• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » News » Cyber Security News 06 September 2019

Cyber Security News 06 September 2019

2019-09-06 by Michelle Dvorak

Cyber Security News Update 06 SEPT 2019

CISA Warn of Hurricane Relief Scams – Mozilla Patches Firefox Web Browser Security Issues – Hackers Attack New Bedford, Mass with Ransomware

CISA Warn of Hurricane Relief Scams

https://www.us-cert.gov/ncas/current-activity/2019/09/04/potential-hurricane-dorian-cyber-scams
The US Cybersecurity and Infrastructure Security Agency (CISA) warns the public that scammers typically attempt to take advantage of disaster victims and the people who want to help them. Hurricane Dorian victims and potential donors should be aware that scammers may send phishing emails seeking credit card or banking information in fraudulent aid appeals, launch malware campaigns through emails with malicious attachments, or direct users to spoof donation websites. Hurricane Dorian victims and donors should use great care if they receive emails soliciting donations or asking them to view disaster related websites or documents. Any email link or attachment should be examined carefully and the sender vetted. Donors should always be cautious of social media, email, web, and texts pleas for help.

Mozilla Patches Firefox Web Browser to Address Security Issues

Mozilla released updates to its Firefox web browser to address cyber security vulnerabilities in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9. Users should update Firefox as some of the vulnerabilities are serious threats. Hackers could exploit some of these vulnerabilities to take control of a device.

Firefox users and system administrators should review the vulnerabilities and patch apps as soon as possible. According to Mozilla some of the vulnerabilities are:

CVE-2019-11751: Malicious code execution through command line parameters

This vulnerability only affects Firefox web browsers running on Windows operating systems.
This is a critical patch. If a user opens Firefox from another application such as a messaging app or document, this vulnerability can be used to write a log file to any arbitrary location on that machine. For example, if a hacker wrote to the Windows Startup folder, they could launch other executables the next time the machine is restarted.

CVE-2019-11753: Privilege escalation with Mozilla Maintenance Service in custom Firefox installation location

This is a high-priority patch that affects Windows machines only. When installing Firefox, the installer allows the user to choose a custom installation location. This is a vulnerability as it is unprotected from hackers, non-admin users, and malware. Hacker altered maintenance services can run with escalated privileges during a subsequent security update.

CVE-2019-11749: Camera information available without prompting using getUserMedia

This is a lower severity security patch in which malicious web content can get at a user’s webcam without triggering a user prompt or notification. The vulnerability allows for fingerprinting of users.

Ransomware Attacks New Bedford, Massachusetts

Hackers demanded $5.3 million payable in Bitcoin in another ransomware attack that locked up the city of New Bedford, Massachusetts IT system. The city’s mayor stated that the attack affected four percent of New Bedford’s computers. The city tried to negotiate for $400,000 ransom which the hackers rejected. Ultimately, the city chose to decrypt servers themselves. It is believed that this is a Ryuk ransomware attack in which hackers manually delete backups and reset snapshots before launching the attack.

Filed Under: News Tagged With: Firefox

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version