• Businesses Lack a Workable Ransomware Recovery StrategyMore than a third of businesses do not have a ransomware emergency plan in place, or are not aware if one exists within their company.According to research from Ontrack of 484 organizations, 39% either did not have or were not unaware of a ransomware strategy, while 26% admitted they couldn’t access any working backups after an attack.“The threat of ransomware has never been greater” said Philip Bridge, president of On

  • UCSF Pays $1.14m Ransomware FeeThe University Of California San Francisco finally confirmed that it had forked over $1.14m to ransomware thieves last week, less than a month after discovering that critical academic data related to its COVID-19 research had been encrypted.The university said in a statement on Friday that it had detected a security incident affecting some of its School of Medicine servers on June 1. It had quarantined the affected IT systems at the time. The attackers managed

  • Researchers Find New Calendar-Based Phishing CampaignResearchers have once again spotted crooks using calendar invitations to mount phishing attacks. The Cofense Phishing Defense Center found the attack in enterprise email environments protected by Proofpoint and Microsoft, it announced last week.The phishing scam uses iCalendar, which is a media type that lets users store and exchange calendaring and scheduling information, including events and tasks. iCalendar files are usually delivered with

  • Criminals Exploit Pandemic with Brute-Force RDP AttacksESET is the latest security company to notice a sharp spike in RDP-based hacks over the last few months. The anti-malware company spotted a rise in the number of brute-force attacks using the remote access protocol, and said that cyber-criminals have been using it to distribute ransomware.The Remote Desktop Protocol is a proprietary Microsoft protocol that allows people to access Windows from outside the network. Companies often leave their

  • Former officials question David Frost’s suitability for role as neutral adviserSecurity experts and opposition MPs on Monday condemned David Frost’s appointment as Boris Johnson’s national security adviser, arguing that his political status and lack of direct experience would undermine his effectiveness.Lord Ricketts, the first person to be appointed to the role when it was created in 2010, said it was his job to provide “politically neutral advice” to the prime min

  • Malware Incidents Fall Amid Overall Rise in Security Events Last YearMalware incidents fell by 23% in 2019 despite an overall increase in security events, according to Orange Cyberdefense in its inaugural Security Navigator report. The findings suggest that businesses have grown investment in technologies that protect themselves from these kinds of threats, leading cyber-criminals to shift to other types of attack.Of the security events the cybersecurity company analyzed last year, only 22% were

  • IoT Botnet Developer Gets 13-Month SentenceA Washington man has been sentenced to 13 months behind bars for his part in developing, using and selling access to DDoS botnets based on the infamous IoT malware Mirai.Kenneth Currin Schuchman, 22, of Vancouver, was handed his sentence late last week after pleading guilty last September to one count of fraud and related activity in connection with computers, in violation of the Computer Fraud & Abuse Act.The botnets, known as Satori, Okiru, Masuta

  • Pentagon to give Trump options to reduce troops in Germany

    DefenceTalkDefenceTalkDefense Secretary Mark Esper will present President Donald Trump with a series of options Monday to withdraw thousands of US troops from Germany, with many moving to eastern…

  • Chinese Bank Forces Firms to Download Backdoored SoftwareOrganizations doing business in China have been warned that official looking software mandated for download by domestic banks may actually contain backdoor malware.Trustwave explained in a new report that it discovered several clients had unwittingly installed the GoldenSpy backdoor after agreeing to download the Intelligent Tax software, produced by the Golden Tax Department of Aisino Corporation.Although it worked as advertised, the soft

  • Campaigners Call for Computer Misuse Act Revision on 30th AnniversaryAn open letter has been sent to UK Prime Minister Boris Johnson, asking for an update to the Computer Misuse Act (CMA) as it marks its 30th anniversary of reaching royal assent..Coordinated by the CyberUp Campaign, a group of cybersecurity organizations are pushing for an update of the Computer Misuse Act to make it fit for the digital age.“In 1990, when the CMA became law, only 0.5% of the UK population used the internet

  • Online Learning Platform Exposes Data on One Million StudentsOver one million North American students have had their data exposed after a popular online learning platform left it in a publicly accessible cloud database, according to vpnMentor.Researchers from the firm claimed that the Elasticsearch database belonging to provider OneClass was left completely unsecured.The trove contained over 27GB of data, amounting to 8.9 million records, including many students’ full names, email addresse

  • Boost NHS mental health youth services to tackle radicalisation, say psychiatrists

    Specialists argue that spending on NHS is as important as counter-terrorism measuresLeading psychiatrists have urged the government to boost public resources for youth mental health to tackle an association between depression or anxiety and sympathies with violent protest and terrorism.Edgar Jones and Kamaldeep Bhui, professors of psychiatry at King’s College London and the University of Oxford, warned that the underfunding of mental health services has left young people with PTSD, anxiety

  • US Bill Proposes Ban on Feds’ Using Facial Recognition TechnologyUS lawmakers have introduced a bill that proposes banning federal law enforcement agencies from using facial recognition and biometric surveillance technology.The Facial Recognition and Biometric Technology Moratorium Act of 2020 was introduced yesterday by Senators Ed Markey and Jeff Merkley. If passed into law, the wide-sweeping bill would make federal funding for state and local law enforcement agencies contingent

  • Fraudster Jailed for Stealing Millions from US Seniors A despicable Brit has been jailed after stealing from America’s elderly to fund his extravagant millionaire lifestyle. Fraudster Gareth David Long was sentenced to 70 months in prison for running an elaborate scheme that claimed more 375,000 victims during a six-month period in 2013. Las Vegas resident Long operated a third-party processing company V Internet Corp from 2008 to 2013 that specialized in the creation and dep

  • $200m Spear Phished from Cryptocurrency Exchanges A newly detected threat group has stolen an estimated minimum of $200m from cryptocurrency exchanges in just two years.The dastardly deeds of cyber-criminal organization CryptoCore were discovered by security firm ClearSky Cyber Security. Recently published research by the company revealed that the threat group has been active since at least May 2018, primarily targeting victims in the United States and Japan. Crypto

  • Australian intelligence raids target lawmaker over China links

    DefenceTalkDefenceTalkAustralia’s spy agency and police raided a lawmaker’s home Friday as they probed alleged Chinese influence operations and Prime Minister Scott Morrison warned the…

  • Pentagon lists firms it says are backed by Chinese military

    DefenceTalkDefenceTalkThe Pentagon has published a list of 20 Chinese companies it says are backed by the military, in the latest instance of a running tit-for-tat economic battle between Washington…

  • Japan confirms scrapping US missile defence system

    DefenceTalkDefenceTalkJapan has scrapped the deployment of a multi-billion-dollar US anti-missile system, the government confirmed Thursday, days after saying the program had been suspended….

  • Microsoft: Patch IIS Bug Now to Protect Exchange ServersMicrosoft has warned Exchange customers to patch their servers urgently after reporting a surge in attacks exploiting an Internet Information Service (IIS) vulnerability.That flaw, CVE-2020-0688, was patched in February, but attackers are still finding victims compromised by such attacks. With access to the targeted server, hackers often deploy a web shell to steal data or perform other malicious actions in the future, explained Hardik Suri

  • European Commission: Still Work to Do on GDPRThe GDPR has successfully met its main objectives but work still needs to be done to improve cross-border investigations, increase regulator resources and address fragmented approaches across the EU, according to the European Commission.The review of the data protection legislation two years on highlights several areas for improvement.One of the most pressing is the need for harmonization across the region. This is because, although the regulation mus

  • Domestic Abuse Victims Exposed in Cloud MisconfigurationThousands of domestic violence victims have had their emergency distress messages exposed after a developer misconfigured a back-end AWS bucket.Researchers at vpnMentor led by Noam Rotem and Ran Locar found the voice recordings stored on a publicly accessible AWS S3 bucket.They were traced back to Aspire News, an application built by US non-profit When Georgia Smiled, which features an emergency help section via which domestic abuse victims

  • Police Seize Alleged Bitcoin Raider’s $90m in Assets Police in New Zealand have seized $90m worth of assets belonging to a man wanted for cybercrimes in France and the United States. Alexander Vinnik allegedly masterminded a Bitcoin laundering ring that handled billions of dollars via a digital currency exchange. He is also wanted for some minor crimes in his native Russia.Digital cash allegedly laundered by the exchange is believed to have included $4bn in funds stolen

  • HelpSystems Acquires Two Security Software CompaniesMinnesota software company HelpSystems has acquired two data classification companies in response to “brisk” demands for its security software. The company said that the addition of Canadian company Titus and British firm Boldon James to its security portfolio establishes HelpSystems as “the leading platform in data classification and meets customers’ needs for a comprehensive, pow

  • 350,000 Social Media Influencers and Users at Risk Following Data BreachPersonal data of an estimated 100,000 social media influencers has been accessed and partially leaked following a breach at social media marketing firm Preen.Me, Risk Based Security has discovered. The same breach has also led to more than 250,000 social media users having their information fully exposed on a deep web hacking forum, leaving these individuals at risk of being targeted by scams.The leak was discovered by

  • PlayStation Announces Bug Bounty ProgramPlayStation has announced that it will pay hackers thousands of dollars to unearth vulnerabilities in its network and entertainment products. The gaming titan launched its PlayStation Bug Bounty program yesterday morning in hopes of rooting out flaws and providing players with a more secure user experience. The initiative is being run in collaboration with well-known security platform HackerOne. PlayStation has

  • NCSC: One Million Phishing Messages Reported in Two MonthsThe National Cyber Security Centre (NCSC) has announced that in just two months of its Suspicious Email Reporting Service being launched, it has received one million reports.According to a statement, the service, which was launched in April as part of the Government’s Cyber Aware campaign, receives a daily average of 16,500 emails.NCSC chief executive officer Ciaran Martin called the number of reports a “milesto

  • IRMS Appoints New Chair with Diversity, Inclusion and Education at Top of AgendaThe Information and Records Management Society (IRMS) – the association for information professionals and students in information governance, records management, data protection and information security – has announced the appointment of Reynold Leming to the position of chair.Leming, who has worked in the data processing and information governance industry for over 30 years, will focus on initiatives tha

  • 33% Surge in Financial Fraud Attempts During #COVID19 LockdownFinancial fraud attempts rose by 33% in April as the UK entered lockdown due to the COVID-19 pandemic, new analysis from Experian and the National Hunter Fraud Prevention Service has revealed.Fraudsters targeted a myriad of financial products, including current and savings accounts, as they sought to take advantage of the disruption to both businesses and their customers brought about by the virus outbreak.Across all financial product

  • Researchers discover unique material design for brain-like computations

    DefenceTalkDefenceTalkOver the past few decades, computers have seen dramatic progress in processing power; however, even the most advanced computers are relatively rudimentary in comparison with the…

  • US could extend Russia arms treaty with conditions

    DefenceTalkDefenceTalkThe United States could be willing to extend its last remaining major nuclear weapons treaty with Russia but only under strict conditions, a senior official said Wednesday. The…

  • Source link

    You must be logged in to post a comment.