Security

0 Comments
Over two-thirds of UK firms have fallen victim to a cyber-attack over the past year, with many claiming they don’t get enough guidance from the government on how to combat threats, according to RedSeal. The security vendor polled over 500 UK IT professionals from mainly SMBs to better understand their cyber-resilience levels. Some 68% claimed
0 Comments
According to the EU GDPR (General Data Protection Regulation) Implementation Review Survey conducted by IT Governance, six months after the GDPR went into effect, the majority of organizations are failing to implement the mandatory regulations. The study included 210 responses from participating organizations ranging in size from fewer than 10 to more than 1,001 employees from across
0 Comments
A series of cyber-robbery attacks have been targeting financial organizations in Eastern Europe, according to new research from Kaspersky Lab. Researchers found that the series of attacks, dubbed DarkVishnya, have affected at least eight banks in the region, with estimated losses running into the tens of millions of dollars. Based on data collected through Kaspersky Lab’s
0 Comments
by John E Dunn If you’re among the holdouts still running Flash, you have some more updating homework to do. Adobe has issued an out-of-band patch after researchers spotted a Flash zero-day flaw being exploited in the wild. The discovery was made by Qihoo 360 which on 29 November noticed a targeted APT (Advanced Persistent
0 Comments
Over two-fifths of organizations have fallen victim to a so-called Business Process Compromise (BPC) attack, despite widespread ignorance from senior execs about the threat, according to Trend Micro. The security giant polled over 1100 IT decision makers responsible for security across the UK, US, Germany, Spain, Italy, Sweden, Finland, France, Netherlands, Poland, Belgium and the
0 Comments
by Paul Ducklin On the Naked Security podcast this week: Marriott’s huge and scary data breach, a bug in software management software could be a data thief’s goldmine, and a self-righteous “hacker” prints out an advert on 50,000 internet printers. With Anna Brading, Mark Stockley, Matthew Boddy and Paul Ducklin. LISTEN NOW (Audio player above
0 Comments
Speaking at Black Hat Europe in London, Nahman Khayet, security researcher and Shlomi Boutnaru, CTO at Rezilion, explored the current cybersecurity skills shortage and its link to the education system. Khayet explained that there are three main characteristics of security experts, which are ‘thinking outside the box,’ ‘adversarial thinking’ and ‘technical knowledge.’ He also cited
0 Comments
Security researchers have discovered cybersecurity scammers in Russia are generating hundreds of thousands of dollars in profits by falsely claiming to be able to unlock encrypted files. Check Point explained that one ‘IT consultancy’ named Dr Shifro is promising customers it can help them recover from ransomware like Dharma/Crisis, for which there is no known
0 Comments
There has been an increase in the volume of cybercrime incidents reported to English police of 14% over the past two financial years, according to a new report. Think tank Parliament Street filed Freedom of Information (FOI) requests with the country’s police forces, asking for a breakdown of Computer Misuse Act crimes which involve hacking,
0 Comments
Hackers are deep in the spirit of exploiting the holidays for financial gain, which is why it’s unsurprising that yet another new type of spear phishing attack has emerged, in which attackers are posing as CEOs to trick office managers, executive assistants and receptionists into sending them gift cards, according to email security researchers at Barracuda
0 Comments
New research from the Ponemon Institute, in partnership with DocAuthority, found that IT security departments are underestimating the value of business documents by hundreds of thousands of dollars. In a newly published report, the Ponemon Institute found that despite being responsible for their management and protection, IT security departments are undervaluing a range of business
0 Comments
Hotel chain Marriott has confirmed widespread reports of a significant data breach with the sensitive details of 500 million customers possibly compromised. In an online statement, the company said: “On September 8, 2018, Marriott received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database. Marriott quickly engaged leading security
0 Comments
by Lisa Vaas A popular massage-booking app has spilled the beans on 309,000 customer profiles, including comments from their masseurs or masseuses on how creepy their customers are. The app’s wide-open, no-password-required database was discovered by researcher Oliver Hough, who tipped off TechCrunch. Hough said in a tweet on Tuesday that the breach was caused
0 Comments
Two Iranian men have been indicted for a string of ransomware attacks over the past three years, causing $30m in losses to over 200 organizations, mainly in the US. Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27, are accused of operating the infamous SamSam ransomware variant which targeted notable organizations including the Hollywood
0 Comments
The US authorities are claiming victory after dismantling two global cybercrime rings and indicting eight men on charges connected with running a major ad fraud operation. Aleksandr Zhukov, Boris Timokhin, Mikhail Andreev, Denis Avdeev, Dmitry Novikov, Sergey Ovsyannikov, Aleksandr Isaev and Yevgeniy Timchenko were charged with wire fraud, computer intrusion, aggravated identity theft, money laundering
0 Comments
‘Tis the season for cyber-scams, according to the new Holiday Threat Report from Carbon Black. The report compared cyber-attack data over the last two years and found that once cyber-attacks spike on Cyber Monday, they will likely remain elevated throughout the holiday season. The holiday season of 2016 saw a 20.5% surge in attempted attacks, but
0 Comments
Law enforcement agencies across the EU have successfully shut down more than 33,600 internet domains distributing counterfeit or stolen items, according to a press release published today by Europol. Europol announced that its Intellectual Property Crime Coordinated Coalition (IPC3) seized 33,654 domain names that had been selling contraband, including counterfeit pharmaceuticals, pirated films, television shows,
0 Comments
Facebook has again made headlines after the UK Parliament leveraged its legal right to demand documents alleged to include confidential email exchanges between top executives, as well as correspondences with CEO Mark Zuckerberg, according to The Guardian. The documents are believed to contain the details of Facebook’s data and privacy controls prior to the Cambridge Analytica
0 Comments
Uber has been hit with a £385,000 fine by the UK’s data protection regulator after a notorious breach in October/November 2016 which affected over 2.7 million customers and drivers. The Information Commissioner’s Office (ICO) branded the incident the result of “a series of avoidable data security flaws.” The hackers managed to obtain username and password combinations previously