What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-01-12 17:29:28 | Just What Does It Take to Develop a Career in the Cybersecurity Domain? (lien direct) | This is a reminder I get every day when I interact with people from the cybersecurity fraternity, most of whom say that they landed a career in cybersecurity purely by chance. I recently made a LinkedIn post asking people to share their stories about how they happened to become cybersecurity professionals. The responses that […] | |||
|
2021-01-12 16:54:02 | Findings of the Forrester Wave SAST 2021 Report (lien direct) | As a result of a demanding market, developers have often foregone security for speed with security teams typically tagged on at the very end of the development lifecycle. This, however, is an unsustainable, if not unacceptable stance, in today's environment. The future requires organisations to integrate security from the beginning when the application is built. […] | ★★ | ||
|
2021-01-12 12:32:07 | Potential Link between SolarWinds and Turla APT (lien direct) | Researchers at Kaspersky have recently discovered considerable similarities between the Sunburst and Kazuar backdoors. The similarities potentially link the Sunburst backdoors, used in the SolarWinds supply-chain attack, to a previously known Turla weapon. Kazuar, a malware written using the .NET framework, was first reported in 2017. These have been used in unison throughout various breaches […] | Malware Mobile | Solardwinds Solardwinds | |
|
2021-01-12 12:02:49 | Parler Hack: Platform\'s Role in U.S. Insurrection (lien direct) | After rioters stormed the U.S. Capitol last Wednesday, a hacker on Twitter archived the Trump supporters’ posts on Parler to piece together the role the platform played in the insurgency. The hacker, who goes by @donk_enby on Twitter, claims her goal was to store every post relating to the assault before Parler was taken down. According […] | |||
|
2021-01-12 10:51:09 | (Déjà vu) Instagram, Facebook and LinkedIn accounts exposed by Chinese Data-Scrapers (lien direct) | Around 318 million social media account records, from platforms such as Instagram, Facebook and LinkedIn have been leaked online after SocialArks experience a cloud misconfiguration. Over 400GB of private and public data from 214 million social-media profiles has been exposed, with details of celebrities and social media influencers from all over the world being leaked. […] | ★★★★ | ||
|
2021-01-12 10:39:06 | (Déjà vu) Bitdefender release free DarkSide ransomware decryptor (lien direct) | Bitdefender, a Romanian cybersecurity firm, has released a free DarkSide ransomware decryptor which allows victims to recover their stole files without the need to pay a ransom. DarkSide is a ransomware that has been targeting organisations since August 2020 and since then has received a number of payouts, with a spike in its usage between […] | Ransomware | ||
|
2021-01-11 15:29:16 | Creating a culture of cybersecurity and tech innovation (lien direct) | Cloud native technologies have the potential to truly change the way we access and secure applications, but the success of this relies on the people and processes in place to handle the roll out of these technologies. This requires appropriate leadership, and decision makers within an organisation who demonstrate robust cloud security leadership are more […] | Guideline | ||
|
2021-01-11 13:54:16 | Russian Hacker sentenced to 12-Years for International Hacking Campaign (lien direct) | 37-year-old Russian Hacker, Andrei Tyurin was sentenced to 12 years in prison for the theft of personal information from several financial institutions, brokerage firms, financial news publishers and other large American companies. Among these was J.P. Morgan, which, as a result, suffered one of the largest thefts of U.S. customer data. More than 80 million […] | |||
|
2021-01-11 12:55:17 | Data stolen from New Zealand\'s Central Bank following hack (lien direct) | New Zeland’s central bank, The Reserve Bank of New Zealand, has recently been hacked, with both personally and commercially sensitive information being stolen in the hack. News of the hack was first revealed on Sunday, and it has been reported that it was due to the breach of a third-party file sharing service which the […] | Hack | ||
|
2021-01-11 12:20:44 | Google\'s Titan security key can be cloned (lien direct) | Researchers at NinjaLab have discovered a vulnerability in Google’s Titan physical security key which means it can be cloned. The vulnerability leaves the key exposed to hackers who can gain access to users accounts without the key’s owner being aware. Physical two-factor authentication security keys, such as Titan, are known to be the strongest form […] | Vulnerability | ||
|
2021-01-11 11:50:54 | Parler suspended from Google\'s Play Store and dropped by Amazon (lien direct) | The “free speech” social networking app Parler has been suspended from Google’s Play Store after it failed to delete “egregious content”. The app has also dropped offline after losing support from Amazon Web Services (AWS). Parler states that they are an “unbiased” social media platform, and is popular among those who have been removed from […] | ★★ | ||
|
2021-01-08 13:29:51 | Trump\'s former cybersecurity chief hired by SolarWinds (lien direct) | SolarWinds, the technology company that recently experienced a significant cyber-attack has hired Chris Krebs to deal with the fallout from the hack. Chris Krebs was Trump’s former cybersecurity chief and has been hired by SolarWinds as an independent consultant. Krebs was head of the U.S. Cybersecurity Infrastructure and Security Agency (CISA), which alongside the FBI […] | ★★★ | ||
|
2021-01-08 13:02:56 | Aurora Cannabis files sold on the dark web (lien direct) | A hacker is currently selling Aurora Cannabis files, which were stored during a breach on Christmas day. Aurora Cannabis is a large Canadian cannabis production company, who operate a number of medical and consumer cannabis brands, such as CanniMed, San Rafael, Woodstock, MedRelease and Whistler Medical Marijuana Corp. The hacker who is selling the stolen […] | |||
|
2021-01-07 16:26:09 | Hackney Council documents stolen in ransomware attack (lien direct) | Following a cyberattack in October, it appears that personal details of Hackney Council residents and staff members have been published on the dark web. The data posted online was “limited and “not visible through search engines” according to experts. Officials are continuing to work with the UK National Cyber Security Centre and National Crime Agency […] | Ransomware | ||
|
2021-01-07 16:16:08 | JetBrains deny SolarWinds involvement (lien direct) | The software development firm JetBrains has published a statement denying allegations from publications such as the Wall Street Journal and the New York Times which claimed that JetBrains were under investigation for their possible involvement in the SolarWinds hack. The report which cited government sources stated that US officials are investigating a situation in which […] | |||
|
2021-01-07 12:45:29 | British Airways to pay £3bn in breach settlement (lien direct) | British Airways customers were affected by two data breaches in 2018. Around 185,000 reward-booking customers were informed that their personal and financial information had been compromised between April and July 2019, while 380,000 app-based customers and website users had their details exposed in August and September 2018. As compensation for the breach, British Airways has […] | ★★ | ||
|
2021-01-07 11:07:01 | Service NSW government app down after outage (lien direct) | On Thursday the New South Wales government’s COVID-19 QR check-in app, Service NSW, was down for two hours after an outage. This left NSW residents unable to check in to local businesses using the app. The app is mandatory for businesses offering hospitality services. If they do not use the Service NSW app then they […] | |||
|
2021-01-06 12:54:47 | Google CAPTCHA broken by speech-to-text AI (lien direct) | CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart, and it is used to stop bots signing in or registering for accounts, as only humans can solve the tests. However, new AI is being developed to allow computers to correctly complete CAPTCHAs, as the AI is now able to complete […] | |||
|
2021-01-06 12:51:18 | Tokyo Olympics train ethical hackers to protect against cyber-attacks (lien direct) | Tokyo 2020 Olympic and Paralympic Games have trained a number of cybersecurity professionals in order to defend against potential cyber-attacks. It has been reported that 220 ethical hackers were trained by a programme led by the National Institute of Information and Communications Technology, with most of the experts coming from Japanese telecommunication companies. As part […] | |||
|
2021-01-06 12:47:40 | New phishing scam impersonates government officials (lien direct) | On Tuesday the police released a warning to members of the public of a new phishing scam where government officials are being impersonated. The scams have been ongoing since December 2020, with victims reporting that they have received text messages and phone calls claiming to be government agencies. These messages would alert the recipient that […] | |||
|
2021-01-06 12:44:19 | Russia possibly behind government agency hacks (lien direct) | On Tuesday the office of the U.S. Director of National Intelligence said that it is “likely” that Russias are behind a number of hacks that took place last month where hackers gained access to federal agencies. The office, as well as the National Security Agency, Cybersecurity and Infrastructure Security Agency, and FBI, shared in a […] | |||
|
2021-01-04 16:16:41 | Putting security first – a case study (lien direct) | NHS Management provides administrative and consulting services for over 50 individual healthcare facilities and companies across four states in the US southeast region. Naturally, quality of care is the number one priority, as is protecting patient data in such a highly regulated environment and no compromises between the two can be made. Stephen Locke, CIO […] | ★★★★★ | ||
|
2021-01-04 12:38:00 | Ticketmaster fined $10m for hacking their competitor (lien direct) | Ticketmaster has just received a $10 million fine after one of their staff admitted to hacking into their competitor’s systems in order to affect their presale ticket business. It has been reported that a Ticketmaster employee repeatedly infiltrated their competitor’s computers in order to restrict their presale ticket business. It appears that a former employee […] | |||
|
2021-01-04 12:25:19 | (Déjà vu) Hacker sells 368.8 million stolen user records on the dark web (lien direct) | A data breach broker has stolen the user records from twenty-six companies and is selling them on a hacker forum. Last Friday the hacker began to sell the 368.8 million stolen records on a hacker forum, with prices ranging from $1,800 to $4,000 depending on the company that the data was stolen from. Eight of […] | Data Breach | ||
|
2021-01-04 12:15:08 | Customers\' call records access in T-Mobile breach (lien direct) | In December T-Mobile suffered a security breach which could have possibly exposed customers’ phone numbers and call-related information. Fortunately, T-Mobile confirmed that only 0.2 per cent of their users were affected and that the information exposed in the breach did not include customers’ names, financial data, credit card information, tax IDs, PINs, addresses or Social […] | |||
|
2020-12-24 10:18:19 | (Déjà vu) Millions stolen from online bank accounts following large-scale fraud operation (lien direct) | RESEARCHERS FROM IBM Trusteer say they've uncovered a massive fraud operation that used a network of mobile device emulators to drain millions of dollars from online bank accounts in a matter of days, reported WIRED. The scale of the operation was unlike anything the researchers have seen before. In one case, crooks used about 20 […] | |||
|
2020-12-23 16:13:26 | A discount isn\'t just for Christmas – why data can hold the key to relationships that go beyond the festive season (lien direct) | The COVID-19 pandemic has accelerated years of change in just eight months, particularly in the way companies across the globe conduct business. Specifically, it has driven an unprecedented number of people online, to shop and perform numerous transactions which they can no longer do in person – and companies and industries, including retail, have responded […] | ★★★ | ||
|
2020-12-23 16:08:17 | The IT skills gap: flexible resourcing is the solution (lien direct) | The pandemic's effect on our relationship with technology is a profound one. Lockdown ushered in a sudden and wide-spread adoption of remote working, and the uncertainty brought with it a slew of opportunist cybercriminals. The result of this rapid rate of change highlighted that the UK's already glaring tech skills gap has been stretched to […] | |||
|
2020-12-18 18:29:58 | Why 2020 will be a bumper Christmas for cybercriminals – and what retailers can do about it (lien direct) | It may have had a negative impact on the UK economy, but COVID-19 doesn't appear to have dampened enthusiasm for Christmas shopping. More than 70 percent of consumers intend to spend at least as much on presents this year as they have in the past. But, while this may be good news for embattled retailers, […] | |||
|
2020-12-18 16:19:33 | The ambition for a \'made in Europe\' AI: the Why, the What and the How (lien direct) | The global race for Artificial Intelligence (AI) is on. The European Commission (EC) has developed an ambitious AI strategy and its implementation will require member states to join forces. Yet in the face of a pandemic, fractures among states have appeared to only be widening. What is at stake for Europe and how could it […] | |||
|
2020-12-18 16:19:29 | Bracing for the shopping surge: retailers ramp up security measures for 2020 holiday season (lien direct) | Tripwire, Inc., announced on Tuesday the results of a new research report that assessed retail cybersecurity programs in 2020. Conducted for Tripwire by Dimensional Research last month, the survey evaluated the opinions of 203 security professionals working in the retail industry. According to the survey, 78% of retail businesses have taken additional IT security precautions […] | |||
|
2020-12-18 16:16:52 | Channel updates: One Identity extends channel momentum as demand for identity-centric security accelerates (lien direct) | One Identity today announced the sustained momentum of its One Identity Partner Circle program, highlighting the importance of the identity-centric security market. The global program saw a 15% increase in year-over-year channel sales, with 67% of its global company sales and 81% of EMEA sales being linked to channel partners. A recent global One Identity […] | |||
|
2020-12-18 16:14:18 | Cyber Events that Rocked 2020 (lien direct) | To lean on the cliché, these unprecedented times have brought about significant challenges for everyone. Practically every organisation, person and industry has been forced to make unexpected changes and significant sacrifices in a variety of different forms. The rush to equip organisations and employees with the tools needed to work from home has greatly exacerbated […] | |||
|
2020-12-18 12:58:39 | US nuclear agency hit by cyberattack (lien direct) | The US Department of Energy, who is responsible for managing nuclear weapons, have been victim to a hacking campaign, thought to be executed by Russian hackers. A spokesperson for the department has confirmed that they are responding to the breach, and they have also said the security of the nuclear weapons are unaffected. “At this […] | |||
|
2020-12-18 12:52:31 | Fake Cyberpunk 2077 game installs malware (lien direct) | Cybercriminals have been distributing fake Android and Windows installers for Cyberpunk 2077 which installs ransomware called CoderWare onto devices. Malicious actors are distributing the game through installers, cracks for copyrighted software, and cheats. A Kaspersky analyst discovered the Android ransomware which was disguised as a mobile version of Cyberpunk 2077. The game was being distributed […] | Ransomware Malware | ||
|
2020-12-18 11:17:28 | COVID-19 vaccines for sale on the dark web (lien direct) | Coronavirus vaccines have been found for sale on the internet just days are the shot was first approved. One of the vaccines for offer was discovered by the cybersecurity company Check Point Software. The vaccines were priced at $250 with the vendor promising for fast and stealth-like delivers with double packaging and a courier delivery […] | |||
|
2020-12-18 11:04:55 | Microsoft identified over 40 SolarWinds hack victims (lien direct) | Microsoft has said that they have identified over 40 customers who were affected by the SolarWinds hack. These customers were affected as they installed trojanized versions of the SolarWinds Orion platform. Microsoft used their Microsoft Defender antivirus product, a built-in antivirus product for all Windows devices, to disorder the intrusions on their clients’ devices. Brad Smith, […] | Hack | ||
|
2020-12-17 13:24:22 | Egregor and Ryuk ransomware leverages SystemBC backdoor (lien direct) | Research has revealed that in recent months hundreds of attempts of SystemBC deployments have been made globally by the ransomware groups Egregor and Ryku. Commodity malware backdoor SystemBC is now able to automate a range of key activities, while also being able to use the anonymizing platform, Tor. These new evolutions in SystemBC will make […] | Ransomware Malware | ||
|
2020-12-17 13:15:28 | DoppelPaymer ransomware gang is harassing victims who don\'t pay (lien direct) | The US Federal Bureau of Investigations (FBI) reports that they are aware of a number of incidents in which the DoppelPaymer ransomware gang has begun to cold-calling victims who have not paid their ransoms, in order to intimidate them into paying the demands. The FBI has said in a PIN (private industry notification) alert that […] | Ransomware | ||
|
2020-12-17 13:07:58 | SolarWinds\' codebase hacked to inject backdoor (lien direct) | Although the investigation as to how SolarWinds’ was compromised by hackers and how these hackers poisoned the company’s software updates is still ongoing, new evidence reveals that it could have possibly been a meticulously planned, sophisticated supply chain attack. Today ReversingLabs published a report which revealed that the actors who attacked SolarWinds’ most likely do […] | |||
|
2020-12-17 11:41:41 | Business are tracking customers and not telling them (lien direct) | Although most companies claim that they have well-defined consumer data protection and privacy policies, research has found that three in five US and Canadian companies fail to inform customers that they allow third-party services to use tracking codes on their websites. Zoho, an Austin based productivity app surveyed 1,416 individuals across Canada and the United […] | |||
|
2020-12-16 18:14:12 | One Identity Research Highlights Barriers to Adoption of Zero Trust Framework (lien direct) | One Identity has found in its global survey that 37 percent of IT professionals rated rapid changes in their Active Directory (AD)/Azure Active Directory (AAD) environment as the key impact of COVID-19 on their organisation's identity management team. The company posits that given the unique challenges of the sudden shift to remote work amidst COVID-19, […] | |||
|
2020-12-16 17:56:16 | The top 5 known vulnerabilities that are a threat to your security posture (lien direct) | Every year, fullstack vulnerability management provider Edgescan releases its Vulnerability Statistics Report, which highlights the highest impact vulnerabilities still out there in the wild. As a teaser to their 2021 report, their team has compiled a useful list of the top 5 known, unpatched vulnerabilities leveraged by cybercriminals in order launch attacks on unsuspecting organisations. […] | Vulnerability Threat | ||
|
2020-12-16 13:38:49 | Organisations May Fail to Prepare Employees for Cybersecurity Threats (lien direct) | A recent survey conducted on behalf of KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, has found that of a thousand recently furloughed employees, 41% admitted that their company had never offered them a security awareness training course, while 14% have gone as far as to say that their […] | ★★★★ | ||
|
2020-12-16 12:45:46 | Gmail suffers two outages in one day (lien direct) | Gmail has suffered two outages in 24 hours, as users have been unable to send emails to other Gmail users, while others have experienced unexpected behaviour. However, users are still able to access their Gmail accounts. When Gmail users send an email to another Gmail address they will immediately receive a delivery failure message which […] | |||
|
2020-12-16 12:35:46 | Goontact spyware targets Android and iOS users (lien direct) | Security researchers at Lookout have discovered a new strain of malware called Goontact which has surveillance and spying capabilities. The Goontact spyware is currently available on Android and iOS, with the ability to collect data from infected victims. This data includes photos, SMS messages, location information, phone identifiers and contacts. Lookout has reported that the […] | Malware | ||
|
2020-12-16 11:57:19 | Face verification and multi-user SMS added to SingPass\'s 2FA (lien direct) | Users of SingPass, an account used in Singapore to access e-government services, can now use face verification as a two-factor authentication (2FA) method. They are also able to access their accounts using multi-user SMS one-time passwords (OTP) linked to another SingPass user’s mobile number. This option has been added to the platform in order to […] | |||
|
2020-12-15 16:59:21 | SASE: A beginner\'s guide (lien direct) | In what now seems like a lifetime ago, in late summer 2019 Gartner first coined the phrase Secure Access Service Edge. Since then, “SASE”, as it is now more commonly referred, has generated the kind of hype the industry hasn't witnessed since SD-WAN first emerged around 2014. The promise was simple enough: enable enterprises to […] | |||
|
2020-12-15 11:53:50 | Rumour has it that WhatsApp data can be hacked by spyware, but they deny these allegations (lien direct) | On Monday WhatsApp denied allegations in the U.S Supreme Court that it’s encrypted data can be hacked by Pegasus, an Israeli spyware. These allegations led to controversy in 2019, as it was thought that WhatsApp experienced a privacy breach after there were global claims by Indian journalists and human rights activists that they had been […] | |||
|
2020-12-15 11:48:52 | Over 45 Million Medical Images available online (lien direct) | CybelAngel, a world leader in digital risk protection, discovered over 45 million medical imaging files – such as CT scans and X-rays– which were accessible online on unprotected servers. These findings were released in CybelAngels’s report “Full Body Exposure”, which is the result of a six-month research investigation into Digital Imaging and Communications in Medicine […] | Guideline |
To see everything:
Our RSS (filtrered)
