows, Linux
There is a new piece of malware floating around. This SysJoker backdoor was discovered in December 2021 by the Intezer team.