Google is giving data to police based on search keywords, court docs show

Court records in an arson case show that Google gave away data on people who searched for a specific address. Unsealed court documents from the case found that investigators can now request such data in reverse order by asking Google to disclose everyone who searched a keyword rather than for information on a known suspect. In this particular case, investigators requested information on users who had searched the address of the residence close in time to the arson.

(CNet

Tyler Technologies pays ransomware gang for decryption key

As we reported two weeks ago, Tyler Technologies, the largest software company in North America devoted to the public sector organizations including school districts, court systems, and local and statement governments, suffered a cyberattack on September 23 that severely impacted its internal operations. In an update to that story, the company now says expects it will take a month to recover operations fully, and that they paid the ransom operators to recover encrypted data, although they would not specify the amount.

(Bleeping Computer)

U.K. businesses suffered a cyberattack every 45 sec. during Spring lockdown

A report from business ISP provider Beaming revealed that between April and June 2020, at the height of the first COVID-related lockdown, cyberattacks increased to the point that there was one every 45 seconds. File-sharing applications, and IoT applications including building control systems and networked security cameras were the most common targets for threat actors. Beaming states that the unique IP addresses in these attacks originated mostly from China, Taiwan, and the U.S.

(CISO Mag)

Google removes ProudBoys website from its cloud platform

Following intense lobbying from Color Of Change, a U.S. based racial justice organization, Google has successfully influenced a Google Cloud Services customer to remove the group’s online pages. This follows similar moves against the hate group by Twitter and Facebook in 2018 and PayPal in 2019. The FBI designated Proud Boys as an extremist group due to their far-right agenda, inclination to use violence, and support for white supremacy.

(ZDNet)

Thanks to this week’s sponsor, Trusona

Trusona enables enterprises to secure and simplify user access by removing passwords from the Windows 10 login experience. With a single desktop sign-in using Trusona’s passwordless MFA, employees are automatically authenticated into Office 365 or their SSO, giving them secure access to all of their corporate applications. Give your workforce a solution they don’t have to work around.

Hacked voice remote becomes passive listening device

The Comcast XR11 voice remote, of which more than 18 million units are currently in use in homes across America, was the victim of a man-in-the-middle technology that exploits its radio frequency (RF) communication with the set-top box and over-the-air firmware upgrades to turn its voice command feature into a listening device. This means it does not have to be connected to the internet to be monitored. Although Comcast patched its affected devices in September, researchers warn that with an increase in people working from home, confidential material is always at risk of being monitored.

(InfoSecurity Magazine)

U.S. Cybercommand tricks Trickbot

In a bid to prevent the notorious Trickbot botnet from being used to interfere with the upcoming presidential election, the U.S. Cybercommand successfully sent a command to all Trickbot infected Microsoft Windows computers telling them to disconnect themselves from their Internet servers. U.S. officials recognize that this operation will not permanently dismantle Trickbot, which is already rebuilding, but they see it as “one way to distract them for at least a while as they seek to restore their operations.”

(KrebsOnSecurity)

Microsoft makes remote work option permanent

Following similar announcements made by Facebook and Twitter, the company has stated that many staff will be able to work from home part-time, without needing formal approval from their managers. Remote work may also become a permanent option. This reflects a significant increase in full-time home-based work, which in the U.S., is a reality for 35% of its workforce, up sharply from 2% pre-pandemic. 

(BBC News)

New Android ransomware activates when you press the Home button

AndroidOS/MalLocker.B, is hidden inside Android apps offered for download on online forums and third-party websites. Activated by pressing the Home button, it takes over the phone’s screen and prevents the user from dismissing a ransom note designed to look like a message from local law enforcement telling users they have committed a crime and need to pay a fine. Users are advised to avoid installing Android apps they downloaded from third-party locations such as forums, website ads, or unauthorized third-party app stores. A technical breakdown of this new threat is available on Microsoft’s blog.

(ZNet)