What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-08-25 10:47:09 | Android Anguish (lien direct) | It is well known that convenience breeds attack vectors in tech, and this is all the more true when considering cheap hardware. Unfortunately, the consequences of cheap devices often comes at the expense of security. Pre-installed Triada and xhelper malware have so far carried out a total of 19.2 million suspicious transactions from over 200,000 […] | Malware | ||
|
2020-08-24 08:05:55 | FBI and CISA Issue Warning over Increase in Vishing Attacks (lien direct) | Last week, the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) issued a joint release cautioning the public of a rise in ‘vishing’ or voice phishing attacks on organisations. The release indicates that this tactic was employed more prevalently from mid-July, and is the result of a “mass shift to working […] | |||
|
2020-08-24 07:43:12 | New Ransomware Operation – DarkSide – On the Market (lien direct) | With attacks on organisations beginning earlier this month, DarkSide is the latest ransomware operation to emerge. Having announced themselves through a ‘press release’, as revealed in BleepingComputer, this ransomware has already garnered million-dollar payouts for their attacks. The threat actors have allegedly worked with other ransomware operations making millions of dollars. However, this new product […] | Ransomware Threat | ||
|
2020-08-24 07:24:58 | Darknet Empire Market Potentially Victim of DDoS Attack (lien direct) | For over 36 hours, the popular darknet market – Empire Market – has remained offline. This is according to a range of sources, not least the researcher and analyst Dark.fail who has been tweeting about this blackout. Moreover, this subject has been attracting significant attention in various online forums, including the Reddit threat r/darknet and […] | Threat | ★★★ | |
|
2020-08-21 13:36:02 | Ransomware hit University of Utah pays up (lien direct) | After suffering a ransomware attack the University of Utah has reportedly paid the ransom to hackers in an attempt to stop the criminals from exposing the encrypted student data. It is believed only 0.02% of data was taken from the servers and in a statement the university said: “After careful consideration, the university decided to […] | Ransomware | ||
|
2020-08-21 13:33:43 | Cybersecurity has become the fastest growing start-up sector in UK (lien direct) | Research has found that since the beginning of lockdown, there has been an increase of 940% in the amount funded for UK cybersecurity start-ups. Despite the Covid-19 pandemic, it is believed that £496m had been raised in the first half of 2020 – this eclipsed the total amount raised in 2019 which was £521m. Furthermore, […] | |||
|
2020-08-21 13:30:08 | (Déjà vu) Instacart customer data reportedly safe despite security incident caused by Third-party contractors (lien direct) | It has been reported that the sensitive data on almost 2000 Instacart shoppers may have been exposed to third-party contractors who were providing IT and Security support. Instacart released a press release which states the two employees “may have reviewed more shopper profiles than was necessary in their roles as support agents.” It is believed once […] | |||
|
2020-08-20 16:41:05 | Submit your nominations now for the Most inspiring Women in Cyber 2020 (lien direct) | Image: Commodore Grace M. Hopper On Thursday 8th October the 25 most inspiring women in cyber security in the UK for 2020 will be honoured in an online event designed to highlight their achievements and inspire the next generation of women active or considering a career in cyber security. You can nominate someone who inspires […] | |||
|
2020-08-19 12:52:05 | Report finds only 7% of analysed organisations have a good security culture (lien direct) | In the 2020 “Security Culture Report”, data was collected from 120,050 employees in 1,107 organisations across 24 countries. There was a total of 17 industry sectors examined in detail and results revealed a large gap between the best performers and the poor performers when it comes to security culture. Only 7% of the analysed organisations […] | |||
|
2020-08-18 11:18:22 | Pandemic Phishing Prevails (lien direct) | According to data obtained from a Freedom of Information inquiry conducted by the Lanop Accountancy Group, Her Majesty’s Revenue and Customs (HMRC) is investigating 10,428 email, SMS, social media, and phone scams exploiting the Covid-19 pandemic. The highest rate of phishing scams occurred shortly after many countries went into lockdown in May with 5,152 reports […] | |||
|
2020-08-18 10:49:16 | What it Means to Be a Cybersecurity Pathfinder (lien direct) | The field of cybersecurity can be a somewhat unforgiving working environment. Bad actors will quite literally stop at nothing to wreak havoc for their own personal gain, financial or otherwise. Unfortunately, no public holiday or even pandemic, offers a hiatus from their malicious pursuits. Security professionals are burdened with unrelenting pressure to protect their organisation; […] | |||
|
2020-08-18 10:08:38 | Cruise Control, Carnival Catastrophe (lien direct) | As if times weren’t hard enough for the travel industry, BleepingComputer revealed that the cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend. When it comes to passenger travel, data breaches and ransomware can be especially catastrophic. Biographical information, travel details and potentially passport […] | Ransomware | ||
|
2020-08-17 14:12:34 | Webinar: How to keep the UK secure as it reopens (lien direct) | At the time of writing, the UK is on the long, anxious road back to normality as we continue to come slowly out of the nation-wide lockdown facilitated by the Covid-10 pandemic. Where questions a few months ago were related to how we can flatten the curve, protect the NHS and the economy, now the […] | |||
|
2020-08-17 11:29:29 | A Level results: can we trust an algorithm? (lien direct) | At a time when students' lives in the UK have already been upended with the school year being cut short by a deadly pandemic, an added layer of chaos and controversy has erupted after officials decided to entrust establishing pupils' A-Level grades to a computer algorithm. In theory, the algorithm used to determine the grades […] | |||
|
2020-08-17 08:03:58 | Canadian Government Services Face Cyberattack (lien direct) | According to BleepingComputer, the Office of the Chief Information Office of Government of Canada has admitted that its online portal, GCKey, had fallen victim to a cyberattack. This portal allows the public to gain access to numerous government services, not least services for immigration, taxes, benefits. The attack was supposedly an attempt to steal COVID-19 […] | |||
|
2020-08-17 07:57:18 | Konica Minolta Victim of Ransomware Attack (lien direct) | At the end of July, Konica Minolta, the business technology giant, fell victim to a ransomware attack that interrupted its operations for close to a week, shares BleepingComputer. The multinational corporation made over $9 billion in revenue in 2019 and has nearly 44,000 employees, offering various services and products – including healthcare technology and printing […] | Ransomware | ||
|
2020-08-17 07:48:55 | Momentum Metropolitan Suffer from Cyberattack (lien direct) | The South African financial services group, Momentum Metropolitan, has suffered a cyberattack last Thursday, according to Business Insider. Data from one of its subsidiaries has now been accessed by hackers but, investigations suggest that client information has not been stolen. “Information accessed contains administrative and financial data that is not expected to prejudice any stakeholders […] | |||
|
2020-08-14 12:51:35 | (Déjà vu) Data breaches in the healthcare sector down by 10% in the first half of 2020 (lien direct) | CI Security has released today its healthcare data breach report, which analysed data from the US Department of Health and Human Services (HHS). The analysis found that healthcare breach reports in the first half of this year were down 10.4% compared to the second half of 2019, with the number of breached records falling by nearly […] | Data Breach | ||
|
2020-08-14 12:47:01 | BootHole vulnerability in Linux systems renders servers unbootable (lien direct) | It was reported this week by Naked Security that Linux systems are affected by a vulnerability that can render those Linux servers unbootable. BootHole leverages a vulnerability in both GRUB2 and Secure Boot, explains TechRepublic. To make BootHole a bit more daunting, it’s actually a really easy hack to pull off. The only thing blocking […] | Hack Vulnerability | ||
|
2020-08-14 11:25:41 | Researchers uncover critical flaw within Amazon Alexa which can lead to stolen voice history and data (lien direct) | Security researchers at Check Point have discovered the Amazon Alexa assistant can be hacked to make it hand over sensitive data including voice recordings due to flaws within the services subdomains. The researchers explained that these critical issues could occur because the services subdomains are prone to Cross-Origin Resource Sharing (CORS) misconfiguration and cross-site scripting […] | |||
|
2020-08-14 11:23:45 | Data from US Gun exchange exposed by hackers (lien direct) | Cybercriminals have infiltrated a Gun Exchange in Utah, US and released highly sensitive information on a cybercrime forum. It is estimated that records over 200,000 user records were stolen from a variety of linked sites which include 195,000 user records for the utahgunexchange.com, 45,000 records for their video site, 15,000 records from the hunting site […] | |||
|
2020-08-14 11:21:58 | Google attempting new URL displays to tackle phishing and other scams (lien direct) | Some Google Chrome users can expect a big change in how the browser displays URLs as the company tests out how domain names are seen in a bid to thwart online scams. The test is expected on Chrome 86 which is slated for release at the end of August. The experiment will involve some “randomly […] | |||
|
2020-08-14 11:20:00 | Unprotected AWS Server exposes over 350m passwords (lien direct) | Ethical hackers have discovered 350 million exposed email addresses on an unsecured server which were likely to have either been stolen or acquired back in October 2018. The find was made after the CyberNews threat researchers came across an unprotected depository (also known as a bucket) on an Amazon S3 server which is said […] | Threat | ||
|
2020-08-12 13:41:29 | Update your browser now! Chrome bug allows bypassing of CSP protection (lien direct) | If you haven’t recently updated your Chrome, Opera, or Edge web browser to the latest available version, it would be an excellent idea to do so as quickly as possible, The Hacker News advises. Cybersecurity researchers on Monday disclosed details about a zero-day flaw in Chromium-based web browsers for Windows, Mac and Android that could […] | |||
|
2020-08-12 13:38:51 | #SorryNotSorry: Seek apologises for leaking user details but won\'t report it as a notifiable data breach (lien direct) | Job search engine Seek confirmed while it suffered an “internal technical issue” on Monday, which resulted in the exposure of other candidate details when they were logged into their Seek Profiles, it does not view the incident as a notifiable data breach and will not be reporting it to the Office of Australian Information Commissioner […] | Data Breach | ||
|
2020-08-12 13:34:41 | (Déjà vu) Citrix\'s Xen Mobile Servers for ednpoint management affected by critical flaw (lien direct) | Citrix today released patches for multiple new security vulnerabilities affecting its Citrix Endpoint Management (CEM), also known as XenMobile, a product made for enterprises to help companies manage and secure their employees’ mobile devices remotely, The Hacker News reported. Citrix Endpoint Management offers businesses mobile device management (MDM) and mobile application management (MAM) capabilities. It […] | |||
|
2020-08-11 14:03:30 | Securing Emails in the Modern Age (lien direct) | In the age of modern connectivity, emails are the de facto mode of communication. Securing emails from cybercriminals is a difficult task, and many businesses are left scratching their heads when deciding how to keep corporate data and privileged information secure. Zix a provider of cloud email security, productivity and compliance solutions has announced the […] | |||
|
2020-08-11 10:55:51 | Welsh police breaking law with facial recognition technology (lien direct) | Attempts by UK law enforcement to use facial recognition technology in crime investigation and prevention have taken a blow today, with a civil liberties group and an individual based on Cardiff winning a legal challenge brought to South Wales Police regarding the use of the technology. The group involved was called Liberty, who were working […] | |||
|
2020-08-11 10:54:28 | Remote workers at increased risk from DDoS attacks (lien direct) | Kaspersky has shown that in Q2 of 2020, there has been a notable upswing in the volume of distributed denial of service DDoS attacks, which have tripled from Q2 of 2019. This is in response to the Covid19 remote working landscape, with less people on holiday than usual during the quarter, and more depending on […] | |||
|
2020-08-11 10:52:14 | Revamped agent Telsa targeting browser and VPN passwords (lien direct) | The notorious password stealing browser Agent Tesla is back. The trojan, used for remote access, now has the capability to steal passwords from web browsers as well as from VPNs. An active remote access trojan since 2014, Agent Tesla is a commercially available infostealer which also doubles as a keylogger. | |||
|
2020-08-10 08:05:39 | Security Advisory Used in Phishing Attack (lien direct) | According to BleepingComputer, bad actors are utilising fake security advisories to carry out phishing attacks on cPanel users. An administrative software typically installed on shared web hosting services, cPanel allows website owners to administer their site through a graphical user interface. However, last week, fake advisories were issued indicating “security concerns” that needed to be […] | |||
|
2020-08-10 07:37:33 | F5 BIG-IP Flaw Actively Exploited By Iranian Hackers, FBI Warns (lien direct) | In a Private Industry Notification (PIN) issued by the U.S domestic intelligence and security service, it was revealed that Iranian state-sponsored hackers are actively exploiting an F5 BIG-IP flaw. The flaw allows for unauthenticated remote code executions on devices used by Fortune 500 companies, government agencies and banks, shared BleepingComputer. The FBI have added further […] | |||
|
2020-08-10 07:28:03 | Reddit Accounts Hacked Spreading Pro-Trump Messages (lien direct) | On Friday, moderators of over 70 groups on Reddit Inc. were hacked. Messages in support of Donald Trump were then posted in both English and Mandarin, reaching millions of subscribers. Among the subreddits defaced were r/space, r/food. r/Japan, r/nfl, r/cfb and r/podcasts, all popular subreddits. According to SiliconAngle, while it is yet unknown how these […] | |||
|
2020-08-07 13:45:40 | Hospitals impacted after hackers target ventilator manufacture during Covid-19 (lien direct) | A notorious ransomware gang has been hitting a key manufacturer of coronavirus ventilators in the US. The DoppelPaymer gang have threatened Boyce Technologies with releasing valuable data if the ransom is not paid – as it stands, the ransom amount has not been disclosed. It's unfortunate to hear Boyce Technologies, an FDA-approved ventilator manufacturer, has had critical […] | Ransomware | ||
|
2020-08-07 13:37:21 | Intel data breach results in confidential info leaked (lien direct) | Intel, the U.S. based global chip provider is investigating a data breach after highly confidential and restricted information was leaked onto online sharing website, MEGA. The data was uploaded to MEGA by software engineer, Till Kottman after receiving the documents from an anonymous hacker who allegedly hacked Intel earlier this year. After analysis, the information has been […] | Data Breach | ||
|
2020-08-07 13:32:57 | Capital One hit with $80 million fine following 2019 data breach (lien direct) | It was announced yesterday that Capital One has been ordered by the Office of the Comptroller of the Currency (OCC) to pay an $80 million fine after the company suffered a massive data breach in 2019. It is estimated that the breach impacted more than 100 million Capital One customers, with names and addresses of individuals […] | Data Breach | ||
|
2020-08-06 15:38:34 | The rise of Community-Powered Threat Hunting (lien direct) | Next-Gen SIEM provider, Securonix has announced availability of its SearchMore functionality that helps operations teams better detect and respond to threats that bypass preventative and detection controls. The company states that “SearchMore delivers the industry's first Community-Powered Threat Hunting capability and provides the ability to search on real-time, streaming data, as well as long-term data.” […] | Threat | ||
|
2020-08-06 15:37:24 | Who are the new heads at NCSC and MI6? (lien direct) | Lindy Cameron, the first woman CEO of the National Cyber Security Centre – a public facing division of GCHQ and primary technical authority on cybersecurity – is replacing its first CEO, Ciaran Martin, when he steps down on 31 August. Cameron will then formally become CEO in October following a handover period. Cameron has excellent […] | |||
|
2020-08-06 10:19:16 | Maze ransomware strikes again at Canon (lien direct) | Optical and imaging giant Canon has been the latest business to be hit by the scourge of ransomware. The Maze strain of ransomware has brought operations to an effective standstill, hitting the Canon email servers as well as internal applications including their instant messaging services provided by Microsoft Teams. Additionally, the US website was also […] | Ransomware | ||
|
2020-08-06 10:17:55 | UK council takes £10 million hit in cyberattack recovery (lien direct) | A small rural council in the North of England has suffered a staggering financial hit in recovering from a cyberattack. Redcar and Cleveland in Yorkshire were forced to spend £10 million in order to recover from a cyberattack which took online public services offline for a week in February. Infrastructure and system recovery cost £2.4m, […] | |||
|
2020-08-06 10:14:28 | Google shuts down Chinese, Iranian and Russian influence campaigns ahead of US election (lien direct) | Ten influence campaigns emerging from hostile states such as China, Tunisia, Russia, and Iran have been discovered across Google platforms, and removed throughout Q2, Google's Threat Analysis Group have announced. The group is responsible within Google's security department for keeping track of high-end cybercriminal activity, which includes nation-state influence campaigns detected. Although the group is […] | Threat | ||
|
2020-08-05 12:46:46 | KnowBe4 Releases New Security Research Report “The Department of No” (lien direct) | KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, has released a new report that explores how and why the reputation of security departments have traditionally been perceived as “The Department of No.” This new report, authored by Javvad Malik, security awareness advocate at KnowBe4, explains how many security […] | |||
|
2020-08-05 11:08:58 | Serious bug found in official Facebook WordPress chat plugin allows attackers to intercept messages (lien direct) | On June 26, 2020, Wordfence’s threat intelligence team discovered a vulnerability in The Official Facebook Chat Plugin, a WordPress plugin installed on over 80,000 sites. This flaw made it possible for low-level authenticated attackers to connect their own Facebook Messenger account to any site running the vulnerable plugin and engage in chats with site visitors […] | Vulnerability Threat | ||
|
2020-08-05 11:00:56 | (Déjà vu) Nearly 300 Chrome extensions are loading malicious code (lien direct) | AdGuard has discovered 295 Chrome extensions that hijack and insert ads in Google and Bing search results. The extensions have been installed by more than 80 million users. In a technical analysis shared with ZDNet, AdGuard said all extensions loaded malicious code from the fly-analytics.com domain, and then proceeded to quietly inject ads inside Google […] | |||
|
2020-08-05 10:40:50 | US and Australian government warn of critical vulnerabilities in Cisco, Microsoft and IBM remote access and perimeter devices (lien direct) | Security firm RiskIQ has published a report highlighting several critical vulnerabilities in 12 widely used remote access and perimeter devices. The findings show that the rapidly increasing adoption of these devices amid the COVID-19 pandemic is expanding digital attack surfaces outside the corporate firewall at incredible speed-and introducing a range of critical, rapidly proliferating vulnerabilities. […] | |||
|
2020-08-04 15:02:20 | Dangerous flaws found in Cisco, Microsoft, Citrix and IBM Among Many Others (lien direct) | RiskIQ, released its Vulnerability Landscape report, a high-level view of critical vulnerabilities in twelve very widely used remote access and perimeter devices. The report shows that the rapidly increasing adoption of these devices throughout the COVID-19 pandemic is increasing digital attack surfaces outside the corporate firewall at incredible speed-and introducing a range of critical, rapidly […] | Vulnerability | ||
|
2020-08-04 14:36:30 | These 10 IoT devices pose the biggest risk to your organisation (lien direct) | By Richard Orange, Regional Director of UK&I at Forescout Connected devices continue to transform the way organisations operate in every industry. From healthcare and retail to manufacturing and financial services, Internet of Things (IoT) devices are omnipresent and positively impact the bottom line of many organisations. But an increase in connected devices also means an […] | |||
|
2020-08-04 14:10:36 | Tweet Chat Roundup with KnowBe4 (lien direct) | We are now more than halfway through the year, and what a crazy half it has been both in terms of the global pandemic but also when you consider the volatile climate the cybersecurity industry finds itself in. We wanted to find out what trends had been seen, how organisations should go about ensuring security is being kept as a priority, […] | |||
|
2020-08-04 14:08:34 | 70% of large businesses consider remote working a security hazards: The experts have their say (lien direct) | A survey conducted by AT&T found that 70% of large businesses think that their security posture is being damaged by remote working, leaving them more vulnerable to cyberattack- This is what the experts think. Remote working has made us all ask difficult questions of ourselves. While the initial kneejerk decisions to deploy a remote workforce […] | |||
|
2020-08-04 13:27:36 | It\'s Official: COVID-19 Creates a Larger Surface Area for Cyberattacks (lien direct) | Ever since it was declared a global pandemic, experts have warned that COVID-19 will put increased strain on security teams by creating more variables and attack surfaces. Now, according to VMware Carbon Black, it is official. Their most recent Global Incident Response Report, revealed that COVID-19 continues to create a larger surface area for cyberattacks. […] |
To see everything:
Our RSS (filtrered)
