• SonicWall Probes Attack Using Zero-Days in Own Products

    SonicWall Probes Attack Using Zero-Days in Own Products Security vendor SonicWall has warned its customers that threat actors may have found zero-day vulnerabilities in some of its remote access products.An initial post on the vendor’s knowledgebase pages on Friday claimed that the NetExtender VPN client version 10.x and the SMB-focused SMA 100 series were at risk.However, an update over the weekend clarified that impacted products were confined to its Secure Mobile Access (SMA) version 10

  • Russian Government Agency Warns Firms of US AttackThe Russian government has issued cybersecurity guidance to businesses in the country after claiming they are at risk of US reprisals for the recent SolarWinds attacks.The alert came late last week from the National Coordination Center for Computer Incidents (NKTsKI), an agency created in 2018 by KGB successor the Federal Security Service (FSB).It claimed the Biden administration had threatened to carry out retaliatory attacks on Russian critical

  • Intel: Earnings Leak Down to Internal Error

    Intel: Earnings Leak Down to Internal ErrorIntel was forced to issue its financial results earlier than expected last week after an internal error made public some of the information before it was due to be released, the firm has confirmed.Originally, Intel CFO, George Davis claimed a “hacker” had got hold of an infographic detailing the earnings, which was waiting to be published on the firm’s PR Newsroom site.An Intel spokesperson told the Financial Times at the time: &l

  • Terrorism watchdog to open inquiry into radicalisation in prison

    Prison officers have suffered a ‘steady drumbeat’ of attacks by terrorists, says Jonathan Hall QCAn inquiry into the way prisons deal with convicted terrorists is being launched by the independent terror watchdog amid concerns of growing radicalisation behind bars.Jonathan Hall QC said there had been a succession of terror attacks on prison officers while other inmates were coming under the influence of “high status” terrorist prisoners. Continue reading…

  • New Cyber-attack Advice for European Hospitals

    New Cyber-attack Advice for European Hospitals
    The European Data Protection Board has issued new advice to hospitals regarding what action to take in the event of a cyber-attack.Currently released in draft form, the new set of recommendations urges healthcare providers hit with ransomware to report the attack even if no patient data is accessed or exfiltrated. The guidelines state: “The internal documentation of a breach is an obligation independent of the risks pertaining to the

  • Home Security Technician Admits Spying on Customers A former home security technician has admitted habitually hacking into customers’ home surveillance cameras to spy on people without their consent. Telesforo Aviles accessed the accounts of around 200 customers more than 9,600 times over a period of four and half years while employed by security company ADT. The 35-year-old carried out the cyber-intrusions for his own sexual gratification. He made a note of which camera feeds were lin

  • Court Date for Woman Accused in Theft of Pelosi’s LaptopA woman from Pennsylvania will appear before a federal court on Monday to face charges in connection with the theft of a laptop belonging to Speaker of the United States House of Representatives Nancy Pelosi.The computer was stolen from Pelosi’s office earlier this month when a crowd of people who had been attending a political protest forced their way into the US Capitol building and disrupted the certification of then President-

  • Defense More Effective Than Offense in Curbing Nation State Threat Actors

    Defense More Effective Than Offense in Curbing Nation State Threat ActorsThe effectiveness of offensive capabilities in deterring nation state actors was discussed by a panel during the recent ‘RSAC 365 Innovation Showcase: Cyber Deterrence’ webinar.Chair of the session, Jonathan Luff, co-founder at Cylon, observed that now is the ideal time to be asking if and when offensive strikes should be used following the Russian state-backed SolarWinds attacks at the end of last year, as well

  • ICO Urged to Investigate Secretive Tory Party ConsultancyA leading rights group has asked the UK’s data protection regulator to urgently investigate the role of a shadowy political consultancy over claims that helped the Conservative Party to general election victory in 2019.CT Group is a global lobbying and consulting firm founded by long-time Tory collaborator Lynton Crosby. Its CT Partners Limited business accounted for nearly 40% of the Conservative Party’s £4.5m spend

  • Human Error to Blame as Exposed Records Top 37 Billion in 2020

    Human Error to Blame as Exposed Records Top 37 Billion in 2020Publicly reported global breach volumes dropped 48% last year compared to 2019, but the number of exposed records soared 141% to top 37 billion, according to new data from Risk Based Security.The security vendor uses automated tools to crawl the internet for info on breaches, which are then manually verified by human researchers, who also obtain data from Freedom of Information requests.The resulting 2020 Year End Report revealed a to

  • More Malware May Be Lurking on Govt School LaptopsSecurity experts have warned that more nasty surprises may be in store for recipients of a Department for Education (DfE) laptop scheme, after malware was found on some machines.Malicious files were found on some laptops that were sent to a Bradford school as part of the government’s attempt to support remote learning for vulnerable children, the BBC reported yesterday.They’re said to be infected with the legacy Gamarue.I worm, which

  • Truckers’ Medical Records Leaked Medical records belonging to truck drivers and rail workers may have been exposed following an alleged cyber-attack on an occupational healthcare provider in Virginia. Data apparently belonging to employees of the United Parcel Service (UPS) and Norfolk Southern Railroad was published online to a leak site by the gang behind Conti ransomware. The cyber-criminals claimed to have obtained the data during a December cyber-attack on Taylor Made Diagnos

  • France Arrests 14 Over Online Child Sexual Abuse

    France Arrests 14 Over Online Child Sexual Abuse Fourteen people have been arrested in France as part of a nationwide sweep to combat the sexual exploitation of children online. The arrests were made by the French Gendarmerie (Gendarmerie nationale) with the support of Europol as part of an operation that was code-named Horus. All suspects were taken into custody between November 16 and November 20, 2020.In a statement released yesterday, Europol said: “The alleged suspects used s

  • Exploit Allows Root Access to SAPA team of enterprise resource planning security experts in Massachusetts have identified a functional exploit affecting SAP that is publicly available.The exploit was discovered by Onapsis Research Labs on code-hosting platform GitHub, where it had been published by Russian researcher Dmitry Chastuhin on January 14. Researchers said the exploit can be used against SAP SolMan, the administrative system used in every SAP environment that is simi

  • Barmak Meftah Joins Board of Directors at Nozomi NetworksIoT and OT security firm Nozomi Networks has announced that enterprise security leader Barmak Meftah has joined its board of directors.Meftah brings more than 25 years of experience in building market-leading enterprise SaaS and cybersecurity companies to Nozomi Networks and most recently served as president of AT&T Cybersecurity where he established its cybersecurity division and grew revenue by double digits.In addition to his indepe

  • California WeChat users claim China surveillance in lawsuit

    DefenceTalkDefenceTalkCalifornia WeChat users sued its parent company Tencent on Wednesday, saying the mobile app is used for spying on and censoring users for the Chinese government. US-based…

  • Russia urges Biden to be ‘more constructive’ on arms treaty

    DefenceTalkDefenceTalkRussia on Wednesday urged US President Joe Biden’s new administration to take a “more constructive” approach in talks over the extension of the New START…

  • Delicate dance: handing off the US ‘nuclear football’

    DefenceTalkDefenceTalkWhen an outgoing president hands the keys to the White House to the incoming one, another discrete handover takes place: the systems and codes for the US leader to launch a…

  • Global Cybersecurity Spending to Soar 10% in 2021The worldwide cybersecurity market is set to grow by up to 10% this year to top $60bn, as the global economy slowly recovers from the pandemic, according to Canalys.The analyst firm clarified that double-digit growth from $54.7bn in 2020 would be its best-case scenario. However, even in the worst case, cybersecurity spending would reach 6.6%, it predicted.That would factor in a deeper-than-anticipated economic impact from lockdowns, although the s

  • Security Biggest Barrier to Cloud Adoption for Over Half of UK FirmsOver half (58%) of UK businesses have cited security concerns as the biggest barrier to public cloud adoption, according to a new study from Centrify.The survey of 200 business decision makers in large and medium-sized enterprises in the UK also found that over a third (35%) who have adopted cloud are less than 80% confident it is completely secure.Additionally, more than a quarter (28%) of those surveyed revealed that their org

  • Threat Actor Dumps 1.9 Million Pixlr Records Online

    Threat Actor Dumps 1.9 Million Pixlr Records OnlineA notorious threat actor appears to have published 1.9 million user records for the popular online photo editing site Pixlr, putting customers at risk of follow-on attacks.“ShinyHunters” dumped the files over the weekend for free on an underground forum, claiming the site was breached at the same time as 123RF, which is owned by the same company, Inmagine.Among the data up for grabs are email addresses, usernames, hashed passwor

  • Interpol: Dating App Victims Lured into Investment ScamsInterpol has issued a global warning that dating app users are being groomed for investment fraud scams.The policing body’s Purple Notice claimed that lonely hearts are picked off online, when the fraudsters establish an “artificial romance” with their victims. Once they have built up a level of trust through regular communication, they share investment tips and encourage the victim to join up to a scheme.“Victims do

  • Kentucky Senior Arrested for Identity Theft

    Kentucky Senior Arrested for Identity TheftTwo women in Kentucky have been arrested in connection with a year-long cybercrime operation involving stolen identities and fraudulent benefit claims. An investigation was launched by police in West Buechel at the beginning of January when they received a call from a local branch of the bank BB&T to say that a fraudulently authorized check for nearly $40,000 had just been cashed. Police traced the fraudulent check to 57-year-old Lori

  • Trump Pardons Google Trade Secret Thief

    Trump Pardons Google Trade Secret Thief A former executive of Google subsidiary Waymo, imprisoned in the United States for stealing a trade secret and sharing it with rival company Uber, has been pardoned by outgoing president Donald Trump.On March 19, 2020, Anthony Scott Levandowski pleaded guilty to one of 33 counts of trade secrets theft originally filed against him in 2019. The 40-year-old was sentenced to 18 months in jail and a 3-year period of supervised

  • US Marines Create “Blue Team”The United States Marine Corps today announced the creation of a Marine Corps’ Adversarial Cyber Assessment “Blue Team” (MCAT).A Blue Team is a group of people who identify security threats and risks in the operating environment and analyze the network environment and its current state of security readiness. Using their findings and expertise, a Blue Team will typically provide recommendations that integrate into an overall community securit

  • Panel Reflects on How Orgs Should Approach Security in 2021The growing importance of ethical hacking in protecting organizations against the current threat landscape was discussed by a panel speaking during a HackerOne webinar entitled ‘Hacker Powered Security Predictions for 2021 EMEA.’Moderator Mårten Mickos, CEO of HackerOne, firstly emphasized how the shift to digital, including remote working, had “opened up a lot of new attack surfaces and exposures to var

  • #Inauguration2021: Cyber-Experts React as Joe Biden Set to Become 46th US PresidentToday, January 20 2021, Joe Biden will be sworn in as the 46th President of the Unites States of America.He and Vice-President-elect Kamala Harris will take their oaths of office on the West Front of the US Capitol.The Inauguration Day celebrations will take place in unprecedented circumstances, with increased security measures following the January 6 attack on the US Capitol building and a variety of social dista

  • Retail and Hospitality Facing Deluge of Critical Web App Flaws

    Retail and Hospitality Facing Deluge of Critical Web App FlawsMore than three-quarters of applications in the retail and hospitality sector contain at least one vulnerability, with a high percentage of these requiring urgent attention, according to Veracode.The application security vendor analyzed more than 130,000 applications to compile its latest State of Software Security report.However, while the 76% of buggy apps in the retail and hospitality sector is about average compared to other verti

  • Malwarebytes: SolarWinds Hackers Read Our EmailsMalwarebytes has confirmed that the SolarWinds attackers managed to access internal emails, although via a different intrusion vector to many victims.While many of the organizations caught up in the suspected Russian cyber-espionage campaign were compromised via a malicious SolarWinds Orion update, US government agency CISA had previously pointed to a second threat vector. This involved use of password guessing or spraying and/or exploiting in

  • Quarter of Orgs Don’t Offer Cybersecurity Training Due to Lack of BudgetA quarter (25%) of company directors are prevented from delivering cybersecurity training to staff by budgetary constraints, according to iomart’s Cybersecurity Insights Report.The survey of UK-based workers across C-level, director, manager and employee level, found that 28% of businesses offer no cybersecurity training whatsoever. Additionally, 42% said that whilst some training was offered by their firm, it wa

  • Source link

    Is your business effected by Cyber Crime?

    If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol’s hotlines or respond to us online.

    Digitpol’s Cyber Crime Investigation Unit provides investigative support to victims of cyber crimes. Digitpol is available 24/7. https://digitpol.com/cybercrime-investigation/

    Europe +31558448040
    UK +44 20 8089 9944
    ASIA +85239733884