Cyber Security News


  • Apple iPhone Malware Tactic Causes Fake Shutdowns to Enable Spying

    January 6, 2022

    In the world of mobile malware, simply shutting down a device can often wipe out any bad code, given that persistence after rebooting is a challenge for traditional malicious activity. But a new iPhone technique can hijack and prevent any shut-down process that a user initiates, simulating a real power-off while allowing malware to remain ...

  • UK: Three flights diverted as Gatwick Airport air traffic control suffers IT issues

    January 6, 2022

    Three flights have been diverted from Gatwick Airport due to IT issues in the air traffic control tower. Two British Airways flights were diverted to Heathrow Airport while one easyJet flight was redirected to London Luton Airport, a spokesperson for the airport told Sky News. One British Airways plane was travelling from Belfast while the other was ...

  • 1.1M Compromised Accounts Found at 17 Major Companies

    January 5, 2022

    There have been more than 1.1 million online accounts compromised in a series of credential-stuffing attacks against 17 different companies, according to a New York State investigation. Credential-stuffing attacks, such as last year’s attack on Spotify, use automated scripts to try high volumes of usernames and password combinations against online accounts in an effort to take ...

  • Purple Fox rootkit discovered in malicious Telegram installers

    January 5, 2022

    Researchers have warned that the Purple Fox rootkit is now being distributed through malicious, fake Telegram installers online. This week, the Minerva Labs cybersecurity team, working with MalwareHunterTeam, said that Purple Fox is being disguised through a file named “Telegram Desktop.exe.” Those that believe they are installing the popular messaging service are, instead, becoming laden with ...

  • Morgan Stanley agrees to $60 million settlement in data breach lawsuit

    January 5, 2022

    Morgan Stanley has agreed to a settlement figure of $60 million to resolve a data breach lawsuit. The US bank and financial services giant was subject to a class-action suit following two data exposure incidents involving approximately 15 million current and former clients. According to the motion (.PDF), legacy equipment was decommissioned in 2016 and 2019 that ...

  • Log4j flaw attack levels remain high, Microsoft warns

    January 4, 2022

    Microsoft has warned Windows and Azure customers to remain vigilant after observing state-sponsored and cyber-criminal attackers probing systems for the Log4j ‘Log4Shell’ flaw through December. Disclosed by the Apache Software Foundation on December 9, Log4Shell will likely take years to remediate because of how widely the error-logging software component is used in applications and services. Microsoft warns ...

  • FTC warns companies to remediate Log4j security vulnerability

    January 4, 2022

    Log4j is a ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services. Recently, a serious vulnerability in the popular Java logging package, Log4j (CVE-2021-44228) was disclosed, posing a severe risk to millions of consumer products to enterprise software and web applications. This vulnerability is ...

  • A New Web Skimmer Campaign Targets Real Estate Websites Through Attacking Cloud Video Distribution Supply Chain

    January 3, 2022

    Supply chain networks are frequent targets for cybercrime, as controlling a weak link in the supply chain can grant cybercriminals access to more victims – especially when the weak link is the source of the supply chain. Recently, we found a supply chain attack leveraging a cloud video platform to distribute skimmer (aka formjacking) campaigns. ...

  • Data breach: Broward Health warns 1.3 million patients, staff of ‘medical identity theft’

    January 3, 2022

    This weekend, the Broward Health hospital system notified more than 1.3 million patients and staff members that their personal information was involved in a data breach that started on October 15. In a statement on Saturday, the Florida hospital system said that in addition to names, addresses and phone numbers, Social Security numbers, bank account information ...

  • Israel’s Jerusalem Post website hacked on Soleimani assassination anniversary

    January 3, 2022

    Israel’s Jerusalem Post newspaper said on Monday its website had been hacked, in what it said was an apparent threat to the country. Instead of displaying a main news page, the website showed an illustration that appeared to recall top Iranian general Qassem Soleimani, who was assassinated in a U.S. drone strike in Iraq on this ...