What's new arround internet

Last one

Src Date (GMT) Titre Description Tags Stories Notes
itsecurityguru.webp 2022-06-10 08:05:22 The Must-Attend Cybersecurity Event: International Cyber Expo (lien direct) International Cyber Expo is where great cybersecurity minds come together to explore the issues of tomorrow’s interconnected world. Held at Olympia London on the 27th – 28th September 2022, International Cyber Expo endeavours to be the go-to-meeting place for industry collaboration, where everyone from vetted senior cybersecurity buyers, government officials and entrepreneurs, to software developers […]
itsecurityguru.webp 2022-06-10 07:47:18 International Cyber Expo Invites Esteemed Advisory Council to Shape Event Agenda (lien direct) International Cyber Expo has announced the members of this year's event Advisory Council. Chaired by former CEO of the National Cyber Security Centre (NCSC), Professor Ciaran Martin, CB, the Advisory Council combines 30 of the cybersecurity's most well-respected industry figures from government, private and academic sectors. The council is united by their shared passion and […]
itsecurityguru.webp 2022-06-09 11:05:53 UK Government Acquires Its First Quantum Computer (lien direct) The UK government has reportedly acquired its first quantum computer with the aim to help boost research capabilities in cyber-defence and other national security fields. The BBC have reported that The Ministry of Defence (MoD) is set to work with Orca Computing, a UK company, to explore the potential of quantum to enhance the nation’s […] ★★★★
itsecurityguru.webp 2022-06-09 09:52:18 Large Scale Phishing Campaign on Facebook Messenger Generates Millions in Ad Revenue (lien direct) A large-scale phishing operation held on Facebook and Messenger to lure millions of users onto phishing pages has been uncovered by researchers. The aim of the operation was to trick victims into entering their credentials and see adverts. These stolen account details were used to send further phishing messages to victim’s friends. The aim being […]
itsecurityguru.webp 2022-06-09 09:17:56 (Déjà vu) Unofficial Security Patch Released For Microsoft Zero-Day Vulnerability (lien direct) As the Follina flaw continues to be exploited in the wild, an unofficial security patch for a new Windows zero-day vulnerability in the Microsoft Diagnostic Tool (MSDT) has been made available. Referenced as DogWalk, the issue relates to a path traversal flaw that, when a potential target opens a specially created “.diagcab” archive file that […] Tool Vulnerability
itsecurityguru.webp 2022-06-08 11:17:44 New NHS Digital Materials Aim to Boost Cybersecurity Awareness in Social Care Organisations (lien direct) This week the UK’s social care sector received a boost after NHS Digital released new materials designed to enhance staff cybersecurity awareness. The materials hope to raise awareness of critical threats and risks. The programme was developed in partnership with Digital Social Care, the materials are part of the NHS “Keep IT Confidential” campaign. The […] Threat
itsecurityguru.webp 2022-06-08 10:55:17 New Report Shows That Smishing Attempts Soared in 2021 (lien direct) In 2021 SMS phishing (also known as smishing) attacks more than doubled year-on-year, according to Proofpoint. Cyber-criminals looked to compromise devices by using human error. Proofpoint’s latest annual Human Factor report is based on an analysis of over 49 billion URLs, 2.6 billion emails, 1.9 billion attachments, 28 million cloud accounts, 1.7 billion mobile messages and […]
itsecurityguru.webp 2022-06-08 09:56:22 Italian Municipality of Palermo Suffers Cyberattack (lien direct) On Friday the municipality of Palermo, Italy, suffered a cyberattack. The attack appears to have had an impact on multiple services and operations to both citizens and tourists. Local IT experts have been trying to restore the systems since the attack, however all services, online portals, and public websites remain offline. The impacted systems include […] ★★
itsecurityguru.webp 2022-06-08 09:20:09 Evil Corp Hacker Group Changes Ransomware Tactics After U.S. Sanctions (lien direct) The Evil Corp Russian hacker group has reportedly changed its attack tactics to avoid sanctions placed on US companies prohibiting them from paying it a ransom. Mandiant, the threat intelligence firm, reported the shift. The firm recently wrote a blog post linking a series of Lockbit ransomware intrusions to UNC2165, a threat cluster that shares […] Ransomware Threat ★★★
itsecurityguru.webp 2022-06-07 11:14:50 (Déjà vu) Microsoft\'s Digital Crimes Unit Takes Legal Action Over Spear-Phishing Attacks by Bohrium Hackers (lien direct) Last week Microsoft’s Digital Crimes Unit (DCU) disclosed that it had taken legal proceedings against an Iranian threat actor dubbed Bohrium, linked with a spear-phishing operation. Bohrium is said to have targeted multiple entities in the U.S., India and the Middle East, including across transportation, tech, education, and government sectors. In a Tweet Amy Hogan-Burney […] Threat
itsecurityguru.webp 2022-06-07 10:46:46 Ukrainian Officials\' Phones Targeted by Russian Hackers (lien direct) On Monday, a senior cybersecurity official said that the phones of Ukrainian officials had been targeted by hackers as Russia pursues its invasion of Ukraine. The deputy head of Ukraine’s State Special Communications Service, Victor Zhora, said that phones used by Ukraine’s public servants were the subject of sustained targeting. At an online news conference […]
itsecurityguru.webp 2022-06-07 10:19:31 (Déjà vu) Motorola\'s Unisoc Chips Found to Contain Vulnerability (lien direct) A critical vulnerability in the Unisoc Tiger T700 chips that power the Motorola Moto G20, E30 and E40 smartphones has been found by the cyber-threat intelligence firm Checkpoint Research (CPR). These components have been marked as threat vectors due to a stack overflow vulnerability. The Unisoc Tiger T700 chip replaced MediaTek’s chips in these devices […] Vulnerability Threat
itsecurityguru.webp 2022-06-07 09:44:02 (Déjà vu) Gloucester Council IT Systems Still Affected Six Months After Cyber-Attack (lien direct) The IT systems of Gloucester City Council are still not fully operational almost six months after Russian hacker targeting. The servers were compromised on December 20th last year, the council acknowledged. Many of the online services were disrupted, including council tax support, track and trace support payments, and housing benefits. The systems were targeted by […]
itsecurityguru.webp 2022-06-06 14:18:47 Armis unveils Industry\'s first End-to-End Risk-Based Vulnerability Lifecycle Management (lien direct) Last week, Armis announced Armis Asset Vulnerability Management (AVM), the only solution for risk-based vulnerability management that enables organisations to prioritise mitigation efforts across the entire asset attack surface. This includes IT, OT, ICS, IoMT, IIoT, Cloud and cellular-IoT, managed or unmanaged. The new solution strengthens the existing Armis Platform, which provides unified asset visibility […] Vulnerability
itsecurityguru.webp 2022-06-06 14:05:49 Is SEO Better Than Paid Ads? (lien direct) If you are looking to advertise your business online, then you might be wondering: Is SEO better than paid ads? Paid ads and SEO both promote brands on the SERP, but how do they compare? SEO aims to boost your website’s organic ranking in search engine results pages, while PPC promotes your site content via […] ★★★★
itsecurityguru.webp 2022-06-06 12:26:15 Apple Release 2021 Fraud Prevention Analysis (lien direct) Apple has announced that, in 2021, it prevented over 1.6 million risky and untrustworthy apps and app updates from reaching the App Store and stopped over $1.5 billion in fraudulent transactions. Apple produced its first fraud prevention analysis last year with information about 2020. Last year’s report showed that Apple had prevented one million potentially […] ★★★★
itsecurityguru.webp 2022-06-06 11:41:11 (Déjà vu) State-Backed Hackers Exploit Microsoft “Follina” Bug to Target U.S. and European Entities (lien direct) A suspected state-aligned threat actor has been linked to a fresh set of attacks exploiting the Microsoft Office “Follina” vulnerability to target government entities across the U.S. and Europe. Proofpoint, an enterprise security firm, said that it blocked attempts at exploiting the remote code execution flaw. The flaw is being tracked CVE-2022-30190 (CVSS Score: 7.8). […] Vulnerability Threat
itsecurityguru.webp 2022-06-06 11:12:04 Singapore Officially Launches Digital Platform to Ease Supply Chain Data Flow and Improve Data Efficiencies (lien direct) In an attempt to streamline information flows across a fragmented global supply chain, Singapore has officially launched a centralised data platform. The data exchange has already gained the support of more than 70 participants, including banks, logistics operators, and energy companies. The new common data platform, called Singapore Trade Data Exchange (SGTraDex), was introduced in […]
itsecurityguru.webp 2022-06-01 13:45:05 Berkshire Bank Selects Salt Security for API Security as its Business Operations Scale (lien direct) Salt Security, the leading API security company, today announced that Berkshire Bank, a leading socially responsible community bank with office locations in New England and New York, has selected the Salt Security API Protection Platform to secure its growing ecosystem of APIs. The Salt platform enables Berkshire Bank to reduce business risk by shielding itself, […] Guideline ★★★
itsecurityguru.webp 2022-06-01 13:33:17 SafeBreach Expands Global Reach with Launch in EMEA (lien direct) SafeBreach, the pioneer in breach and attack simulation (BAS), today announced the launch of their EMEA programme, which will aim to bring their dynamic continuous security validation platform to an EMEA audience. The SafeBreach platform enables security teams to assess the efficacy of their security ecosystem by safely executing attacks across the entire cyber kill […]
itsecurityguru.webp 2022-06-01 09:37:58 Turkish airline suffers 6.5TB data leak (lien direct) A budget Turkish airline has misconfigured an AWS bucket, resulting in the exposure of flight and source code data, alongside the personal information of crew members. A research team in the employ of SafetyDetectives discovered the cloud data trove was publicly available on February 28. Some of the information was traced back to Electronic Flight […]
itsecurityguru.webp 2022-05-31 09:01:07 Italy tells organisations to brace for DDoS attacks (lien direct) Italy’s Computer Security Incident Response Team (CSIRT) issued an urgent alert on Monday, warning organisations of the significant risk of cyberattack against national entities. The Italian organisation is referring to DDoS (distributed denial-of-service) attacks which, while not necessarily catastrophic, can cause significant damage due to service outages and disruptions. “There continue to be signs and […]
itsecurityguru.webp 2022-05-31 08:40:36 Credentials of US academics posted on dark web forums (lien direct) The FBI’s cyber division has published a Private Industry Notification warning colleges and universities in the US that higher education credentials are up for sale on the dark web. FBI data suggests that from January 2022, Russian cyber-criminal forums advertised access to credentials from universities and colleges across the US, for prices as high as […]
itsecurityguru.webp 2022-05-30 11:06:06 Biometric mobile payments set to exceed $1 trillion (lien direct) Remote mobile payments authenticated by biometrics are predicted to reach $1.2 trillion by 2027, according to a new study. In its paper Mobile Payment Biometrics: Key Opportunities, Regional Analysis & Market Forecasts 2022-2027 , Juniper Research has predicted a 365% rise in the value of biometric payments over the next five years. The current value is $332bn. […] ★★★
itsecurityguru.webp 2022-05-27 09:15:52 Ed tech illegally tracked school children during pandemic (lien direct) Students around the world who were required to use government-endorsed education technology (ed tech) throughout the pandemic had their contact, keystroke and location data plundered and sold to advertising tech companies, according to the Human Rights Watch (HRW).  A staggering 146 out of 164 government-endorsed ed tech products jeopardised children’s privacy, with 199 third-party companies […]
itsecurityguru.webp 2022-05-27 08:58:45 Oil and gas companies take cyber resilience pledge (lien direct) The past two years have seen the energy industry suffer multiple major security breaches, highlighting the need for a collaborative effort in response. During the World Economic Forum (WEF) Annual Meeting 2022, 18 corporations announced their pledge to cooperate on a dedicated solution to strengthen infrastructure across the industry ecosystem. The Cyber Resilience Pledge, according […] ★★★
itsecurityguru.webp 2022-05-26 16:08:57 Salt Security Helps bpLaunchpad Reimagine energy by Enabling API Based Innovation (lien direct) bp Launchpad, the in-house business accelerator for bp, has selected Salt Security as its technology solution for API security.  The business accelerator aims to strengthen energy resilience by aiding in the growth of global startup companies within the renewable energy sector. The companies involved are digitally-led and help deliver cleaner, more affordable, and reliable energy. […]
itsecurityguru.webp 2022-05-26 10:09:58 Security pros believe cybersecurity strategies will soon be obsolete (lien direct) Crossword Cybersecurity Plc has released a report highlighting anxieties surrounding security strategies soon growing outdated. Over 200 CISOS and senior cybersecurity professionals were surveyed. Key findings include: 40% of respondents expect their current cybersecurity strategy be outdated in the next two years. A further 37% expected their current cybersecurity strategy be outdated in the next […]
itsecurityguru.webp 2022-05-26 09:57:51 Insider threats caused 68% of legal sector breaches (lien direct) Insider threats were responsible for 68% of data breaches at UK law firms, according to new research from the Information Commissioner's Office (ICO). ICO Data from Q3 2021 was analysed by NetDocuments found that only 32% of breaches in the legal sector were caused by outside threats. Other key findings include: 54% of data breaches […] Threat
itsecurityguru.webp 2022-05-25 10:38:12 Privacy focused browser allows Microsoft trackers (lien direct) DuckDuckGo, a privacy focused web browser, has come under fire for allowing Microsoft trackers on third-party sites as part of their syndicated search content contract with the company. The search engine takes pride in not tracking user searches or behaviour, and not building user profiles to display targeting advertising, instead using contextual advertisements from their […]
itsecurityguru.webp 2022-05-25 10:04:38 US government lacks ransomware data (lien direct) A new report from the United States Senate Committee on Homeland Security & Governmental Affairs has revealed that the US government lacks comprehensive data on ransomware attacks. Notably, the report shows that authorities are largely in the dark as to how much is lost in ransom payments. The report is the culmination of a 10-month investigation into […] Ransomware
itsecurityguru.webp 2022-05-24 10:29:45 Cyberattack on General Motors exposes customer data (lien direct) US automobile behemoth General Motors (GM) has confirmed that it suffered a credential stuffing attack last month. GM said that it detected malicious login activity between April 11-29 2022, resulting in the exposure of customer information and allowing hackers to redeem gift card reward points. GM sent a data breach notification to affected customers, saying: […] Data Breach
itsecurityguru.webp 2022-05-24 09:51:39 Clearview AI fined £7.5m for harvesting data (lien direct) Clearview AI has been fined by the UK’s Information Commissioner’s Office (ICO) for breaking UK data protection laws. The £7.5m fine is a huge reduction from the £17m the ICO initially planned to fine the web-based intelligence platform in November 2021. The initial fine was proposed following a joint investigation conducted in accordance with the […]
itsecurityguru.webp 2022-05-23 09:40:42 Chinese hackers caught spying on Russian defence institutes (lien direct) A minimum of two research institutes in Russia and third likely in Belarus have suffered an espionage attack carried out by a Chinese nation-state advanced persistent threat grout (APT).  Codenamed “Twisted Panda,” the attacks come in the wake of Russia’s military invasion of Ukraine, an event that has prompted many threat actors to switch tactics […] Threat
itsecurityguru.webp 2022-05-23 09:13:22 (Déjà vu) Cryptocurrency scammers use Elon Musk deep fake (lien direct) Deep fakes depicting videos of Elon Musk and other prominent figures in the cryptocurrency scene are promoting a BitVex trading platform scam that steals deposited currency. The spoof BitVex crypto trading platform claims to be owned by Tesla CEO Elon Musk, saying in the deep fake that he created the site to allow investors to […]
itsecurityguru.webp 2022-05-20 10:07:10 Conti ransomware group disbands (lien direct) Conti ransomware gang has shut down their operation, taking infrastructure offline and informing team leaders that the brand ceases to exist. Yelisey Boguslavskiy, head of research at Advanced Intel, tweeted yesterday that the gang’s internal infrastructure had been switched off. Although public-facing ransom negotiation sites and the “Conti News” data leak are still online, Boguslavskiy […] Ransomware Guideline
itsecurityguru.webp 2022-05-19 16:03:01 Who is UNC1756 – the hacker threatening Costa Rica? (lien direct) On 16 April 2022, the ContiNews ransomware PR site posted the gang’s newest victim: the Ministry of Finance of Costa Rica. Three days later, the post was updated with a sample of the stolen data, and a threat to continue attacks against Costa Rican agencies unless the government paid a requested ransom of $10 million. […] Ransomware Threat
itsecurityguru.webp 2022-05-19 11:36:49 (Déjà vu) Two million Texans have their details exposed (lien direct) A programming issue at the Texas Department of Insurance (TDI) exposed the personal information of nearly two million Texans for nearly three years. The department revealed that information such as Social Security numbers, addresses, dates of birth and phone numbers was made publicly available from March 2019 to January 2022. The information belongs to 1.8 […]
itsecurityguru.webp 2022-05-18 14:55:41 Good News…Security Culture is Improving Around the World (lien direct) A new industry report evaluating the level of security culture worldwide has found a positive improvement overall. The 2022 Security Culture Report by KnowBe4 looked at trends in security culture for the first time, analysing the ideas, customs and social behaviors of an organisation that influence their security. In particular, the report looked at the […]
itsecurityguru.webp 2022-05-18 10:21:23 North Korean devs go undercover to aid DPRK hackers (lien direct) US authorities have warned that the Democratic People's Republic of Korea (DPRK) is sending IT workers to get freelance jobs at companies worldwide, with the goal of obtaining privileged access that could be used to open the door for cyber intrusions. Thousands of “highly skilled IT workers” have been directed or forced to target freelance […]
itsecurityguru.webp 2022-05-18 09:48:42 Omnicell healthcare company hit by ransomware (lien direct) Omnicell, a US based multinational healthcare company, has confirmed it suffered a data breach in the a wake of a suspected ransomware attack. The company disclosed the ransomware attack on May 9 2022 in a 10-Q filing with the Securities and Exchange Commission (SEC). In the filing, Omnicell stated: “Our IT systems and third-party cloud […] Ransomware Data Breach
itsecurityguru.webp 2022-05-18 09:46:03 OBRELA secures King Faisal Specialist Hospital and Research Centre (lien direct) The Client The King Faisal Specialist Hospital and Research Centre (KFSH & RC) is a tertiary referral hospital which offers primary and highly specialised inpatient and outpatient medical care and participates in many clinical research studies. The hospital has reached an international standard of excellence equivalent to that of leading global academic medical centres. KFSH […] Guideline
itsecurityguru.webp 2022-05-17 09:45:04 Thanos and Jigsaw ransomware linked to 55 year old doctor (lien direct) The US Department of Justice announced yesterday that Moises Luis Zagala Gonzalez, a 55-year-old cardiologist currently residing in Ciudad Bolivar, Venezuela, created and rented Jigsaw and Thanos ransomware to cybercriminals. Known online as Nosophoros, Aesculapius, and Nebuchadnezzar, Gonzales supported cybercriminals in their use of the ransomware, and shared in the profits made. “As alleged, the […] Ransomware
itsecurityguru.webp 2022-05-17 09:33:26 Italian police thwart Eurovision cyberattack (lien direct) It has been revealed that Italian authorities derailed efforts by pro-Russian cybercriminals to disrupt the Eurovision song contest. Throughout both the performances and voting rounds, police were mobilised to block attacks on network infrastructure – Reuters reports that the attacks have been attributed to the Russian “Killnet” group and its affiliate “Legion”. Several Italian institutions […]
itsecurityguru.webp 2022-05-16 10:21:31 UK announces nuclear cybersecurity strategy (lien direct) The UK government has announced cybersecurity plans for the country’s civil nuclear sector in the newly published 2022 Civil Nuclear Cyber Security Strategy. The country’s nuclear program is growing into one of the most vital elements of the government’s plans to reach net-zero carbon emissions, but poses a significant risk as a target for state-backed […]
itsecurityguru.webp 2022-05-16 09:22:37 EU announces provisional cybersecurity directive (lien direct) The European Parliament announced a “provisional agreement” with the aim of bolstering cybersecurity and resilience of both public and private sector entities in the European Union. It’s expected that the revised directive, dubbed “NIS2” (short for network and information systems), will take the place of pre-existing legislation originally established in 2016. The revision puts in place […]
itsecurityguru.webp 2022-05-13 09:43:59 Security pros say their mental health has declined (lien direct) 27% of security professionals say their mental health has worsened over the past year. The study, carried out by Tines, also revealed that security professionals believe that their mental state has impacted their productivity. Tines, an automation specialist, surveyed more than 1000 security professionals in the US and Europe for its State of Mental Health […] ★★★
itsecurityguru.webp 2022-05-12 09:48:04 NCSC launches free email security check (lien direct) The UK’s National Cyber Security Centre (NCSC) has released a free tool designed to help organisations check whether their email security settings are sufficient. The Email Security Check service was released yesterday by the NCSC, an offshoot of the UK spy agency GCHQ. The tool works to look up publicly available information on anti-spoofing standards such as […] Tool ★★
itsecurityguru.webp 2022-05-12 09:28:38 Five Eyes urges organisations to secure supply chains (lien direct) A joint advisory issued by the Five Eyes nations has urged organisations to secure their supply chains as the war in Ukraine continues. The document, 'Protecting Against Cyber Threats to Managed Service Providers and their Customers,' was released jointly by relevant government agencies from the Five Eyes security alliance. The authorities are: The UK's National […] ★★★
itsecurityguru.webp 2022-05-11 09:52:34 CNI firms see cyberattack surge (lien direct) Over 70% of critical national infrastructure (CNI) providers in the UK have seen an increase in cyberattacks since Russia’s invasion of Ukraine, new research from Bridewell suggests. Bridewell, a security services provider, polled over 520 security decision-makers in the communications, utilities, finance, government and transport and aviation sectors in order to better understand their concerns […] ★★★
Last update at: 2024-03-28 19:10:08
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter