What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-08-18 11:18:22 | Pandemic Phishing Prevails (lien direct) | According to data obtained from a Freedom of Information inquiry conducted by the Lanop Accountancy Group, Her Majesty’s Revenue and Customs (HMRC) is investigating 10,428 email, SMS, social media, and phone scams exploiting the Covid-19 pandemic. The highest rate of phishing scams occurred shortly after many countries went into lockdown in May with 5,152 reports […] | |||
|
2020-08-18 10:49:16 | What it Means to Be a Cybersecurity Pathfinder (lien direct) | The field of cybersecurity can be a somewhat unforgiving working environment. Bad actors will quite literally stop at nothing to wreak havoc for their own personal gain, financial or otherwise. Unfortunately, no public holiday or even pandemic, offers a hiatus from their malicious pursuits. Security professionals are burdened with unrelenting pressure to protect their organisation; […] | |||
|
2020-08-18 10:08:38 | Cruise Control, Carnival Catastrophe (lien direct) | As if times weren’t hard enough for the travel industry, BleepingComputer revealed that the cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend. When it comes to passenger travel, data breaches and ransomware can be especially catastrophic. Biographical information, travel details and potentially passport […] | Ransomware | ||
|
2020-08-17 14:12:34 | Webinar: How to keep the UK secure as it reopens (lien direct) | At the time of writing, the UK is on the long, anxious road back to normality as we continue to come slowly out of the nation-wide lockdown facilitated by the Covid-10 pandemic. Where questions a few months ago were related to how we can flatten the curve, protect the NHS and the economy, now the […] | |||
|
2020-08-17 11:29:29 | A Level results: can we trust an algorithm? (lien direct) | At a time when students' lives in the UK have already been upended with the school year being cut short by a deadly pandemic, an added layer of chaos and controversy has erupted after officials decided to entrust establishing pupils' A-Level grades to a computer algorithm. In theory, the algorithm used to determine the grades […] | |||
|
2020-08-17 08:03:58 | Canadian Government Services Face Cyberattack (lien direct) | According to BleepingComputer, the Office of the Chief Information Office of Government of Canada has admitted that its online portal, GCKey, had fallen victim to a cyberattack. This portal allows the public to gain access to numerous government services, not least services for immigration, taxes, benefits. The attack was supposedly an attempt to steal COVID-19 […] | |||
|
2020-08-17 07:57:18 | Konica Minolta Victim of Ransomware Attack (lien direct) | At the end of July, Konica Minolta, the business technology giant, fell victim to a ransomware attack that interrupted its operations for close to a week, shares BleepingComputer. The multinational corporation made over $9 billion in revenue in 2019 and has nearly 44,000 employees, offering various services and products – including healthcare technology and printing […] | Ransomware | ||
|
2020-08-17 07:48:55 | Momentum Metropolitan Suffer from Cyberattack (lien direct) | The South African financial services group, Momentum Metropolitan, has suffered a cyberattack last Thursday, according to Business Insider. Data from one of its subsidiaries has now been accessed by hackers but, investigations suggest that client information has not been stolen. “Information accessed contains administrative and financial data that is not expected to prejudice any stakeholders […] | |||
|
2020-08-14 12:51:35 | (Déjà vu) Data breaches in the healthcare sector down by 10% in the first half of 2020 (lien direct) | CI Security has released today its healthcare data breach report, which analysed data from the US Department of Health and Human Services (HHS). The analysis found that healthcare breach reports in the first half of this year were down 10.4% compared to the second half of 2019, with the number of breached records falling by nearly […] | Data Breach | ||
|
2020-08-14 12:47:01 | BootHole vulnerability in Linux systems renders servers unbootable (lien direct) | It was reported this week by Naked Security that Linux systems are affected by a vulnerability that can render those Linux servers unbootable. BootHole leverages a vulnerability in both GRUB2 and Secure Boot, explains TechRepublic. To make BootHole a bit more daunting, it’s actually a really easy hack to pull off. The only thing blocking […] | Hack Vulnerability | ||
|
2020-08-14 11:25:41 | Researchers uncover critical flaw within Amazon Alexa which can lead to stolen voice history and data (lien direct) | Security researchers at Check Point have discovered the Amazon Alexa assistant can be hacked to make it hand over sensitive data including voice recordings due to flaws within the services subdomains. The researchers explained that these critical issues could occur because the services subdomains are prone to Cross-Origin Resource Sharing (CORS) misconfiguration and cross-site scripting […] | |||
|
2020-08-14 11:23:45 | Data from US Gun exchange exposed by hackers (lien direct) | Cybercriminals have infiltrated a Gun Exchange in Utah, US and released highly sensitive information on a cybercrime forum. It is estimated that records over 200,000 user records were stolen from a variety of linked sites which include 195,000 user records for the utahgunexchange.com, 45,000 records for their video site, 15,000 records from the hunting site […] | |||
|
2020-08-14 11:21:58 | Google attempting new URL displays to tackle phishing and other scams (lien direct) | Some Google Chrome users can expect a big change in how the browser displays URLs as the company tests out how domain names are seen in a bid to thwart online scams. The test is expected on Chrome 86 which is slated for release at the end of August. The experiment will involve some “randomly […] | |||
|
2020-08-14 11:20:00 | Unprotected AWS Server exposes over 350m passwords (lien direct) | Ethical hackers have discovered 350 million exposed email addresses on an unsecured server which were likely to have either been stolen or acquired back in October 2018. The find was made after the CyberNews threat researchers came across an unprotected depository (also known as a bucket) on an Amazon S3 server which is said […] | Threat | ||
|
2020-08-12 13:41:29 | Update your browser now! Chrome bug allows bypassing of CSP protection (lien direct) | If you haven’t recently updated your Chrome, Opera, or Edge web browser to the latest available version, it would be an excellent idea to do so as quickly as possible, The Hacker News advises. Cybersecurity researchers on Monday disclosed details about a zero-day flaw in Chromium-based web browsers for Windows, Mac and Android that could […] | |||
|
2020-08-12 13:38:51 | #SorryNotSorry: Seek apologises for leaking user details but won\'t report it as a notifiable data breach (lien direct) | Job search engine Seek confirmed while it suffered an “internal technical issue” on Monday, which resulted in the exposure of other candidate details when they were logged into their Seek Profiles, it does not view the incident as a notifiable data breach and will not be reporting it to the Office of Australian Information Commissioner […] | Data Breach | ||
|
2020-08-12 13:34:41 | (Déjà vu) Citrix\'s Xen Mobile Servers for ednpoint management affected by critical flaw (lien direct) | Citrix today released patches for multiple new security vulnerabilities affecting its Citrix Endpoint Management (CEM), also known as XenMobile, a product made for enterprises to help companies manage and secure their employees’ mobile devices remotely, The Hacker News reported. Citrix Endpoint Management offers businesses mobile device management (MDM) and mobile application management (MAM) capabilities. It […] | |||
|
2020-08-11 14:03:30 | Securing Emails in the Modern Age (lien direct) | In the age of modern connectivity, emails are the de facto mode of communication. Securing emails from cybercriminals is a difficult task, and many businesses are left scratching their heads when deciding how to keep corporate data and privileged information secure. Zix a provider of cloud email security, productivity and compliance solutions has announced the […] | |||
|
2020-08-11 10:55:51 | Welsh police breaking law with facial recognition technology (lien direct) | Attempts by UK law enforcement to use facial recognition technology in crime investigation and prevention have taken a blow today, with a civil liberties group and an individual based on Cardiff winning a legal challenge brought to South Wales Police regarding the use of the technology. The group involved was called Liberty, who were working […] | |||
|
2020-08-11 10:54:28 | Remote workers at increased risk from DDoS attacks (lien direct) | Kaspersky has shown that in Q2 of 2020, there has been a notable upswing in the volume of distributed denial of service DDoS attacks, which have tripled from Q2 of 2019. This is in response to the Covid19 remote working landscape, with less people on holiday than usual during the quarter, and more depending on […] | |||
|
2020-08-11 10:52:14 | Revamped agent Telsa targeting browser and VPN passwords (lien direct) | The notorious password stealing browser Agent Tesla is back. The trojan, used for remote access, now has the capability to steal passwords from web browsers as well as from VPNs. An active remote access trojan since 2014, Agent Tesla is a commercially available infostealer which also doubles as a keylogger. | |||
|
2020-08-10 08:05:39 | Security Advisory Used in Phishing Attack (lien direct) | According to BleepingComputer, bad actors are utilising fake security advisories to carry out phishing attacks on cPanel users. An administrative software typically installed on shared web hosting services, cPanel allows website owners to administer their site through a graphical user interface. However, last week, fake advisories were issued indicating “security concerns” that needed to be […] | |||
|
2020-08-10 07:37:33 | F5 BIG-IP Flaw Actively Exploited By Iranian Hackers, FBI Warns (lien direct) | In a Private Industry Notification (PIN) issued by the U.S domestic intelligence and security service, it was revealed that Iranian state-sponsored hackers are actively exploiting an F5 BIG-IP flaw. The flaw allows for unauthenticated remote code executions on devices used by Fortune 500 companies, government agencies and banks, shared BleepingComputer. The FBI have added further […] | |||
|
2020-08-10 07:28:03 | Reddit Accounts Hacked Spreading Pro-Trump Messages (lien direct) | On Friday, moderators of over 70 groups on Reddit Inc. were hacked. Messages in support of Donald Trump were then posted in both English and Mandarin, reaching millions of subscribers. Among the subreddits defaced were r/space, r/food. r/Japan, r/nfl, r/cfb and r/podcasts, all popular subreddits. According to SiliconAngle, while it is yet unknown how these […] | |||
|
2020-08-07 13:45:40 | Hospitals impacted after hackers target ventilator manufacture during Covid-19 (lien direct) | A notorious ransomware gang has been hitting a key manufacturer of coronavirus ventilators in the US. The DoppelPaymer gang have threatened Boyce Technologies with releasing valuable data if the ransom is not paid – as it stands, the ransom amount has not been disclosed. It's unfortunate to hear Boyce Technologies, an FDA-approved ventilator manufacturer, has had critical […] | Ransomware | ||
|
2020-08-07 13:37:21 | Intel data breach results in confidential info leaked (lien direct) | Intel, the U.S. based global chip provider is investigating a data breach after highly confidential and restricted information was leaked onto online sharing website, MEGA. The data was uploaded to MEGA by software engineer, Till Kottman after receiving the documents from an anonymous hacker who allegedly hacked Intel earlier this year. After analysis, the information has been […] | Data Breach | ||
|
2020-08-07 13:32:57 | Capital One hit with $80 million fine following 2019 data breach (lien direct) | It was announced yesterday that Capital One has been ordered by the Office of the Comptroller of the Currency (OCC) to pay an $80 million fine after the company suffered a massive data breach in 2019. It is estimated that the breach impacted more than 100 million Capital One customers, with names and addresses of individuals […] | Data Breach | ||
|
2020-08-06 15:38:34 | The rise of Community-Powered Threat Hunting (lien direct) | Next-Gen SIEM provider, Securonix has announced availability of its SearchMore functionality that helps operations teams better detect and respond to threats that bypass preventative and detection controls. The company states that “SearchMore delivers the industry's first Community-Powered Threat Hunting capability and provides the ability to search on real-time, streaming data, as well as long-term data.” […] | Threat | ||
|
2020-08-06 15:37:24 | Who are the new heads at NCSC and MI6? (lien direct) | Lindy Cameron, the first woman CEO of the National Cyber Security Centre – a public facing division of GCHQ and primary technical authority on cybersecurity – is replacing its first CEO, Ciaran Martin, when he steps down on 31 August. Cameron will then formally become CEO in October following a handover period. Cameron has excellent […] | |||
|
2020-08-06 10:19:16 | Maze ransomware strikes again at Canon (lien direct) | Optical and imaging giant Canon has been the latest business to be hit by the scourge of ransomware. The Maze strain of ransomware has brought operations to an effective standstill, hitting the Canon email servers as well as internal applications including their instant messaging services provided by Microsoft Teams. Additionally, the US website was also […] | Ransomware | ||
|
2020-08-06 10:17:55 | UK council takes £10 million hit in cyberattack recovery (lien direct) | A small rural council in the North of England has suffered a staggering financial hit in recovering from a cyberattack. Redcar and Cleveland in Yorkshire were forced to spend £10 million in order to recover from a cyberattack which took online public services offline for a week in February. Infrastructure and system recovery cost £2.4m, […] | |||
|
2020-08-06 10:14:28 | Google shuts down Chinese, Iranian and Russian influence campaigns ahead of US election (lien direct) | Ten influence campaigns emerging from hostile states such as China, Tunisia, Russia, and Iran have been discovered across Google platforms, and removed throughout Q2, Google's Threat Analysis Group have announced. The group is responsible within Google's security department for keeping track of high-end cybercriminal activity, which includes nation-state influence campaigns detected. Although the group is […] | Threat | ||
|
2020-08-05 12:46:46 | KnowBe4 Releases New Security Research Report “The Department of No” (lien direct) | KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, has released a new report that explores how and why the reputation of security departments have traditionally been perceived as “The Department of No.” This new report, authored by Javvad Malik, security awareness advocate at KnowBe4, explains how many security […] | |||
|
2020-08-05 11:08:58 | Serious bug found in official Facebook WordPress chat plugin allows attackers to intercept messages (lien direct) | On June 26, 2020, Wordfence’s threat intelligence team discovered a vulnerability in The Official Facebook Chat Plugin, a WordPress plugin installed on over 80,000 sites. This flaw made it possible for low-level authenticated attackers to connect their own Facebook Messenger account to any site running the vulnerable plugin and engage in chats with site visitors […] | Vulnerability Threat | ||
|
2020-08-05 11:00:56 | (Déjà vu) Nearly 300 Chrome extensions are loading malicious code (lien direct) | AdGuard has discovered 295 Chrome extensions that hijack and insert ads in Google and Bing search results. The extensions have been installed by more than 80 million users. In a technical analysis shared with ZDNet, AdGuard said all extensions loaded malicious code from the fly-analytics.com domain, and then proceeded to quietly inject ads inside Google […] | |||
|
2020-08-05 10:40:50 | US and Australian government warn of critical vulnerabilities in Cisco, Microsoft and IBM remote access and perimeter devices (lien direct) | Security firm RiskIQ has published a report highlighting several critical vulnerabilities in 12 widely used remote access and perimeter devices. The findings show that the rapidly increasing adoption of these devices amid the COVID-19 pandemic is expanding digital attack surfaces outside the corporate firewall at incredible speed-and introducing a range of critical, rapidly proliferating vulnerabilities. […] | |||
|
2020-08-04 15:02:20 | Dangerous flaws found in Cisco, Microsoft, Citrix and IBM Among Many Others (lien direct) | RiskIQ, released its Vulnerability Landscape report, a high-level view of critical vulnerabilities in twelve very widely used remote access and perimeter devices. The report shows that the rapidly increasing adoption of these devices throughout the COVID-19 pandemic is increasing digital attack surfaces outside the corporate firewall at incredible speed-and introducing a range of critical, rapidly […] | Vulnerability | ||
|
2020-08-04 14:36:30 | These 10 IoT devices pose the biggest risk to your organisation (lien direct) | By Richard Orange, Regional Director of UK&I at Forescout Connected devices continue to transform the way organisations operate in every industry. From healthcare and retail to manufacturing and financial services, Internet of Things (IoT) devices are omnipresent and positively impact the bottom line of many organisations. But an increase in connected devices also means an […] | |||
|
2020-08-04 14:10:36 | Tweet Chat Roundup with KnowBe4 (lien direct) | We are now more than halfway through the year, and what a crazy half it has been both in terms of the global pandemic but also when you consider the volatile climate the cybersecurity industry finds itself in. We wanted to find out what trends had been seen, how organisations should go about ensuring security is being kept as a priority, […] | |||
|
2020-08-04 14:08:34 | 70% of large businesses consider remote working a security hazards: The experts have their say (lien direct) | A survey conducted by AT&T found that 70% of large businesses think that their security posture is being damaged by remote working, leaving them more vulnerable to cyberattack- This is what the experts think. Remote working has made us all ask difficult questions of ourselves. While the initial kneejerk decisions to deploy a remote workforce […] | |||
|
2020-08-04 13:27:36 | It\'s Official: COVID-19 Creates a Larger Surface Area for Cyberattacks (lien direct) | Ever since it was declared a global pandemic, experts have warned that COVID-19 will put increased strain on security teams by creating more variables and attack surfaces. Now, according to VMware Carbon Black, it is official. Their most recent Global Incident Response Report, revealed that COVID-19 continues to create a larger surface area for cyberattacks. […] | |||
|
2020-08-04 09:57:38 | Deep Fake: Deep Trouble (lien direct) | According to a new report from University College London (UCL), fake audio or video content has been ranked as the most worrying use of artificial intelligence in terms of its potential applications for crime or terrorism. Deep fakes will most likely come to fruition on social media as memes, however their future can be much […] | |||
|
2020-08-04 09:28:16 | 1 in 5 Businesses Would Consider Sabotaging a Competitor\'s Online Business (lien direct) | The digital era has brought a multitude of opportunities, and unique challenges for businesses. Industrial espionage and sabotage has always been a threat to corporations, but the digital age presents new tools and weapons. Acts of online sabotage may involve discrediting a business's products/service with negative (and often fake) reviews, as well as running a […] | Threat | ||
|
2020-08-03 15:59:47 | Russian Hackers Allegedly Behind Document Leak Preceding Britain\'s 2019 Elections (lien direct) | The leak of classified U.S and UK trade documents in the run-up to Britain’s 2019 elections were allegedly stolen by Russian hackers. The documents were supposedly accessed from the email inbox of former trade minister, Liam Fox, between July 12 and October 21, revealed Reuters. Whilst choosing not to name the Russian organisation responsible, the […] | |||
|
2020-08-03 10:57:25 | Aged Care Operators in Australia Under Threat of Ransomware Attacks (lien direct) | The Sydney Morning Herald has announced yet another cyberattack in a string of attacks targeted at Australian organisations and critical infrastructure. Suspected to be the work of an overseas actor, Regis, the aged care operator, is the latest to be affected. Already struggling with the coronavirus outbreak, the company now has to deal with the […] | Ransomware Threat | ||
|
2020-08-03 10:47:47 | 1.3 Million Havenly Accounts Leaked on Online (lien direct) | The hacking group, ShinyHunters, recently leaked the databases of 18 companies for free. Among the 386 million user records exposed, 1.3million were users from the US-based interior design website, Havenly. The leaked data included login names, full names, MD5 hashed passwords, email address and phone numbers, among others. BleepingComputer had reported the breach to Havenly […] | |||
|
2020-08-03 10:34:01 | Data Leak Reveals Higher Death Toll in Iran Than Initially Reported (lien direct) | An anonymous source has recently revealed to the BBC that the number of deaths in Iran from COVID-19 is actually triple that of Iran’s government claims. While the health ministry had reported 14,405 deaths, the records appear to show up to 42,000 deaths. The data leaked included details of daily admissions to hospitals across the […] | |||
|
2020-07-31 11:31:24 | EU imposes sanctions on North Korean, Chinese and Russian-backed cyberattackers (lien direct) | The European council announced today that it will impose “restrictive measures against six individuals and three entities responsible for or involved in various cyber-attacks. These include the attempted cyber-attack against the OPCW (Organisation for the Prohibition of Chemical Weapons) and those publicly known as ‘WannaCry’, ‘NotPetya’, and ‘Operation Cloud Hopper’.” The measures will include a travel ban and asset freeze, and constitute the very first sanctions […] | NotPetya Wannacry | ||
|
2020-07-31 11:22:44 | Blackbaud hack affects Labour party data (lien direct) | Hackers gained access to confidential information about thousands of Labour party donors, ITV reported today. This security compromise is the result of a wider cyber-attack directed at cloud computing provider Blackbaud, which affected over 125 institutions in the UK, including many universities. The compromise affected the fundraising and donor management software Raiser’s Edge, which is […] | Hack | ||
|
2020-07-31 11:06:29 | IRS urges users to use multi-factor authentication to protect accounts (lien direct) | The US International Revenue Service has urged tax professionals to select multifactor authentication options whenever possible in order to reduce the risk of exposing sensitive information. Amidst the Covid-19 crisis, the IRS stressed the importance of this security practice for those working remotely or social distancing. “Cybercriminals continue to find new ways to try accessing […] |
To see everything:
Our RSS (filtrered)
