admin

0 Comments
An American healthcare provider whose data was allegedly exfiltrated to an Amazon storage account by a cyber-attacker has taken legal action against Amazon.  As many as 85,688 patient and employee records were compromised last week when a threat actor seemingly based in Ukraine struck SalusCare, the largest provider of behavioral healthcare services in Southwest Florida. The attacker is
0 Comments
by Paul Ducklin Regular Naked Security readers will know we’re huge fans of Alan Turing OBE FRS. He was chosen in 2019 to be the scientist featured on the next issue of the Bank of England’s biggest publicly available banknote, the bullseye, more properly Fifty Pounds Sterling. (It’s called a bullseye because that’s the tiny,
0 Comments
Money doesn’t buy you happiness – cryptocurrency doesn’t buy you a genuine COVID-19 vaccine INTERPOL and the United States’ Homeland Security Investigations (HSI) have joined the chorus of warnings about online campaigns peddling bogus COVID-19 vaccines as cybercriminals are increasingly attempting to exploit nations’ vaccination programs. “With criminal groups producing, distributing, and selling fake vaccines,
0 Comments
Tax Season is Here: Avoid These Common Scams Targeting Canadians Tax return preparation might be a little more complicated this year than usual for many Canadians with millions receiving Canada Emergency Response Benefit (CERB) payments and about 40% of the Canadian labor force turned to self-employment options to help them financially weather the pandemic storm. Where there’s money and uncertainty, you’re likely to find
0 Comments
A political activist from Ohio has denied impersonating a leader of the political group Black Lives Matter on social media for his own personal profit. Toledo resident Sir Maejor Page, a.k.a. Tyree Conyers-Page, was arrested in September on one count of wire fraud and two counts of money laundering. An investigation was launched into the 32-year-old after
0 Comments
IT infrastructure management provider SolarWinds on Thursday released a new update to its Orion networking monitoring tool with fixes for four security vulnerabilities, counting two weaknesses that could be exploited by an authenticated attacker to achieve remote code execution (RCE). Chief among them is a JSON deserialization flaw that allows an authenticated user to execute
0 Comments
Relay Medical Corporation has completed the acquisition of an Internet of Things (IoT) cybersecurity firm based in Toronto, Canada. The completion of the deal to acquire Cybeats Technologies Inc was announced yesterday, just 20 days after news of the transaction was published. Cybeats was founded in 2016 by Peter Pinsker, Dmitry Raidman, and Vladislav Kharbash. The company
0 Comments
by Harriet Stone Since its launch in 2010, Instagram has seen more than 1 billion accounts opened, and users on the service share close to 100 million photos every day. Instagram’s popularity may be down to the fact that it is a social media network like no other, offering a unique visual twist. Unlike Twitter
0 Comments
Nearly half of reported cybercrime losses in 2020 were the result of BEC fraud, according to an FBI report Losses emanating from Business Email Compromise (BEC) and Email Account Compromise (EAC) scams surpassed US$1.86 billion last year, which is more than the combined losses stemming from the next six costliest types of cybercrime in the 2020
0 Comments
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of critical security shortcomings in GE’s Universal Relay (UR) family of power management devices. “Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition,” the agency said in an advisory published
0 Comments
The approach organizations should take to develop and maintain an effective DevSecOps culture were highlighted by Patrick Debois, director of market strategy at Snyk during a session at the Infosecurity Magazine Online Summit EMEA 2021. Debois firstly emphasized the importance of an organization’s culture in determining the DevSecOps strategy that should be employed. “The CEO and culture of your company will
0 Comments
Police in India have arrested 34 people for allegedly impersonating Apple and McAfee employees to con foreign nationals out of their money. The defendants were detained during a March 20 raid on two fake call centers located in the same building in Uttam Nagar, a mostly residential area in southwestern New Delhi. Delhi Police’s Cyber
0 Comments
Why do many organizations have a hard time keeping up with the evolving threat landscape and effectively managing their cyber-risks? Financial services companies have been a popular target for cybercriminals for a long time. Not without good reason, since beyond working with money, financial companies handle a slew of sensitive client data that criminals utilize
0 Comments
Google has disclosed that a now-patched vulnerability affecting Android devices that use Qualcomm chipsets is being weaponized by attackers to launch targeted attacks. Tracked as CVE-2020-11261 (CVSS score 8.4), the flaw concerns an “improper input validation” issue in Qualcomm’s Graphics component that could be exploited to trigger memory corruption when an attacker-engineered app requests access
0 Comments
The Ontic Center for Protective Intelligence has launched a new monthly honor program to recognize the pioneers and thought leaders driving the physical security and protection industry.  Each month, the program will recognize groundbreaking professionals who have developed either new models or new areas of knowledge, and veteran practitioners who are actively contributing to advancing their industry.  Among
0 Comments
The malware can grab login credentials for more than 450 apps and bypass SMS-based two-factor authentication Cybercriminals are attempting to take advantage of the popularity of Clubhouse to deliver malware that aims to steal users’ login information for a variety of online services, ESET malware researcher Lukas Stefanko has found. Disguised as the (as yet
0 Comments
Cybersecurity researchers on Thursday disclosed a new attack wherein threat actors are leveraging Xcode as an attack vector to compromise Apple platform developers with a backdoor, adding to a growing trend that involves targeting developers and researchers with malicious attacks. Dubbed “XcodeSpy,” the trojanized Xcode project is a tainted version of a legitimate, open-source project
0 Comments
An advanced persistent threat group (APT) with links to the Chinese government has been blamed for a cyber-espionage attack on Finland’s parliament.  The Finnish Security and Intelligence Service (Supo) announced on Thursday that APT31 was behind a cyber-espionage campaign that targeted the Finnish parliament last fall.  Security companies including Checkpoint and FireEye have linked APT31’s activities with the state cyber-operations of