• Deceased Patient Data Being Sold on Dark Web

    July 11, 2018

    Why are hackers selling medical records of deceased patients? It is no shocker medical records are a prime target for cybercriminals. But less intuitive is the market for medical records of the deceased on the dark web. We took a closer look at the reason behind this strange trend. Here is what we found. First off, despite ...

  • Two New Spectre-Class CPU Flaws Discovered—Intel Pays $100K Bounty

    July 11, 2018

    Intel has paid out a $100,000 bug bounty for new processor vulnerabilities that are related to Spectre variant one (CVE-2017-5753). The new Spectre-class variants are tracked as Spectre 1.1 (CVE-2018-3693) and Spectre 1.2, of which Spectre 1.1 described as a bounds-check bypass store attack has been considered as more dangerous. Earlier this year, Google Project Zero researchers ...

  • China-based hackers take an interest in Cambodia’s elections

    July 11, 2018

    A US-based security researcher has accused China of interfering in Cambodia’s forthcoming national election. Security vendor FireEye says it has spotted a large-scale Chinese phishing, intrusion, remote access trojan (RAT), and data exfiltration operation targeting the poll. FireEye attributed the activity to a group dubbed “TEMP.Periscope”, previously more closely associated with targeting American engineering and maritime operations. The FireEye post ...

  • Hacker Sold Stolen U.S. Military Drone Documents On Dark Web For Just $200

    July 11, 2018

    You never know what you will find on the hidden Internet ‘Dark Web.’ Just about an hour ago we reported about someone selling remote access linked to security systems at a major International airport for $10. It has been reported that a hacker was found selling sensitive US Air Force documents on the dark web for between $150 ...

  • AT&T buys threat intelligence company AlienVault

    July 10, 2018

    AT&T said it plans to continue investing in and building on AlienVault’s key platforms, and will integrate the technology into its suite of managed cybersecurity offerings. Fresh off of its $85 billion acquisition of Time Warner, AT&T said Tuesday that it’s buying AlienVault, a cybersecurity and threat intelligence company. Financial terms were not disclosed. Based in San Mateo, California, AlienVault ...

  • Timehop breach hits 21 million users due to a lack of 2FA on cloud services

    July 9, 2018

    Timehop, a service that surfaces a user’s past social media content, has revealed a security breach that hit the company on July 4, and resulted in a database of 21 million users hit. As a result, the company has voided all social media authorisation tokens it held, and is alerting its users. Around 4.7 million phone numbers were breached, ...

  • Fitness app Polar exposed locations of spies and military personnel

    July 8, 2018

    A popular fitness app that tracks the activity data on millions of users has inadvertently revealed the locations of personnel working at military bases and intelligence services. The app, Polar Flow, built by its eponymous company Polar, a Finnish-based fitness tracking giant with offices in New York, allowed anyone to access a user’s fitness activities over ...

  • Mastercard: Biometrics use set to skyrocket

    July 6, 2018

    Biometric technology is set to become an integral part of all online shopping as the need for greater security increases, a new report has claimed. Research from Mastercard claims that one in four online transactions will need a greater level of authentication and security within the next 12 months. New EU regulations governing online fraud are set to come ...

  • Ex-NSO Employee Caught Selling Stolen Phone Hacking Tool For $50 Million

    July 5, 2018

    A former employee of one of the world’s most powerful hacking companies NSO Group has been arrested and charged with stealing phone hacking tools from the company and trying to sell it for $50 million on the Darknet secretly. Israeli hacking firm NSO Group is mostly known for selling high-tech malware capable of remotely cracking into ...

  • Fortnum & Mason data breach: 23,000 customers’ details accessed

    July 3, 2018

    The data of thousands of Fortnum & Mason customers, including addresses and contact phone numbers, has been accessed after a breach on a form on its website. The 310-year-old food shop, known as the “Queen’s grocer”, has become the latest company to fall victim to an attack. About 23,000 people who filled out a survey or took ...

  • IoT and malware top the worries list for industrial tech firms

    July 3, 2018

    Industrial players, like power plants, manufacturers or water treatment centres, are embracing IoT at a great pace, but failing to consider security issues, new research has said. A report by Kaspersky Lab has claimed that while these types of organisations turn more towards IoT, they’re not doing enough to protect these investments, which makes them a sitting duck ...

  • Cyber attacks are now a matter of when not if for UK businesses

    July 2, 2018

    For a growing number of UK companies, being hit by a cyber breach is not a matter of ‘if’ – it’s a matter of ‘when’. This is according to a new report by KPMG based on a poll of 150 UK leaders. When compared to the rest of the world, though, the UK is performing well, as according to ...

  • Two Zero-Day Exploits Found After Someone Uploaded ‘Unarmed’ PoC to VirusTotal

    July 2, 2018

    Security researchers at Microsoft have unveiled details of two critical and important zero-day vulnerabilities that had recently been discovered after someone uploaded a malicious PDF file to VirusTotal, and get patched before being used in the wild. In late March, researchers at ESET found a malicious PDF file on VirusTotal, which they shared with the security team ...

  • Data Regulators See Spike In GDPR Complaints

    July 2, 2018

    Companies are seeing a sharp spike in requests for information on how their data is collected and processed following the introduction of the General Data Protection Regulation (GDPR) across Europe a month ago, with many requesting extensions to the legal deadline for their replies. The regulation has also shaken up the online advertising business, with some adtech firms ...

  • Researchers Uncover New Attacks Against LTE Network Protocol

    June 29, 2018

    If your mobile carrier offers LTE, also known as the 4G network, you need to beware as your network communication can be hijacked remotely. A team of researchers has discovered some critical weaknesses in the ubiquitous LTE mobile device standard that could allow sophisticated hackers to spy on users’ cellular networks, modify the contents of their ...

  • Adidas US breach may have exposed millions of customers’ personal info

    June 29, 2018

    Adidas warned late on Thursday that hackers may have lifted customer data from its US website. The sportswear maker said personal data, including contact information (addresses and email addresses), and encrypted passwords may have fallen into the hands of criminals, but was able to reassure customers that neither financial nor fitness information was at risk. Read more… Source: The Register  

  • RAMpage Attack Explained – Exploiting RowHammer On Android Again!

    June 29, 2018

    A team of security researchers has discovered a new set of techniques that could allow hackers to bypass all kind of present mitigations put in place to prevent DMA-based Rowhammer attacks against Android devices. Dubbed RAMpage, the new technique (CVE-2018-9442) could re-enable an unprivileged Android app running on the victim’s device to take advantage from the previously ...

  • Hotels, airlines and travel sites battle bot attacks

    June 27, 2018

    Hotels, airlines, cruises and travel sites are under siege from crooks using fake or stolen account details to try to access accounts. Hackers have been using stolen or leaked account details to attempt to log into accounts, using botnets to deliver attacks at industrial scale, according to research by Akamai. Read more… Source: ZDNet  

  • Thanatos ransomware: Free decryption tool released for destructive file-locking malware

    June 27, 2018

    Victims of a destructive form of ransomware, which fails to unlock files even if the ransom is paid, can now retrieve their files for free with a new file decryptor released by security researchers. Thanatos ransomware first started targeting Windows systems in February and multiple versions of it have been released in the months since, indicating ...

  • Up to 40,000 British Ticketmaster users may have had their personal and payment details stolen by hackers

    June 27, 2018

    Ticketmaster UK have admitted British customers may have had their credit card data stolen in a security breach that could have affected up to 40,000 people. The company says it ‘identified malicious software’ on a third party product on Saturday, but did not reveal the breach until today. The firm said it disabled the software as soon ...