• US Breach Volumes Fell 19% in 2020 as Ransomware SurgesThe number of publicly reported US data breaches and leaks last year dropped 19% as attackers continued to move away from mass theft of customer data to more lucrative tactics like ransomware, according to a leading non-profit.The Identity Theft Resource Center (ITRC) compiled its annual report from company announcements, mainstream news reports, government agencies, recognized security firms and researchers, and other non-profits.In total,

  • Social Media Influencer Charged with Election Interference An American social media influencer has been charged with running a misinformation campaign that tricked social media users into believing that they could vote by text message in the 2016 US presidential election.Douglass Mackey, aka Ricky Vaughn, was arrested yesterday morning on charges of conspiring with others ahead of the election to spread misinformation designed to deprive US citizens of their constitutional right to vot

  • Return to SMS as Security Feature New research by California IT service management company Okta has found an increase in the use of SMS as a security feature during the Covid-19 health crisis.The finding emerged from the latest “Businesses at Work” report, which analyzed the login activity of Okta’s 9,400 customers to reveal the ways in which companies have improved their security posture in response to the pandemic. Analysis of the data revealed that although use of SM

  • US Launches Global Action Against NetWalkerThe United States Department of Justice has launched a global law enforcement action against a cyber-criminal gang that has made millions by selling ransomware-as-a-service (RaaS).A coordinated international law enforcement action to disrupt NetWalker was announced by the Department yesterday.NetWalker ransomware has claimed numerous victims, including companies, municipalities, hospitals, law enforcement departments, emergency services, schoo

  • Schneider Partners with Immersive Labs to Launch Virtual Training PlatformSchneider Electric has announced the launch of a virtual cyber-academy in collaboration with Immersive Labs. The Schneider Electric Cyber Academy will enable businesses to provide cybersecurity training for employees at all levels as well as have monitoring workplace capabilities.The academy will be delivered through Immersive Labs’ gamified entry-level skills platform. Companies that sign up will gain access to more

  • #RSAC365: How to Achieve Next Level Security AutomationSpeaking at the RSAC 365 Virtual Summit Tomasz Bania, cyber-defense manager, Dolby, explored how organizations can transition from manually doing the security basics to implementing full end-to-end security automation.Bania explained that the amount of work security teams are having to handle is increasing rapidly, but without the tooling or staffing to keep up.Furthermore, levels of alert volumes received by security teams are increasing, &

  • #RSAC365: Organizations Must Prepare for New #COVID19 Data Privacy Challenges New data protection issues brought about by the COVID-19 pandemic were discussed by Behnam Dayanim, partner and global chair of privacy and cybersecurity practice at Paul Hastings LLP, during a session at the RSAC 365 Virtual Summit.With COVID-19 vaccines now being rolled out across the world, many organizations are preparing to enable the safe return of staff to their offices. In the view of Dayanim, it is import

  • Remote Workers Could Offer Brexit Britain Cybersecurity LifelineMany UK IT leaders are concerned that a security hiring freeze last year could ramp up cyber-risk, but the new remote working environment may offer a partial solution, according to CrowdStrike.The security vendor released new UK-centric findings today from its Global Security Attitude Survey which polled 2200 IT and security decision makers around the world.A majority (63%) of UK respondents claimed their organization is now at a hi

  • Consumers Falling for $100m Clone Firm ScamsBritish consumers lost nearly £80m ($109m) to so-called “clone firm” scams last year, as pandemic-related money woes persuaded many to make ill-judged investments, according to the Financial Conduct Authority (FCA).The financial regulator reported consumers losing an average of £45,242 each when interacting with fraudsters masquerading as legitimate investment companies. Reports surged 29% between March, when the country we

  • #DataPrivacyDay: Leaks and Breaches Soared 93% in 2020Breaches and leaks of sensitive information from organizations doubled last year, even as consumer concerns over data privacy surged, according to two new reports published on Data Protection Day.January 28 marks the signing in 1981 of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Also known as Data Privacy Day in North America, it is now an awareness raising event aimed at organizati

  • #RSAC365: #COVID19 Fundamentally Altered Global Attack Surface

    #RSAC365: #COVID19 Fundamentally Altered Global Attack SurfaceSpeaking at the RSAC 365 Virtual Summit Jason Rivera, director, Strategic Threat Advisory Group at CrowdStrike, explored how the COVID-19 health crisis has fundamentally altered the attack surface for organizations across the world.“We had to use the internet so much more than we ever have in the past. If we use the internet more, then we have a larger, more complex attack surface. That in turn allows adversaries opportunities t

  • Emotet Disrupted Through Global ActionInfamous botnet Emotet has been brought down by an international law enforcement operation.Earlier today, Europol announced that Emotet’s infrastructure had been taken over by investigators in a coordinated action by authorities in Canada, France, Germany, Lithuania, the Netherlands, the United Kingdom, the United States, and Ukraine, with international activity coordinated by Europol and Eurojust.First discovered as a banking trojan in 2014, the m

  • #RSAC365: Will Recent Treasury Guidance Reduce Ransomware Payments in the US?The ways organizations should react following a ransomware attack were discussed during a session at the RSAC 365 Virtual Summit.This topic was highlighted in context of an advisory issued in October 2020 by the US Department of the Treasury concerning the payment of ransomware. Adam Hickey, deputy assistant attorney general, National Security Division, Department of Justice, explained that “essentially it re

  • UK Insurers Defend Covering Ransomware Payments Insurance providers in the United Kingdom have defended the inclusion of ransomware payments in first-party cyber-insurance policies.Cyber-risk insurance covers the cost of restoring loss to business income or reputation caused by damage to computers and computer networks.The Association of British Insurers (ABI) said that while insurance was “not an alternative” to taking appropriate action to minimize risk, firms could suffer financial ruin witho

  • Grindr Faces $11.7m Data Privacy FineThe world’s largest social networking and dating app for gay, bisexual, trans, and queer people is facing a hefty fine in Norway over an alleged breach of data privacy. On Tuesday, Norway’s Data Protection Authority (NDPA) announced its intention to fine Grindr 100 million Norwegian crowns ($11.7m) for illegally disclosing user data to advertising firms.The American company, which launched back in 2009, said that the allegations

  • Global Public-Private Partnerships Key to Fighting Cybercrime The importance of public-private engagement on a global scale in combatting cybercrime was discussed during a virtual Microsoft security briefing.Opening the discussion, Amy Hogan-Burney, general manager, digital crimes unit at Microsoft, highlighted how the cyber-threat landscape has evolved since the start of the COVID-19 pandemic. While the tactics used by cyber-criminals have not altered significantly as they were alread

  • Growing Digital Adoption Providing Extra Opportunities for Cyber-CriminalsIncreased digital adoption since the start of COVID-19 is leaving consumers more vulnerable to cyber-attacks, according to McAfee’s 2021 Consumer Security Mindset Report.The analysis found that Brits across all age groups have embraced new digital solutions amid ongoing social distancing restrictions. Nearly three-quarters purchased at least one connected device in 2020 and one in five brought at least three. However

  • More Security Vendors Admit to SolarWinds AttacksSeveral more cybersecurity vendors have revealed that they were attacked by the same threat actors that compromised SolarWinds, although there appears to have been minimal if any impact on customers.Mimecast revealed a couple of weeks ago that a “sophisticated threat actor” obtained one of its certificates used to authenticate Mimecast products to Microsoft 365 (M365) Exchange Web Services, in a bid to compromise customers’ M365

  • Manufacturing Giant Suffers Major Cyber-Disruption

    Manufacturing Giant Suffers Major Cyber-DisruptionA leading global manufacturer of cranes has been hit by what appears to be a ransomware attack disrupting IT operations around the world.Headquartered in Austria, Palfinger Group is renowned for producing hydraulic lifting and loading systems and runs scores of companies in over 30 countries.The firm issued a brief statement on Monday revealing it is the target of an ongoing global cyber-attack.“IT infrastructure is disrupted at the moment

  • UK Spies Called on to Help in Fraud FightFraud has become a serious threat to the UK’s national security, according to a think tank report calling for a major new government-led approach to tackle the issue.The report from the highly respected Royal United Services Institute (RUSI) argued that, while fraud has received more airtime from media and lawmakers lately, there needs to be a “major systemic shift” in government strategy.That’s because fraud is increasingly a thre

  • DDoS Attacks Surge in 2020 Due to #COVID19Distributed denial-of-service (DDoS) attacks rose substantially last year following the digital shift brought about by COVID-19, according to figures released by NETSCOUT.The cybersecurity company’s ATLAS Security Engineering and Response Team (ASERT) revealed it observed over 10 million attacks of this nature in 2020, which is around 1.6 million higher than in 2019.While acknowledging that it is normal for DDoS attacks to increase, the rate of gro

  • Syntax Releases First IT Trends ReportMulti-cloud and multi-ERP managed cloud services provider Syntax released its first ever “IT Trends Report” today.The report is based on an October 2020 survey of 500 IT leaders and decision makers in the US who were asked to describe how the COVID-19 pandemic had impacted their businesses and to share the strategic decisions they plan to make in 2021.The majority of those with in-house security teams (83%) said that they are considering

  • Hacker Admits Targeting Major US Websites

    Hacker Admits Targeting Major US WebsitesA hacker who became the first ever Cypriot national to be extradited to the United States has pleaded guilty to extorting major American website operators with stolen user data. Joshua Polloso Epifaniou was a teenager when he started hacking into websites, stealing information, and threatening to release it if he didn’t receive a ransom. The 21-year-old resident of Nicosia, Cyprus, was arrested by Cypriot authorities in February 2018.

  • Twitter Asks Users to Police Misinformation Social media giant Twitter has launched a new pilot scheme in the United States to tackle the spread of misinformation.Under the new Birdwatch scheme, users are invited to identify information in other people’s tweets they think is misleading and write notes that “provide informative context.”Twitter said it believes that a community-driven approach in which users monitor each other and provide a free fact-checking service will allow more con

  • Skilled Commonwealth migrants still facing 'unlawful' deportation

    More than 70 people refused right to remain despite 2019 ruling that Home Office misused Immigration Act, report findsDozens of highly skilled migrants from Commonwealth countries are still facing deportation almost two years after the court of appeal ruled the Home Office was acting unlawfully in refusing them leave to remain, according to a new report.In 2018, MPs and immigration experts criticised the use of the controversial section 322(5) of the Immigration Act, which was designed in part t

  • Dr Gary McGraw Appointed to IriusRisk Threat Modeling Technical Advisory Board

    Dr Gary McGraw Appointed to IriusRisk Threat Modeling Technical Advisory BoardApplication security threat modeling solutions provider IriusRisk has announced the appointment of Dr Gary McGraw to its threat modeling technical advisory board.Dr McGraw – who has a PhD in computer science and cognitive science – joins existing advisor Adam Shostack and will assist in the strategic direction and development of the AppSec firm. The board’s aim is to accelerate IriusRisk’s effor

  • Mastercard Introduces Quantum-Resistant Specs to Enhance Contactless Security

    Mastercard Introduces Quantum-Resistant Specs to Enhance Contactless SecurityCredit card firm Mastercard has unveiled new quantum-resistant standards that are designed to enhance the security and privacy of contactless payments.As a result of the move, Mastercard will become the first payments network to bring quantum-era security and privacy to contactless payments. The Enhanced Contactless (Ecos) specifications have been introduced following a surge in contactless payments over the past year,

  • TikTok Bug Gave Access to Contacts’ Profile Details Researchers have discovered a vulnerability in TikTok which could have allowed attackers to harvest users’ phone numbers and personal profile details.Check Point revealed today that the flaw, which has now been fixed by the popular social network, was found in the app’s “Find Friends” feature.The problem stems from the fact that TikTok allows users to sync their phone contacts with the app, thus connecting user pro

  • Cook County Leaks 320,000 Court Records Over 320,000 court records belonging to the second most populous county in the US have been discovered sitting on a misconfigured online database.Security researcher Jeremiah Fowler and a team from Website Planet soon found that the data was all from Cook County, Illinois, which is home to America’s third-largest city, Chicago.“There have been several high -profile data exposures of private companies that affected Cook County residents in the p

  • Misconfigured Cloud Server Exposes 66,000 GamersTens of thousands of users have had their personal details exposed after a popular online gaming site misconfigured the Elasticsearch server they were sitting on.A research team at WizCase found the wide-open server, with zero encryption and no password protection, through a simple search. It was traced back to VIPGames.com, a popular free-to-play card and board game platform with 100,000 Google Play downloads and roughly 20,000 active daily player

  • Source link

    Is your business effected by Cyber Crime?

    If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol’s hotlines or respond to us online.

    Digitpol’s Cyber Crime Investigation Unit provides investigative support to victims of cyber crimes. Digitpol is available 24/7. https://digitpol.com/cybercrime-investigation/

    Europe +31558448040
    UK +44 20 8089 9944
    ASIA +85239733884