• Government CIOs Praised for Pandemic Response, Better Collaboration RequiredCollaboration with local governments and public higher education is critical to managing increasingly complex cyber-risk.According to a new research document from Deloitte and the National Association of State Chief Information Officers (NASCIO), as US state and local governments are top targets for ransomware and other cyber-attacks, they can benefit by working together. The report claimed that they are o




  • Iranian APT Group Targets Global Universities AgainAn Iranian state-backed APT group known for targeting universities for research materials has been detected in a new campaign coinciding with the start of the new academic year.Silent Librarian (aka TA407, Cobalt Dickens) is once again casting the net wide geographically. It has registered phishing sites for universities in: Australia (Victoria, Adelaide and Melbourne Victoria), the UK (Glasgow Caledonian, King’s College London, Brist

  • Zoom Finally Rolls out End-to-End Encryption Zoom has finally announced its end-to-end encryption (E2EE) capabilities will be made available to users, significantly enhancing the security of video and voice calls.The video conferencing giant’s head of security engineering, Max Krohn, said the first of a four-phase roll-out would begin next week. During this “technical preview,” users will be able to provide feedback to the firm for the first 30 days.Zoom’s E2EE is based o

  • US Data Breach Volumes Plummet 30% in 2020The volume of data breaches reported in the US is on track for its lowest number since 2015, although hundreds of millions have had their details compromised so far in 2020, according to official figures.Non-profit the Identity Theft Resource Center (ITRC) records all publicly reported breaches in the country to compile an accurate running estimate across verticals.It claimed in a Q3 update yesterday that the volume reported so far in 2020 is 30% lower t




  • Carnival Confirms Passenger Data Compromised Carnival Corporation has disclosed that passenger and employee data from three different cruise lines was accessed in a ransomware attack that took place in August.On August 15, the British-American cruise operator discovered that an unauthorized third party had compromised its computer system and downloaded data files.An update issued by the corporation yesterday states that personal data from passengers of Carnival Cruise Line, H

  • Suspended Sentence for Brit Caught in FBI Creepware StingA British man who hacked into webcams and CCTV so he could spy on people in their own homes and while on holiday has received a suspended prison sentence.John Wood’s voyeuristic crimes were uncovered in 2018 as part of a joint investigation by British police and the Federal Bureau of Investigation (FBI) in the United States into the creator of LuminosityLink malware, Colton Grubbs.The off-the-shelf malware could be secretly deployed on a c

  • DFS Calls for Regulation of Social Media GiantsThe New York State Department of Financial Services (DFS) has called for the regulation of social media giants after finding the cybersecurity protections at Twitter woefully inadequate.Governor of New York, Andrew Cuomo, asked the DFS to investigate Twitter following the July 15, 2020, hack into the Twitter accounts of several cryptocurrency firms and well-known public figures.A report on that investigation, released today, found that the

  • MI5 boss says Russian and Chinese threats to UK 'growing in severity'

    Ken McCullum also singles out Iran, and says threat from far right is ‘sadly rising’MI5’s new boss has said the spy threats posed by China and Russia to the UK are “growing in severity and complexity” while the terror threat from Isis and the far right “persists at scale”.Giving his first speech as the domestic spy agency’s director general, Ken McCullum focused on risks from hostile states, including undermining “the integrity of UK research




  • Ransomware Victims Struggle to Recover, Hire and Spend on Threat PreventionIT managers at organizations hit by ransomware are nearly three-times as likely to feel “significantly behind” when it comes to understanding cyber-threats.According to new research from Sophos, organizations “are never the same after being hit by ransomware” and a third (35%) of victims reported that recruiting and retaining skilled IT security professionals was their single biggest challenge when

  • Ivanti Appoints Melissa Puls as New SVP and CMOIT management and security company Ivanti has announced the appointment of Melissa Puls as its new senior vice-president (SVP) and chief marketing officer (CMO).Puls joins Ivanti after recently serving as SVP and CMO at Avid, and brings decades of experience to the company with a strong track record of fuelling growth through a customer-centric approach and integrating marketing strategies for acquired companies.Puls will lead Ivanti’s gl

  • DVLA Submits Nearly 200 Breach Notifications to ICO

    DVLA Submits Nearly 200 Breach Notifications to ICOThe DVLA reported nearly 200 breach notifications to the data protection regulator over the past year, according to new Freedom of Information (FOI) data.FOI requests were sent to 17 government departments by secure storage vendor Apricorn, to assess the effectiveness of data security measures in the public sector. Some 14 departments provided responses for the period April 2019 to July 2020.The DVLA said it submitted 181 breach notificatio

  • Microsoft Fixes Fewer Than 100 Bugs for First Time Since FebruaryMicrosoft has issued its first patch update for eight months fixing fewer than 100 CVEs, although six are related to publicly disclosed bugs and will need prioritizing.October’s Patch Tuesday yesterday addressed 87 vulnerabilities including 11 rated critical.Many experts pointed to CVE-2020-16898, which has a CVSS score of 9.8, as a priority.“This is a remote code execution vulnerability in Microsoft’s TCP/IP stac

  • Hackers Claim to Have Access to 50,000 Home Security CamerasA hacking group is selling access to more than 50,000 hacked home security cameras, including footage of children in various states of undress, it has emerged.The group, which has over 1000 global members, has been using messaging platform Discord to advertise its wares, according to a report on AsiaOne.It’s reportedly offering access to the camera footage for a one-off subscription fee of $150 and claims to have already shared ov

  • North Carolina Launches Cybercrime HotlineNorth Carolina has opened a cybercrime hotline after state residents lost millions of dollars to COVID-19-related cyber-scams. The free NC 2-1-1 phone line, one of the first to be launched in the United States, has been funded by state and federal grants. Fraudulent schemes claiming victims in the Tarheel State include cell phone cloning, fake COVID-19 test results, fake charities, and scams that seek to exploit people who have lost jobs as a r

  • Executive Overconfidence a Security RiskExecutives are out of touch and overconfident when it comes to their organizations’ web application security practices, according to new research published today by Netsparker.Netsparker teamed up with Dimensional Research to survey security professionals from 382 organizations worldwide about the maturity and effectiveness of web application security in their organizations. Respondents worked in roles spanning development, DevOps, and C-sui

  • Russia Blamed for Cyber-attack on Norwegian Parliament

    Russia Blamed for Cyber-attack on Norwegian Parliament Russia has been accused of carrying out a “significant” cyber-attack on the Norwegian parliament earlier this year.In August, unauthorized individuals managed to gain access to the email accounts of several elected members of the Storting, Norway’s single-chamber parliament. The cyber-criminals also targeted some accounts belonging to parliament employees. An unspecified amount of data was stolen in the attack, which impacted

  • Joint Momentum and Unite letter calls on Starmer to oppose informants bill

    Signatories want Labour MPs to vote against third reading in Commons on Thursday
    The trade union Unite has joined forces with Momentum to demand that the Labour leader, Keir Starmer, order the party’s MPs to vote against the third reading of a bill on Thursday night regulating the conduct of MI5 and police informants.They have come together with a Hillsborough survivors group and others in demanding that Labour drop its plan to abstain and fully oppose the covert human intelligence sources

  • Hackney Hacked as Council Investigates AttackLondon’s Hackney Council has reported it has “been the target of a serious cyber-attack which is affecting many of our services and IT systems.”According to a statement from Philip Glanville, mayor of Hackney, council officers have been working closely with the National Cyber Security Centre, external experts and the Ministry of Housing, Communities and Local Government to investigate and understand the impact of the incident.&l

  • Global Firms Seek Zero-Trust as 58% Suffer COVID-Era BreachOver half of global organizations have suffered a data breach during the COVID-19 crisis, with even more arguing that they need to shift to a zero-trust model to bolster security, according to Forrester.A new report commissioned by Cloudflare and set to be officially released on Wednesday, Leaders Are Now Committed To Zero Trust, reveals the challenges impacting organizations during the pandemic.Based on a poll of over 300 global securit

  • Security Experts Warn of Amazon Prime Day Scams

    Security Experts Warn of Amazon Prime Day ScamsSecurity experts are warning of a deluge of phishing activity designed to capitalize on a major Amazon promotional event taking place this week.Amazon Prime Day is said to be bigger for the e-commerce giant than Black Friday and Cyber Monday combined. That makes it a lucrative target for scammers looking to mimic the Amazon brand in order to trick unwitting shoppers into divulging sensitive personal and financial information.Fraud prevention company

  • US GOA Calls for Greater Cybersecurity for Commercial Airplanes

    US GOA Calls for Greater Cybersecurity for Commercial AirplanesThe US Government Accountability Office (GOA) has urged the Federal Aviation Administration to take action to better protect modern commercial airplanes from cyber-risks.In a post on its website, the GOA wrote: “Modern airplanes are equipped with networks and systems that share data with the pilots, passengers, maintenance crews, other aircraft and air-traffic controllers in ways that were not previously feasible.“To date

  • US GAO Calls for Greater Cybersecurity for Commercial Airplanes

    US GAO Calls for Greater Cybersecurity for Commercial AirplanesThe US Government Accountability Office (GAO) has urged the Federal Aviation Administration to take action to better protect modern commercial airplanes from cyber-risks.In a post on its website, the GAO wrote: “Modern airplanes are equipped with networks and systems that share data with the pilots, passengers, maintenance crews, other aircraft and air-traffic controllers in ways that were not previously feasible.“To date

  • Ransomware Gangs Outsource Network Access to Drive SuccessRansomware groups are increasingly purchasing network access on underground forums to simplify and accelerate their attacks, Accenture has warned.The consulting giant’s iDefense threat intelligence business claimed in a new report that the outsourcing trend overlaps that of the relatively recent emergence of ransomware-plus-data-theft.As developing and maintaining stable network access comes with a high risk of detection and require

  • Ransomware Tops 2020 Threat RankingsRansomware was the most observed threat in 2020, according to a global corporate investigations and risk consulting firm based in New York City.Kroll’s proprietary data on cyber incident response cases shows that ransomware attacks accounted for over one-third of all cases as of September 1, 2020. While this particular form of malware has struck organizations of all sizes across every sector this year, Kroll has observed that the three industries most tar

  • Microsoft Disrupts Botnet Installing Ransomware

    Microsoft Disrupts Botnet Installing Ransomware Technology giant Microsoft has used a court order to disrupt one of the world’s most notorious botnets.Trickbot has infected over a million computing devices around the world since late 2016 and is a prolific distributor of ransomware. In a statement released today, Microsoft’s corporate vice president of customer security and trust, Tom Burt, echoed a warning shared previously by the United States government that ransomware is “one

  • Gov-Linked “Fatima” Cybersecurity Career Advert Removed After BacklashA campaign intended to attract more people to career opportunities in cybersecurity has come under heavy criticism and been removed after only a few hours.A poster which showed a woman named “Fatima” dressed as a ballet dancer said her “next job could be in cyber – she just doesn’t know it yet” came under criticism after it was announced the UK government was encouragin

  • Cambridge University Releases Fake News GameThe University of Cambridge has released a new game designed to help people sort fact from cleverly faked fiction when it comes to online information about Covid-19. Players of Go Viral! assume the role of a malicious actor who is on a mission to spread misinformation online about the global health pandemic. The online game has been designed to introduce members of the public to the wide variety of techniques criminals use to circulate f

  • Scottish MI5 spy to be crown's key witness in New IRA terrorism trial

    Former police officer infiltrated New IRA’s high command over last eight years, it has emerged
    A former Scottish police officer turned MI5 spy has inflicted major damage on the New IRA leading to the arrests of alleged key figures and the disruption of links between violent dissident republicans and terrorist groups in the Middle East.Dennis McFadden infiltrated the New IRA’s high command over the last eight years, providing safe houses in Northern Ireland and Scotland that were in f

  • Attackers Chaining Zerologon with VPN Exploits The US government has warned of newly discovered APT attacks combining exploits of VPN products with those for the recently disclosed Zerologon bug.The joint alert from the FBI and Cybersecurity and Infrastructure Security Agency (CISA) revealed that government and non-government targets are being attacked in this campaign.It warned that access to federal and state, local, tribal and territorial (SLTT) government networks could put election inf

  • Five Eyes Repeat Encryption Backdoor CallsThe Western Five Eyes powers have issued yet another joint statement effectively calling for tech firms to engineer backdoors into end-to-end and device encryption.The post-war intelligence alliance of the UK, US, Australia, New Zealand and Canada was joined by India and Japan in issuing the new missive — the latest of many calls to engage with governments on the issue.The arguments put forward were the same as always: a few lines in support of enc



  • Source link

    Is your business effected by Cyber Crime?

    If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol’s hotlines or respond to us online.

    Digitpol’s Cyber Crime Investigation Unit provides investigative support to victims of cyber crimes. Digitpol is available 24/7. https://digitpol.com/cybercrime-investigation/

    Europe +31558448040
    UK +44 20 8089 9944
    ASIA +85239733884