Page 7 - Threat Intelligence Brief 9-13-2019
P. 7

Regulatory and




                                     Privacy News









        New SIM Card Flaw Lets Hackers Hijack Any Phone Just By Sending SMS. Cybersecurity researchers today
        revealed the existence of a new and previously undetected critical vulnerability in SIM cards that could allow
        remote attackers to compromise targeted mobile phones and spy on victims just by sending an SMS. Dubbed
        "SimJacker," the vulnerability resides in a particular piece of software, called the S@T Browser (a dynamic SIM
        toolkit), embedded on most SIM cards that is widely being used by mobile operators in at least 30 countries
        and can be exploited regardless of which handsets victims are using. What's worrisome? A specific private
        company that works with governments is actively exploiting the SimJacker vulnerability from at least the last
        two years to conduct targeted surveillance on mobile phone users across several countries.

                Source:  https://thehackernews.com/2019/09/simjacker-mobile-hacking.html





        Spam In your Calendar? Here’s What to Do. Many spam trends are cyclical: Spammers tend to switch tactics
        when one method of hijacking your time and attention stops working. But periodically they circle back to old
        tricks, and few spam trends are as perennial as calendar spam, in which invitations to click on dodgy links
        show up unbidden in your digital calendar application from Apple, Google and Microsoft. Here’s a brief primer
        on what you can do about it. Over the past few weeks, a good number of readers have written in to say they
        feared their calendar app or email account was hacked after noticing a spammy event had been added to their
        calendars. The truth is, all that a spammer needs to add an unwelcome appointment to your calendar is the
        email address tied to your calendar account. That’s because the calendar applications from Apple, Google and
        Microsoft are set by default to accept calendar invites from anyone.
                Source:  https://krebsonsecurity.com/2019/09/spam-in-your-calendar-heres-what-to-do/




        Amazon, IBM, Salesforce CEOs Call for Federal Consumer Data Privacy Law. Chief executives of 51 companies,
        including IT stalwarts Amazon, Dell, IBM and Salesforce, signed a letter to U.S. congressional leaders calling for
        federal data privacy legislation to protect consumers and a national privacy framework that fosters innovation
        and growth. “We write to urge you to pass, as soon as possible, a comprehensive consumer data privacy law
        that strengthens protections for consumers and establishes a national privacy framework to enable continued
        innovation and growth in the digital economy,” the letter reads.

                Source: https://www.msspalert.com/cybersecurity-markets/americas/federal-consumer-data-privacy-
                law/















                                                    www.accumepartners.com
                                                                                                                     7
   2   3   4   5   6   7   8   9   10   11   12