Golden rule: If someone calls saying they’re from your bank, just hang up and call them back — ideally using a phone number that came from the bank’s Web site or from the back of your payment card. Here is how a tech industry pro (having worked in security for several years at a fairly major cloud-based service) fell for a banking scam

https://krebsonsecurity.com/2020/04/when-in-doubt-hang-up-look-up-call-back/

Thanks to everyone contributing to the Folding@Home - This is a project that for 20 years has been employing crowdsourced computer-processing power to help run molecular calculations for diseases including cancer and Alzheimer's disease - and most recently for COVID-19. Folding is basically the process of assembling a protein, and simulating that process takes massive CPU and GPU (graphical processing unit) power.

https://www.darkreading.com/endpoint/white-hat-hackers-help-fold-covid-19-proteins-/d/d-id/1337629

Starbleed Vulnerability - A new security bug that impacts Xilinx FPGA chipsets.- Why is it important? - These chips are in many safety-critical applications today, from cloud data centers and mobile phone base stations to encrypted USB-sticks and industrial control systems

. This vulnerability allows an attacker to crack the bitstream encryption and tamper with the operations stored inside the bitstream, allowing the attacker to load their own malicious code on vulnerable devices. Intellectual properties included in the bitstream can be stolen. It is also possible to insert hardware Trojans into the FPGA by manipulating the bitstream.


https://www.zdnet.com/article/starbleed-bug-impacts-fpga-chips-used-in-data-centers-iot-devices-industrial-equipment/

Does this company know what "COGNIZANT" means. This news is troubling for two reasons. 1- Cognizant has many large customers. 2 - Maze ransomware is known for data exfiltration and extortion.

https://www.bleepingcomputer.com/news/security/it-services-giant-cognizant-suffers-maze-ransomware-cyber-attack/

Manufacturer of AirSense 10, the world’s most widely used CPAP says the AirSense 10 would require “significant rework to function as a ventilator,” while (surprise!) many ventilator functions were already built into the device firmware.

 Security researcher Trammel Hudson has released a patch (dubbed Airbreak) that he says unlocks the hidden capabilities buried deep inside the AirSense 10.


https://arstechnica.com/information-technology/2020/04/firmware-jailbreak-lets-low-cost-medical-devices-act-like-ventilators/

(S)Extortion - Hope, it never happens but if it ever does then remember this video

https://youtu.be/veY0WzoubQw

Watch out for FLEECEWARE - Mobile apps that can still charge users even after users uninstall the app from their devices. Researchers have identified 32 iOS apps (see table at the end of this article) that charge up to $30/month or $9/week for simple features that are usually available for free. Some of these fees seem small, but they can add up to between $360 and $468 per year.

https://www.zdnet.com/article/fleeceware-apps-discovered-on-the-ios-app-store/

School districts around the world are quickly moving to an eLearning format, meaning most of kids social and educational lives are online. This webcast can help parents to ensure their kids are making the most of technology safely and securely.

https://www.youtube.com/watch?v=vrAmvj00jYo&feature=youtu.be