Three FBI cybersecurity officials are stepping down from their roles, sources say. Scott Smith of the cyberdivision is to retire this month, while David Resch of the criminal, cyber, response and services branch and Carl Ghattas of the national security branch also will be leaving the bureau.
Dongguan Diqee 360 vacuums have security vulnerabilities that could be used to turn them into surveillance devices, warns Positive Technologies. The "dynamic monitoring" feature, which uses a 360-degree camera and Wi-Fi, could be used as a botnet for distributed-denial-of-service attacks or spying on vacuum owners, the company warns.
Mobile games including "Clash Royale" and "Clash of Clans" are being used to launder money through more than 20,000 stolen credit cards, security firm Kromtech reports. Thieves are using data taken from MongoDB databases to make purchases and sell accounts to third parties, the company's report states.
Cisco has released patches for four vulnerabilities announced this week. The vulnerabilities mostly affect pre-18.2.0 versions of Policy Suite and could leave users at risk for database tampering, compromised accounts and information leaks.
The Connecticut Higher Education Trust recently reported online criminals had stolen $1.4 million from 21 investors, highlighting the vulnerability of college-savings accounts. Experts suggest protecting yourself by checking your account balance regularly and by being wary of what you post on social media.
Hacking group Mealybug's operation is spreading beyond just targeting banking customers in Europe and is making its way to the US, per Symantec. Mealybug is profiting from the use of its Emotet trojan by malicious actors to deliver payloads such as Qakbot, Symantec reports.
The Department of Justice on Thursday released a report that focuses on the cyberthreats facing the nation and how the DOJ plans to address them. The report also addresses foreign influence operations and outlines a policy for disclosing foreign meddling investigations.