• More Security Vendors Admit to SolarWinds AttacksSeveral more cybersecurity vendors have revealed that they were attacked by the same threat actors that compromised SolarWinds, although there appears to have been minimal if any impact on customers.Mimecast revealed a couple of weeks ago that a “sophisticated threat actor” obtained one of its certificates used to authenticate Mimecast products to Microsoft 365 (M365) Exchange Web Services, in a bid to compromise customers’ M365

  • Growing Digital Adoption Providing Extra Opportunities for Cyber-CriminalsIncreased digital adoption since the start of COVID-19 is leaving consumers more vulnerable to cyber-attacks, according to McAfee’s 2021 Consumer Security Mindset Report.The analysis found that Brits across all age groups have embraced new digital solutions amid ongoing social distancing restrictions. Nearly three-quarters purchased at least one connected device in 2020 and one in five brought at least three. However

  • Manufacturing Giant Suffers Major Cyber-Disruption

    Manufacturing Giant Suffers Major Cyber-DisruptionA leading global manufacturer of cranes has been hit by what appears to be a ransomware attack disrupting IT operations around the world.Headquartered in Austria, Palfinger Group is renowned for producing hydraulic lifting and loading systems and runs scores of companies in over 30 countries.The firm issued a brief statement on Monday revealing it is the target of an ongoing global cyber-attack.“IT infrastructure is disrupted at the moment

  • UK Spies Called on to Help in Fraud FightFraud has become a serious threat to the UK’s national security, according to a think tank report calling for a major new government-led approach to tackle the issue.The report from the highly respected Royal United Services Institute (RUSI) argued that, while fraud has received more airtime from media and lawmakers lately, there needs to be a “major systemic shift” in government strategy.That’s because fraud is increasingly a thre

  • DDoS Attacks Surge in 2020 Due to #COVID19Distributed denial-of-service (DDoS) attacks rose substantially last year following the digital shift brought about by COVID-19, according to figures released by NETSCOUT.The cybersecurity company’s ATLAS Security Engineering and Response Team (ASERT) revealed it observed over 10 million attacks of this nature in 2020, which is around 1.6 million higher than in 2019.While acknowledging that it is normal for DDoS attacks to increase, the rate of gro

  • Syntax Releases First IT Trends ReportMulti-cloud and multi-ERP managed cloud services provider Syntax released its first ever “IT Trends Report” today.The report is based on an October 2020 survey of 500 IT leaders and decision makers in the US who were asked to describe how the COVID-19 pandemic had impacted their businesses and to share the strategic decisions they plan to make in 2021.The majority of those with in-house security teams (83%) said that they are considering

  • Hacker Admits Targeting Major US Websites

    Hacker Admits Targeting Major US WebsitesA hacker who became the first ever Cypriot national to be extradited to the United States has pleaded guilty to extorting major American website operators with stolen user data. Joshua Polloso Epifaniou was a teenager when he started hacking into websites, stealing information, and threatening to release it if he didn’t receive a ransom. The 21-year-old resident of Nicosia, Cyprus, was arrested by Cypriot authorities in February 2018.

  • Twitter Asks Users to Police Misinformation Social media giant Twitter has launched a new pilot scheme in the United States to tackle the spread of misinformation.Under the new Birdwatch scheme, users are invited to identify information in other people’s tweets they think is misleading and write notes that “provide informative context.”Twitter said it believes that a community-driven approach in which users monitor each other and provide a free fact-checking service will allow more con

  • Skilled Commonwealth migrants still facing 'unlawful' deportation

    More than 70 people refused right to remain despite 2019 ruling that Home Office misused Immigration Act, report findsDozens of highly skilled migrants from Commonwealth countries are still facing deportation almost two years after the court of appeal ruled the Home Office was acting unlawfully in refusing them leave to remain, according to a new report.In 2018, MPs and immigration experts criticised the use of the controversial section 322(5) of the Immigration Act, which was designed in part t

  • Dr Gary McGraw Appointed to IriusRisk Threat Modeling Technical Advisory Board

    Dr Gary McGraw Appointed to IriusRisk Threat Modeling Technical Advisory BoardApplication security threat modeling solutions provider IriusRisk has announced the appointment of Dr Gary McGraw to its threat modeling technical advisory board.Dr McGraw – who has a PhD in computer science and cognitive science – joins existing advisor Adam Shostack and will assist in the strategic direction and development of the AppSec firm. The board’s aim is to accelerate IriusRisk’s effor

  • Mastercard Introduces Quantum-Resistant Specs to Enhance Contactless Security

    Mastercard Introduces Quantum-Resistant Specs to Enhance Contactless SecurityCredit card firm Mastercard has unveiled new quantum-resistant standards that are designed to enhance the security and privacy of contactless payments.As a result of the move, Mastercard will become the first payments network to bring quantum-era security and privacy to contactless payments. The Enhanced Contactless (Ecos) specifications have been introduced following a surge in contactless payments over the past year,

  • TikTok Bug Gave Access to Contacts’ Profile Details Researchers have discovered a vulnerability in TikTok which could have allowed attackers to harvest users’ phone numbers and personal profile details.Check Point revealed today that the flaw, which has now been fixed by the popular social network, was found in the app’s “Find Friends” feature.The problem stems from the fact that TikTok allows users to sync their phone contacts with the app, thus connecting user pro

  • Cook County Leaks 320,000 Court Records Over 320,000 court records belonging to the second most populous county in the US have been discovered sitting on a misconfigured online database.Security researcher Jeremiah Fowler and a team from Website Planet soon found that the data was all from Cook County, Illinois, which is home to America’s third-largest city, Chicago.“There have been several high -profile data exposures of private companies that affected Cook County residents in the p

  • Misconfigured Cloud Server Exposes 66,000 GamersTens of thousands of users have had their personal details exposed after a popular online gaming site misconfigured the Elasticsearch server they were sitting on.A research team at WizCase found the wide-open server, with zero encryption and no password protection, through a simple search. It was traced back to VIPGames.com, a popular free-to-play card and board game platform with 100,000 Google Play downloads and roughly 20,000 active daily player

  • Mr. Double Website Operator Convicted A man from Texas has been convicted of operating a website dedicated to publishing stories detailing the sexual abuse of children.Brewster County resident Thomas Alan Arthur was convicted by a federal jury on January 21 following a trial that lasted three days. According to trial evidence, the 64-year-old started operating a website called Mr. Double in 1996. The website was devoted to publishing writings that described the sexual abuse of chi

  • San Francisco Law Firm Investigating PupBox Data BreachA San Francisco law firm has launched an investigation into a data breach that took place at a subsidiary of Petco Health and Wellness Company.The breach, which occurred over a six-month period last year, resulted in the exposure of the payment card information of tens of thousands of customers of PupBox, Inc.PupBox, which appeared on the entrepreneurial-themed reality TV show Shark Tank, sells customized puppy subscription boxes contai

  • Deloitte Acquires Root9B

    Deloitte Acquires Root9BProfessional services network Deloitte & Touche LLP today announced its acquisition of substantially all the assets of cybersecurity company Root9B, LLC (R9B).Founded in 2011 as a cybersecurity training company with a vision of delivering military-grade technology to the private sector, Root9B provides advanced cyber-threat-hunting services and solutions. The company also offers defense forensics and incident response, tech-enabled vulnerability as

  • US says support for Taiwan ‘rock-solid’ as Chinese jets buzz island

    DefenceTalkDefenceTalk The United States’ commitment to Taiwan is “rock-solid”, the State Department said late Saturday, as it warned that China’s “attempts to…

  • Russian Government Agency Warns Firms of US AttackThe Russian government has issued cybersecurity guidance to businesses in the country after claiming they are at risk of US reprisals for the recent SolarWinds attacks.The alert came late last week from the National Coordination Center for Computer Incidents (NKTsKI), an agency created in 2018 by KGB successor the Federal Security Service (FSB).It claimed the Biden administration had threatened to carry out retaliatory attacks on Russian critical

  • Intel: Earnings Leak Down to Internal Error

    Intel: Earnings Leak Down to Internal ErrorIntel was forced to issue its financial results earlier than expected last week after an internal error made public some of the information before it was due to be released, the firm has confirmed.Originally, Intel CFO, George Davis claimed a “hacker” had got hold of an infographic detailing the earnings, which was waiting to be published on the firm’s PR Newsroom site.An Intel spokesperson told the Financial Times at the time: &l

  • SonicWall Probes Attack Using Zero-Days in Own Products

    SonicWall Probes Attack Using Zero-Days in Own Products Security vendor SonicWall has warned its customers that threat actors may have found zero-day vulnerabilities in some of its remote access products.An initial post on the vendor’s knowledgebase pages on Friday claimed that the NetExtender VPN client version 10.x and the SMB-focused SMA 100 series were at risk.However, an update over the weekend clarified that impacted products were confined to its Secure Mobile Access (SMA) version 10

  • Terrorism watchdog to open inquiry into radicalisation in prison

    Prison officers have suffered a ‘steady drumbeat’ of attacks by terrorists, says Jonathan Hall QCAn inquiry into the way prisons deal with convicted terrorists is being launched by the independent terror watchdog amid concerns of growing radicalisation behind bars.Jonathan Hall QC said there had been a succession of terror attacks on prison officers while other inmates were coming under the influence of “high status” terrorist prisoners. Continue reading…

  • New Cyber-attack Advice for European Hospitals

    New Cyber-attack Advice for European Hospitals
    The European Data Protection Board has issued new advice to hospitals regarding what action to take in the event of a cyber-attack.Currently released in draft form, the new set of recommendations urges healthcare providers hit with ransomware to report the attack even if no patient data is accessed or exfiltrated. The guidelines state: “The internal documentation of a breach is an obligation independent of the risks pertaining to the

  • Home Security Technician Admits Spying on Customers A former home security technician has admitted habitually hacking into customers’ home surveillance cameras to spy on people without their consent. Telesforo Aviles accessed the accounts of around 200 customers more than 9,600 times over a period of four and half years while employed by security company ADT. The 35-year-old carried out the cyber-intrusions for his own sexual gratification. He made a note of which camera feeds were lin

  • Court Date for Woman Accused in Theft of Pelosi’s LaptopA woman from Pennsylvania will appear before a federal court on Monday to face charges in connection with the theft of a laptop belonging to Speaker of the United States House of Representatives Nancy Pelosi.The computer was stolen from Pelosi’s office earlier this month when a crowd of people who had been attending a political protest forced their way into the US Capitol building and disrupted the certification of then President-

  • Defense More Effective Than Offense in Curbing Nation State Threat Actors

    Defense More Effective Than Offense in Curbing Nation State Threat ActorsThe effectiveness of offensive capabilities in deterring nation state actors was discussed by a panel during the recent ‘RSAC 365 Innovation Showcase: Cyber Deterrence’ webinar.Chair of the session, Jonathan Luff, co-founder at Cylon, observed that now is the ideal time to be asking if and when offensive strikes should be used following the Russian state-backed SolarWinds attacks at the end of last year, as well

  • ICO Urged to Investigate Secretive Tory Party ConsultancyA leading rights group has asked the UK’s data protection regulator to urgently investigate the role of a shadowy political consultancy over claims that helped the Conservative Party to general election victory in 2019.CT Group is a global lobbying and consulting firm founded by long-time Tory collaborator Lynton Crosby. Its CT Partners Limited business accounted for nearly 40% of the Conservative Party’s £4.5m spend

  • Human Error to Blame as Exposed Records Top 37 Billion in 2020

    Human Error to Blame as Exposed Records Top 37 Billion in 2020Publicly reported global breach volumes dropped 48% last year compared to 2019, but the number of exposed records soared 141% to top 37 billion, according to new data from Risk Based Security.The security vendor uses automated tools to crawl the internet for info on breaches, which are then manually verified by human researchers, who also obtain data from Freedom of Information requests.The resulting 2020 Year End Report revealed a to

  • More Malware May Be Lurking on Govt School LaptopsSecurity experts have warned that more nasty surprises may be in store for recipients of a Department for Education (DfE) laptop scheme, after malware was found on some machines.Malicious files were found on some laptops that were sent to a Bradford school as part of the government’s attempt to support remote learning for vulnerable children, the BBC reported yesterday.They’re said to be infected with the legacy Gamarue.I worm, which

  • Truckers’ Medical Records Leaked Medical records belonging to truck drivers and rail workers may have been exposed following an alleged cyber-attack on an occupational healthcare provider in Virginia. Data apparently belonging to employees of the United Parcel Service (UPS) and Norfolk Southern Railroad was published online to a leak site by the gang behind Conti ransomware. The cyber-criminals claimed to have obtained the data during a December cyber-attack on Taylor Made Diagnos

  • Source link

    Is your business effected by Cyber Crime?

    If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol’s hotlines or respond to us online.

    Digitpol’s Cyber Crime Investigation Unit provides investigative support to victims of cyber crimes. Digitpol is available 24/7. https://digitpol.com/cybercrime-investigation/

    Europe +31558448040
    UK +44 20 8089 9944
    ASIA +85239733884