Skip to content Skip to navigation
Resources and Information on COVID-19 Ask a Question

In the News

United Arab Emirate chat app, ToTok reported to be 'spyware'

A recent NYTimes investigative report discloses that a popular UAE web application often used on mobile devices, ToTok, is essentially a spying tool for the Persian Gulf nation.  ToTok's ability to collect and monitor user data makes it an effective 'spyware' tool. 

NYTimes, Dec 22nd, 2019

Users are advised to either remove the software or excercise caution when using the app, especially if they might be at a higher-than-normal risk for being targeted for surveillance by the UAE government. While the use of any messaging apps increases the risk of exposure to users, some chat apps are viewed with greater suspicion because of their close ties to authoritarian governments.

Following this report, most of the US military has banned China-based TikTok and are re-examining other popular chat apps such as WeChat and Weibo.

Ring Home Security camera systems are being hijacked 

Ring Home Security camera customers in several states are reporting that their systems are being hacked. The company says that Ring Home Security cameras haven't suffered a breach, but that users are reusing passwords that have been exposed in previous security breaches making them easy to access using a hacking technique called credential stuffing.

Ransomware attack strikes San Bernardino City Unified School District

On October 20th, a Ransomware attack in the San Bernardino City Unified School District caused numerous problems for students and faculty, causing headaches throughout the organization. 

KTLA, October 20th, 2019

A vulnerability in Sudo, a core command utility for Linux, could allow a user to execute commands as a root user

Sudo is a utility that allows a system administrator to give certain users (or groups of users) the ability to run commands in the context of any other user – including as root – without having to log in with a different profile. Sudo also logs all commands and arguments in a centralized audit trail system, so admins know which user performed which command and in which context., October 15th, 2019

MacOS users targeted with new Tarmac Malware, installing a possible back door into your Mac

Security researchers have discovered a new piece of Mac malware; however, some of its purpose and full features will remain a mystery for a little longer. Named Tarmac (OSX/Tarmac), this new malware was distributed to macOS users via online malvertising (malicious ads) campaigns.

ZDNet, Oct 11th, 2019

Chegg resets 40 million user passwords after data breach

In September of 2018, a major textbook rental and online tutoring services company Chegg reported it had suffered a data breach affecting the data of 40 million customers. The data involved in this breach includes user’s names, email addresses, passwords, and shipping addresses. This is one of the largest breaches of data affecting college and university students to date. While Chegg took action in 2018 by resetting user passwords on their site, the stolen data is now in the hands of cyber-criminals and it’s possible that students and former students may have used the same or similar passwords for other account logins across other websites.

TechCrunch, Sep 26, 2018

Hackers beat university cyber-defences in two hours

A team of ethical hackers conducted penetration testing to measure cyber-defence for approximately 50 major Universities and research centers in the UK in 2019. The hacking team was able to gain access to research networks, personal information, and financial systems within two hours or less. They report that spear-phishing was the most effective method for network penetration. This testing was part of a nation-wide program to measure and improve cybersecurity in the UK.

BBCNews, Apr 4, 2019

Town Avoids Paying Massive $5 Million Ransom in Cyberattack

In July of 2019, the city of New Bedford, Mass was the victim of a ransomware attack that affected approximately 3,500 computers. The hackers made a ransom demand of $5.3 million in bitcoin in order to decrypt their files. City officials attempted to negotiate with the hackers to reduce the ransom amount and to gain more time as they attempted to recover and restore encrypted files. This approach worked for New Bedford and they were able to to restore many files from backup and reconstruct the missing data. There is an ongoing debate at this time about whether or not victims should pay the ransom.

NPR, Sep 6, 2019

No municipality paid ransoms in ‘coordinated ransomware attack’ that hit Texas

None of the 22 Texas towns and municipalities that were victims of a massive ransomware attack in mid-August of 2019 paid the $2.5 million ransom demanded of them by the hackers.  Texas officials based the decision not to pay largely on public sentiment that tax-payer money should not go to pay hackers. Many people believe paying the ransom incentivizes cyber-criminals to launch more ransomware attacks.

ZDNet, Sep 7, 2019

Ransomware Attack Hits 22 Texas Towns, Authorities Say

On August 16, 2019, hackers launched a large-scale "coordinated" ransomware attack on 22 towns in Texas. The cyberassault began Friday morning and mainly affected city business and financial operations. Interrupted services include processing utlity payments, issuing permits, as well as birth and death certificates. Officials say this attack is the first of its kind where one individual or hacking group has targeted multiple cities at once.  It is being viewed as a wake-up call for small towns in rural areas.

NYTimes, Aug 20, 2019