Threatpost

Fake iOS Jailbreak Site Lures in Apple Users A fake website purports to enable iPhone users to download an iOS jailbreak - but ultimately prompts them to download a gaming app and conducts click fraud. Sudo Bug Opens Root Access on Linux Systems The bug allows users to bypass privilege restrictions to execute commands as root. Pitney Bowes Hit with Ransomware Attack The attack left customers unable to access key services for shipping and mailing, the company said. A Deepfake Deep Dive into the Murky World of Digital Imitation Deepfake technology is becoming easier to create - and that's opening the door for a new wave of malicious threats, from revenge porn to social-media misinformation. Apple Shares Some Browsing History with Chinese Company The company acknowledged it's using 'safe browsing' technology from Tencent, which has ties to the Chinese government. Software, Supply-Chain Dangers Top List of 5G Cyber Risks Without naming Huawei, the EU warns on state-backed 5G suppliers. Imperva: Data Breach Caused by Cloud Misconfiguration Hackers were able to steal an AWS administrative API key housed in a compute instance left exposed to the public internet. Fin7 Cybergang Retools With New Malicious Code A new dropper and payload show that Fin7 isn't going anywhere despite a crackdown on the infamous group by law enforcement in 2018. Iran-Linked ‘Charming Kitten’ Touts New Spearphishing Tactics A campaign first observed last year has ramped up its attack methods and appears to be linked to activity targeting President Trump's 2020 re-election campaign. vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach A hacker is selling the email addresses of 250,000 users of a Dutch sex-work forum -- data that researchers say could be used for blackmail.

Distributed by aarss.com.