What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-04-07 11:56:03 | Cyber Experts Oon Breaking MailChimp Crypto Phishing Scam! (lien direct) | Hackers are causing havoc again, by breaching MailChimp email marketing firm to launch crypto-based phishing scams. As email (BEC) has always been the main vector for phishing, this is a major cause for serious concern. | |||
|
2022-04-07 11:50:44 | Brokenwire Hack Could Let Remote Attackers Disrupt Charging For Electric Vehicles (lien direct) | Following the news that – Brokenwire Hack Could Let Remote Attackers Disrupt Charging for Electric Vehicles (thehackernews.com), Information Security experts reacted below. | Hack | ||
|
2022-04-07 11:44:40 | Privacy And Security Concerns Dominate As Workers Return To The Office (lien direct) | The changing attitudes of UK workers returning to the office after two years of home working during the pandemic should prompt a rethink of how offices are designed, with a special focus on privacy for individuals at work. That's according to the latest research from eFax, the cloud-based fax solution for businesses, which found that […] | |||
|
2022-04-07 11:34:17 | The Works Closes Stores Following Cyber Attack (lien direct) | Following the news that The Works has closed stores after suffering a cyber attack – The Works hit by cyber attack: Retailer forced to close stores after hackers use ransomware | Daily Mail Online – Information security expert reacted below. | Ransomware | ||
|
2022-04-07 11:03:10 | Block Cash App 8.2 Million Customers\' Data Breached – Experts Reactions (lien direct) | Cybersecurity experts commented on the news of the Cash App data breach. | |||
|
2022-04-07 10:53:03 | Largest Darknet Market Shutdown By US And German Authorities As Crackdown Continues (lien direct) | US and German officials have seized what they have described as the world's largest and most prominent darknet market, according to Bloomberg. The Hydra Market, a darknet market that traffics illicit goods and services, was shut down, with wallets containing $25 million worth of Bitcoin confiscated by German police. Charges were brought to 30-year-old Dmitry […] | |||
|
2022-04-07 10:48:02 | Identity Management Day is 4/12 – Cyber Evangelist/Expert Insights (lien direct) | The second official Identity Management Day happens to be during the most intense cybersecurity situations and tensions we’ve seen in history. From the increased cyber threat warnings to Biden’s cry for cybersecurity help — and cyber budget increases — Identity Management Day on April 12 shines light on the importance of identity and access management (IAM) programs. | Threat | ||
|
2022-04-05 10:20:18 | Nordex Cyber Incident Shuts IT Systems (lien direct) | Nordex, he world’s largest wind turbine manufacturers, says that on 31 March 2022 Nordex Group IT security detected that it is subject to a cyber security incident. When hitting companies integral to CNI, this becomes of huge concern. | ★★★★ | ||
|
2022-04-05 10:16:04 | Fraudulent Crypto Exchange Thodex Faces 40,000-Year Sentences (lien direct) | The Turkish crypto exchange Thodex – which is expected to be fraudulent and has scammed millions of dollars from investors – is being chased by prosecutors and are expected to face sentences of over 40,000 years if caught. This is particularly worrying as crypto fraud is soaring, with an increase of 64% in 2020, as […] | ★★ | ||
|
2022-04-05 09:54:00 | Cyber Security Experts Insight On BORAT RAT (lien direct) | Cyber Security Experts provide an insight on new RAT, which appeared on darknet markets, includes features such as DDoS attacks, UAC bypass, ransomware deployments and much more, making Borat essentially a RAT, spyware and ransomware. The malware lets its operators choose their compilation options to create small payloads that feature precisely what they need for highly […] | Ransomware Malware | ||
|
2022-04-05 09:41:38 | Russian Software Security And The Risk You Run (lien direct) | The National Cyber Security Centre (NCSC, a part of GCHQ) has warned UK organisations and consumers to consider the risk of using Russian technologies amid the ongoing war in Ukraine, and the change in attitude of the Russian Leadership toward the West. The NCSC went on to add comment that Russian firms may be compelled […] | Guideline | ||
|
2022-04-01 11:04:50 | Experts Insight On Spring4Shell Vulnerability (lien direct) | Following the news that a new zero-day vulnerability in the Spring Core Java framework called ‘Spring4Shell’ has been publicly disclosed, please see below comments from security experts. | Vulnerability | ||
|
2022-04-01 10:54:24 | Security Experts On PCI DSS 4.0 Released (lien direct) | Following the news that – The PCI Council has released the latest update to the PCI Data Security Standard today (March 31). https://www.pcisecuritystandards.org/about_us/press_releases/pr_03312022 | |||
|
2022-04-01 10:35:15 | Apple And Meta Shared Data With Hackers – Experts Reactioins (lien direct) | It's reported that Apple and Meta handed over user data to hackers who faked emergency data request orders typically sent by law enforcement, according to Bloomberg. Fake emergency data requests are becoming increasingly common, as explained in a recent report from Krebs on Security. | |||
|
2022-04-01 07:55:58 | New UK Study Shows Just 1/3rd Of Orgs Use MFA Auth, Practice Cyber Compliance (lien direct) | A new study finds that only one third of businesses require MFA access, have separate staff /guest WI-FI or use VPNs for remote workers. The UK government released their Cyber Security Breaches Survey 2022 this week reporting that only around third of organizations follow any of these practices, with the percentage being only slightly higher […] | |||
|
2022-03-30 14:23:49 | Ronin Network Cryptocurrency Hack, Experts Commentary (lien direct) | More than $600 million in cryptocurrency has been stolen from the gaming-focused Ronin Network in what may be the largest crypto hack ever. It’s been reported that 173,600 in Ethereum cryptocurrency (worth $594.6 million) and $25.5 million in U.S. dollars were taken, resulting in a total loss of $625 million. | Hack | ||
|
2022-03-30 14:17:20 | Attack On Popular Video Game Axie Infinity Where Hackers Swiped $625 Million In Cryptocurrency (lien direct) | This morning we saw that there was an attack on popular video game Axie Infinity where hackers swiped $625 million in cryptocurrency, marking one of the largest crypto thefts to date amid rising rates of such crime. | |||
|
2022-03-30 13:54:58 | Shutterfly Discloses Data Breach After Conti Ransomware Attack (lien direct) | Online retail and photography manufacturing platform Shutterfly has disclosed a data breach that exposed employee information after threat actors stole data during a Conti ransomware attack. Shutterfly offers photography-related services to consumers, the enterprise, and education through various brands, including Shutterfly.com, BorrowLenses, GrooveBook, Snapfish, and Lifetouch. Today, Shutterfly disclosed that its network was breached on December […] | Ransomware Data Breach Threat | ||
|
2022-03-29 14:23:50 | Data of 820,000 NYC Students Compromised In Hack Of Online Grading System (lien direct) | In response to reports that the personal data of around 820,000 current and former New York City public school students was compromised in the hack of a widely-used online grading and attendance system earlier this year according to the US Dept. of Education, cyber security experts reacted below. | Hack | ||
|
2022-03-29 13:41:18 | IcedID Targets Msoft Exchange Hijacking Campaign (lien direct) | Researchers at Intezer has reported a new hijacking campaign that targets Microsoft Exchange with the IcedID modular banking trojan. Researchers with Intezer described the new campaign, which initiates with a phishing email, as a further evolution of the threat actors' technique. The researchers have seen this technique used to target organizations within energy, healthcare, law […] | Threat | ||
|
2022-03-29 13:36:17 | 2 New Security Incidents Happening Now (lien direct) | Google Chrome Zero-Day Attack Google Chrome experienced a zero-day attack (a zero-day attack is when a threat actor exploits a vulnerability before software developers are aware and can find a fix). The attack was reported to Google by an anonymous security researcher, and Google acknowledges that it is actively exploited in the wild. Google released […] | Vulnerability Threat | ||
|
2022-03-29 13:31:02 | How To Avoid Investment Scams On Social Media, As 25% Of UK Victims Are Youths Online (lien direct) | Online fraud now accounts for 40% of all crime in the UK as recorded by the Crime Survey of England and Wales, with online fraud and cyber crimes responsible for nearly £2bn in losses in 2021. According to the latest ONS report, investment fraud victims lost the most money last year, with investment fraud showing […] | |||
|
2022-03-29 13:22:30 | White Increase Cybersecurity Budget (lien direct) | The White House released its budget today for the fiscal year 2023, which includes up to $5.8 trillion to bolster cybersecurity defences for federal departments. The Biden administration said it “reprioritized cybersecurity by strengthening resilience at home and accelerating cooperation with allies and the private sector.” This move, the administration says, will further strengthen military […] | |||
|
2022-03-28 10:24:26 | Improving Signal To Noise Ratio In Business Intelligence (lien direct) | Business intelligence is a catch-all word. If you were to ask a CEO whether they value business intelligence, they would likely say “yes”. Once you start digging deeper into what it is, however, you often find confusion or platitudes that seem to say everything and nothing all at once. Yet, the concept remains integral to […] | |||
|
2022-03-28 10:12:04 | UK Ransomware Attacks Double In Past Year, Expert Insight (lien direct) | According to the latest data from international law firm RPC, ransomware attacks have more than doubled in the past year, driven by their increasing profitability for scammers. The number of attacks reported to the Information Commissioner's Office has increased 100 per cent from 326 in 2020 to 654 in 2021. The findings revealed that the […] | Ransomware | ||
|
2022-03-28 10:09:15 | UK Ransomware Doubles: \'Cyber Criminals Have Gone Into Stealth Mode\' (lien direct) | In light of new data revealing UK ransomware attacks have doubled in the past year, Industry leaders reacted below. | Ransomware Guideline | ||
|
2022-03-28 09:55:36 | The All-too-real Achilles Heel Of IT (lien direct) | Recent weeks have seen a surge in calls for cybersecurity resilience. UK organisations are now being urged by the NCSC to “bolster their defences”. And they're not alone. In today's digital-first ecosystem, it is critical that companies can operate – or at least remain active – 24/7. We saw these challenges at the onset of […] | |||
|
2022-03-28 09:52:31 | Honda Bug Lets A Hacker Unlock And Start Your Car via Replay Attack (lien direct) | It has been reported that researchers have disclosed a ‘replay attack’ vulnerability affecting select Honda and Acura car models, that allows a nearby hacker to unlock your car and even start its engine from a short distance. The attack consists of a threat actor capturing the RF signals sent from your key fob to the car and resending […] | Vulnerability Threat | ||
|
2022-03-28 09:40:41 | CISA Alert – ICS Best Practices Against Known Russian Cyber Actors (lien direct) | CISA, FBI and the DOE released a joint Cybersecurity Advisory (CSA) detailing state-sponsored Russian cyber actors from 2011 to 2018 that targeted U.S. and international Energy Sector organizations. The CSA highlights historical tactics, techniques, and procedures as well as mitigations Energy Sector organizations can take to protect their networks. They recommend a set of ICS […] | |||
|
2022-03-28 09:32:11 | URL Rendering Trick Enabled WhatsApp, Signal, iMessage Phishing (lien direct) | A set of flaws affecting the world’s leading messaging and email platforms, including Instagram, iMessage, WhatsApp, Signal, and Facebook Messenger, has allowed threat actors to create legitimate-looking phishing URLs for the past three years. | Threat Guideline | ||
|
2022-03-23 10:08:25 | FBI – Hackers Scanned 5 US Energy Firms, Expert Reaction. (lien direct) | According to an FBI memo obtained by CBS News and CNN Tuesday, hackers “believed to be associated with cyber actors who previously conducted destructive cyber activity against foreign critical infrastructure” have been scanning the networks of five US energy companies in a possible prelude to hacking attempts. The memo stated, “This scanning activity has increased […] | |||
|
2022-03-23 10:01:42 | Lapsus$ Ransomware Continues Its Attack: OKTA Is Its Latest Victim – Synopsys (lien direct) | According to official statement from Okta, the authentication services company is investigating a breach to their systems, after the ransomware group, Lapsus$ published a message in their official Telegram group, claiming they have breached the company but “didn't steal/access any Okta database”. The target of the attack, according to the group, wasn't Okta but its […] | Ransomware | ||
|
2022-03-21 13:14:06 | EXPERT COMMENT: As British Army Bans WhatsApp Over Russia Fears, A Secure Comms Revolution Is Critical (lien direct) | The British Army and senior government ministers have outright banned WhatsApp use over fears that Russia is hacking the messaging platform to acquire sensitive information. Secure alternatives are needed, fast. Please find expert comment below from Matthew Hodgson, CEO at Element, a secure, decentralised messaging app, favoured by governments and secret services worldwide. The app […] | |||
|
2022-03-21 10:04:22 | Thew POWER Of OSINT (Open-Source Intelligence) (lien direct) | What has become so obvious during the sad events unfolding in Ukraine is the power of OSINT, discovering the facts through available multiple sources of verifiable intelligence – ranging from social-media titbits, images, news items, and other sources of intelligence born out of Flight Tracking applications, through to MetaData, and EXIF data extracts. For example, […] | ★★★ | ||
|
2022-03-18 17:13:28 | (Déjà vu) Mobile App Data Found Exposing API\'s & Data In 1,000\'s Of Cloud Databases (lien direct) | Check Point Research found thousands of Firebase cloud databases that exposed chat messages in gaming apps, personal photos, token IDs in healthcare apps and data from cryptocurrency platforms. One app discovered was from a large Dept Store in South America application (10+ Million Downloads) that had mistakenly exposed its API gateway credentials and API keys. […] | |||
|
2022-03-18 16:54:34 | CISA Adds 15 Known Exploited Vulnerabilities, Expert Weighs In (lien direct) | The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added fifteen additional flaws to its list of actively exploited vulnerabilities known to be used in cyberattacks. CISA is giving federal agencies a deadline of April 5, 2022, to apply the available security updates … Description […] | |||
|
2022-03-17 14:43:53 | New Linux Botnet Exploding Log4J, DNS Tunnelling Used To Conceal Comms Traffic (lien direct) | A new Linux botnet, named B1txor20 was found exploiting Log4J, targeting Linux systems and infecting dozens of vendors who are using the vulnerable Apache Log4j logging library. The botnet uses the exploit to steal sensitive information, install rootkits, create reverse shells and act as web traffic proxies. What makes this bot unique is that it […] | |||
|
2022-03-17 14:40:44 | Expert Insight On New Features Released By Instagram To Protect Young Users (lien direct) | According to TechCrunch, Instagram has announced the release of new safety tools for parents to use to protect young users. A new centralised hub, called the “Family Centre” has been introduced by Meta, providing parents with new supervision and safety features, giving parents transparency into their children's Instagram usage habits. Parents can monitor time spent […] | |||
|
2022-03-17 14:36:35 | Cequence Security Report Reveals Top 3 API Attack Trends, Expert Weighs In (lien direct) | Cequence Security, the industry leader in API security, today released its “API Security Threat Report: Bots and Automated Attacks Explode,” revealing that both developers and attackers have made the shift to APIs. Of the 21.1 billion transactions analyzed by Cequence Security in the last half of 2021, 14 billion (70 percent) were API transactions. Three […] | Threat Guideline | ||
|
2022-03-17 14:31:22 | FTC Fines CafePress After Data Breach – Expert Reaction (lien direct) | The U.S. Federal Trade Commission (FTC) wants to slap the former owner of the CafePress custom t-shirt and merchandise site with a $500,000 fine for failing to secure its users’ data and attempting to cover up a significant data breach impacting millions. As the consumer protection watchdog explained, CafePress’ former owner, Residual Pumpkin Entity, stored […] | Data Breach | ||
|
2022-03-17 14:28:16 | CSO Says “New LokiLocker Ransomware Is An Identity Problem” (lien direct) | A new LokiLocker ransomware family has been spotted with a built-in wiper that targets English-speaking victims, capable of erasing all non-system files from infected Windows PCs. This proves ransomware is not just a malware problem. | Ransomware | ||
|
2022-03-16 13:01:52 | Expert Comment: Facebook Fined $18.6M Over String Of 2018 Breaches Of EU\'s GDPR (lien direct) | Facebook's parent company, Meta, has been fined €17 million (~$18.6 million) by the Irish Data Protection Commission (DPC) over a string of historical data breaches. | |||
|
2022-03-16 12:47:30 | Report: Payment Fraud Attacks Against Fintech Companies Soar By 70% In 2021 (lien direct) | Sift's Q1 Digital Trust & Safety Index reveals rising fraud across fintech, company releases Trust Intelligence Center for Trust and Safety Professionals Sift, the leader in Digital Trust & Safety, today released its Q1 2022 Digital Trust & Safety Index, detailing the increasingly sophisticated-and often automated-tactics cybercriminals leverage to commit payment fraud. Derived from Sift's […] | Guideline | ||
|
2022-03-16 12:15:16 | Telco Co-ordination Required For Newly Implemented Three-factor Authentication To Occur Without Disruption (lien direct) | In a bid to protect UK businesses and consumers from fraud, UK shoppers will now face more identity checks when spending online. Placed in action from yesterday, consumers will have to authenticate their purchase with three factors: something you know (e.g. PIN), something you are (e.g. biometrics) and something you have (e.g. mobile device). | |||
|
2022-03-16 11:56:28 | Israel Government Hit By Cyber Attack (lien direct) | Industry leaders reacted below on the news that Israel says its government websites were hit by cyber attack. | Guideline | ||
|
2022-03-16 11:52:08 | QNAP Warns Severe Linux Bug Affects Most Of Its NAS Devices (lien direct) | In Local Privilege Escalation Vulnerability in Linux (Dirty Pipe), Taiwanese hardware vendor QNAP is reporting that most of its (NAS) devices are vulnerable to a high severity Linux vulnerability which allows local access users to gain root privileges. Excerpts: A local privilege escalation vulnerability, also known as “dirty pipe”, has been reported to affect the […] | Vulnerability | ||
|
2022-03-15 11:51:30 | 60% Of Mid-sized Indian Firms Faced 2021 Data Breach, Expert Reaction (lien direct) | The Tribune (India) is reporting Over 60% of mid-sized Indian firms faced data breach in 2021. According to a survey released today by Cyber Security firm Sophos, over 60% of mid-sized businesses reported experiencing a data breach in 2021. Nineteen percent of companies discovered the attack within two weeks, but for fully 22 per cent, […] | Data Breach | ||
|
2022-03-15 11:44:49 | South Denver Cardiology Associates Discloses Data Breach Affecting 287,000 Patients (lien direct) | In response to reports that South Denver Cardiology Associates has recently announced it was the victim of a cyberattack in January 2022 in which files containing patient information were accessed, experts commented below. | Data Breach | ||
|
2022-03-15 11:39:56 | Privacy Expert On Fake Valorant Cheats On YouTube Infect You With RedLine Stealer (lien direct) | Following the news that Fake Valorant cheats on YouTube infect you with RedLine stealer Fake Valorant cheats on YouTube infect you with RedLine stealer (bleepingcomputer.com), privacy expert highlights the danger of clicking unverified links on YouTube, and where you can find ‘legitimate’ cheats. | |||
|
2022-03-15 11:27:38 | UK Announces Plans For Digital ID Scheme (lien direct) | The UK has announced a roadmap containing initial plans to roll out a digital ID scheme and, naturally, there are some significant security concerns from experts in the field. |
To see everything:
Our RSS (filtrered)
