Posts

Android October security update tracker for major OEMs & carriers…


Android updates are all over the place. It’s been years since Android devices were first released but OEMs and Google are yet to figure out how to streamline the update process.

Google has tried a few things such as introducing the Android One program and also Android GSIs (Generic System Images) in an effort to make Android updates seamless and quick.

Of course, neither of these have made much of a dent in how OEMs release updates for their devices. Matter of fact, Xiaomi managed to screw up updates for its Android One line of devices big time.

OnePlus-8-5G

OnePlus 8

We’re not only talking about major Android updates here. More often than not, device vendors fail to push security updates on time for certain models. Therefore, it’s hard to know when your device is going to receive a security update.

That said, in order to make things easier for you, we’re going to track the rollout of the October security patch for devices for all major OEMs as well as mobile carriers.

The tracker below will be updated as and when an OEM or carrier begins rolling out the October security update for any device. So make sure to keep an eye on this post regularly to know when the update rolls out for your phone or tablet.

    NOTE: Clicking/tapping on a concerned section in the OEM- and Carrier-specific index below will take you to the section/table of your interest.
INDEX for OEMs and Carriers
OEM October security update tracker

    NOTE: If the table below is empty it means none of the devices have received the October patch yet. The entries will be done as and when the updates go live.
Device Date Details Description/changelog
Google Pixel 2 Oct. 05 – Build/version no: RP1A.201005.004 (Source)
Google Pixel 2 XL Oct. 05 – Build/version no: RP1A.201005.004 (Source)
Google Pixel 3 Oct. 05 – Build/version no: RP1A.201005.004 (Source)
Google Pixel 3 XL Oct. 05 – Build/version no: RP1A.201005.004 (Source)
Google Pixel 3a Oct. 05 – Build/version no: RP1A.201005.004 (Source)
Device Date Details Description/changelog
Google Pixel 3a XL Oct. 05 – Build/version no: RP1A.201005.004 (Source)
Google Pixel 4 Oct. 05 – Build/version no: RP1A.201005.004 (Source)
Google Pixel 4 XL Oct. 05

Source…

Minerals Technologies Inc Says On October 22, It Detected A Ransomware Attack Impacting Certain Of Its Information Technology Systems – SEC Filing


Minerals Technologies Inc Says On October 22, It Detected A Ransomware Attack Impacting Certain Of Its Information Technology Systems – SEC Filing

Published: 10/26/2020 22:28 GMT
Minerals Technologies Inc (MTX) – Minerals Technologies Inc Says on October 22, It Detected a Ransomware Attack Impacting Certain of Its Information Technology Systems – Sec Filing.
Minerals Technologies Inc Says Network Security Incident Primarily Impacted Co’s Internal Corporate Functions.
Minerals Technologies Inc Says Co Currently Does Not Believe That Any of Its Customers Or Suppliers Were Impacted As a Result of This Incident.
Minerals Technologies Says Security Event Included Unauthorized Access to Personal Data of Employees, Former Employees and Their Dependents.
Minerals Technologies Says Co Took Steps to Restore Its Network and Resume Normal Operations As Quickly As Possible.
Minerals Technologies Says Co Launched Investigation Working With Cybersecurity Firms, Engaged Legal Counsel, Notified Law Enforcement.
Minerals Technologies Says Co in Process of Notifying Appropriate Governmental Authorities.
Minerals Technologies Says at Current Time and Throughout Incident, Co’s Manufacturing Sites Continued to Operate Safely and With Limited Interruption.
Minerals Technologies Says Co Does Not Currently Believe Incident Will Have Material Impact on Its Business, Operations Or Financial Results.
Revenue is expected to be $388 Million
Adjusted EPS is expected to be $0.86

Next Quarter Revenue Guidance is expected to be $407.38 Million
Next Quarter EPS Guidance is expected to be $0.95

More details on our Analysts Page.

Source…

Cyber Week in Review: October 23, 2020


Iran and Russia Target Upcoming U.S. Elections

On Wednesday, U.S. officials announced that Iran and Russia had obtained U.S. voter registration information and are using it to influence the upcoming presidential election. U.S. officials publicly blamed Iran [PDF] for sending thousands of emails meant to intimidate voters and cast doubt on the security of mail-in ballots, an accusation which Iran has denied. Officials also accused [PDF] Russia of targeting U.S. state and local government networks, reportedly breaching county systems in California and Indiana. Russia’s intentions are unclear. There is no evidence that the systems that tally votes or the votes themselves have been altered, but U.S. officials warned that Russia may use their position in the network to deface websites or steal and release documents to undermine confidence in the democratic process.

DOJ Files Antitrust Lawsuit Against Google

On Tuesday, the DOJ filed a lawsuit [PDF] against Google alleging that the tech giant unlawfully maintained monopolies in search and search advertising through a series of exclusionary contracts and agreements. The primary agreement under scrutiny is a partnership with Apple, whose Safari browser automatically returns search results and ads from Google. The lawsuit brands Google as the “gatekeeper for the internet,” mirroring language in a recent House Judiciary Committee report [PDF] condemning big tech companies for monopolistic behavior. Google criticized the lawsuit, arguing that anti-trust actions will harm—not help—American consumers who benefit from Google’s free services and investments in innovation.

DOJ Indicts Six Russian GRU Officers for Involvement in Cyberattacks

More on:

Cybersecurity

Election 2020

Russia

Iran

Huawei

On Monday, the DOJ indicted six GRU…

Source…

The Week in Ransomware – October 23rd 2020


Ransomware

This week has been busy with ransomware related news, including new charges against Russian state-sponsored hackers and numerous attacks against well-known organizations.

In 2017, there was an attack utilizing the NotPetya ransomware to destroy data on systems worldwide. This week, the US govt indicted six Russian intelligence operatives, known to be part of the notorious ‘Sandworm’ group, for hacking operations, including NotPetya.

We also learned of numerous attacks against large organizations, such as Barnes & Noble, the Monreal public transit system (STM), Sopra Steria, and Boyne Resorts.

Contributors and those who provided new ransomware information and stories this week include: @DanielGallagher, @demonslay335, @VK_Intel, @BleepinComputer, @Seifreed, @PolarToffee, @serghei, @jorntvdw, @struppigel, @fwosar, @malwareforme, @Ionut_Ilascu, @LawrenceAbrams, @FourOctets, @malwrhunterteam, @ValeryMarchive, @Sophos, @BrettCallow, @thepacketrat, @Kangxiaopao, @siri_urz, @MarceloRivero, @JakubKroustek, @Glacius_, and @GrujaRS

October 17th 2020

New Dharma ransomware variants

Jakub Kroustek found new Dharma ransomware variants that append the .Crypt and .LCK extension to encrypted files.

New Pransomware ransomware

@Glacius_ found a copy of BlackKingdom ransomware that was renamed to Pransomware.

Pransomware

October 18th 2020

New STOP Djvu ransomware variant

Michael Gillespie found a new STOP ransomware variant that appends the .efji extension to encrypted files.

October 19th 2020

US indicts Russian GRU ‘Sandworm’ hackers for NotPetya, worldwide attacks

The U.S. Department of Justice has charged six Russian intelligence operatives for hacking operations related to the Pyeongchang Winter Olympics, the 2017 French elections, and the notorious NotPetya ransomware attack.

New Vaggen Ransomware

Marcelo Rivero found a new ransomware named Vaggen that appends the .VAGGEN extension and drops ransom notes named ABOUT_UR_FILES.txt and AboutYourFiles.txt.

Vagget

October 20th 2020

Darkside ransomware donates $20K of extortion money to charities

The operators of Darkside ransomware have donated some of the money they made extorting victims to nonprofits Children International and The Water Project.

Source…