News – May 2017


  • Debenhams Data Breach Affects 26K Customers, Payment Details Exposed

    May 5, 2017

    Personal data of up to 26,000 people was exposed due to a data breach affecting customers of Debenhams Flowers, the retailer’s florist arm. According to Debenhams, the site is actually operated by Ecomnova, which is a third-party supplier. Therefore, customers of other services it provides have not been affected in any way. On the other hand, Ecomnova ...

  • Wikileaks Unveils CIA’s Man-in-the-Middle Attack Tool

    May 5, 2017

    Wikileaks has published a new batch of the Vault 7 leak, detailing a man-in-the-middle (MitM) attack tool allegedly created by the United States Central Intelligence Agency (CIA) to target local networks. Since March, WikiLeaks has published thousands of documents and other secret tools that the whistleblower group claims came from the CIA. This latest batch is the ...

  • An Army of Thousands of Hacked Servers Found Mining Cryptocurrencies

    May 4, 2017

    A new botnet consisting of more than 15,000 compromised servers has been used to mine various cryptocurrencies, earning its master around $25,000 per month. Mining cryptocurrencies can be a costly investment, as it requires an enormous amount of computing power, but cybercriminals have found an easy money-making solution. Dubbed BondNet, the botnet was first spotted in December ...

  • After years of warnings, mobile network hackers exploit SS7 flaws to drain bank accounts

    May 3, 2017

    Experts have been warning for years about security blunders in the Signaling System 7 protocol – the magic glue used by cellphone networks to communicate with each other. These shortcomings can be potentially abused to, for example, redirect people’s calls and text messages to miscreants’ devices. Now we’ve seen the first case of crooks exploiting the ...

  • Don’t click that Google Docs link! Gmail hijack mail spreads like wildfire

    May 3, 2017

    If you get an email today sharing a Google Docs file with you, don’t click it – you may accidentally hand over your Gmail inbox and your contacts to a mystery attacker. The phishing campaign really kicked off in a big way on Wednesday morning, US West Coast time. The malicious email contains what appears to ...

  • Hundreds of Fake UK Bank Sites Exposed, Pose High Risk for Customers

    May 3, 2017

    Hackers have registered over 300 domains with names similar to those of several popular British banks, which they use to trick customers into handing over personal details or login data. According to DomainTools, a company handling domain names and DNS-based cyber threats, 324 such domains were discovered only in relation to banks in the United Kingdom, ...

  • Factory Robots Are Easy to Hack, Researchers Show

    May 3, 2017

    In perhaps one of the scariest findings in recent months, researchers have discovered that factory robots can easily be hacked. This, of course, could have grave effects on entire industries and pose safety issues. Cybersecurity firm Trend Micro found that numerous factory robots have a weak network security, using simple combinations of username and passwords that ...

  • Air Force knocking down stovepipes to shore up space cybersecurity

    May 3, 2017

    Cybersecurity is a growing concern for everyone who relies computers. The U.S. Air Force Space and Missile Systems Center (SMC) faces unique challenges, however, because it uses an extensive array of ground systems that in some cases are decades old to communicate with the individual satellites and constellations the U.S. military relies on during peacetime ...

  • DDoS Attacks Can Cost Businesses Up to $2.5M Per Attack, Report Says

    May 2, 2017

    The time to respond and mitigate DDoS attacks can be costly for companies, and some businesses can lose roughly $2.5 million on average per attack, a research report released today said. Neustar, an analytics firm that sees swathes of DDoS attack telemetry daily, boiled down some of the figures in a dispatch, its annual Worldwide DDoS Attacks and Cyber Insights ...

  • PCs with Intel Server Chipsets, Launched Since 2010, Can be Hacked Remotely

    May 1, 2017

    Updated: Since the below-reported vulnerability is highly critical and it would take a few weeks for sysadmins to protect their enterprise network, the research team has not yet disclosed the technical details of the vulnerability. Meanwhile, I have talked with Maksim Malyutin, a member of Embedi research team who discovered the vulnerability in March, and updated ...

  • Siemens, Darktrace form cyber security partnership

    May 1, 2017

    Darktrace, a provider of Enterprise and Industrial Immune System technology, and Siemens, a global engineering and technology provider, have entered into a strategic partnership to bring cyber defense for operational technology (OT) to the oil and gas industry and electric utilities. With Darktrace’s Industrial Immune System and Siemens’ domain OT security expertise, the partnership will ...