Cyber Bites

The man who allegedly hacked Many City is to offer Premier League help in FFP investigation. The alleged hacker, Rui Pinto, at the heart of the Football Leaks allegations has offered assistance to the Premier League in their ongoing investigation of Manchester City. Rui Pinto has been identified as the “whistleblower” who provided German newspaper Der Spiegel with emails and other documents that appeared to suggest the Blues had subverted financial fair play rules, The...

Zscaler has discovered a new batch of apps on the Google Play Store hiding Joker malware that that can steal users' cash and read their text messages. Researchers at Zscaler's ThreatLabz have warned people to delete these "Joker apps" that can steal cash and read your text messages from Android phones. The malware can even sign users up to subscription plans and charge any cards saved to their accounts. This specific type of malware was...

Security researcher, Gilles Lionel, has uncovered a new NTLM relay attack that lets hackers take over Windows domains, the Hacker News has reported. The security flaw, named PetiPotam, in the Windows operating system can be exploited to coerce remote Windows servers, including Domain Controllers, to authenticate with a malicious destination, thereby allowing an adversary to stage an NTLM relay attack and completely take over a Windows domain. Gilles Lionel shared technical details and proof-of-concept (PoC)...

European Commission regulators have proposed changes to EU law that would force companies that transfer Bitcoin or other crypto-assets to collect details on the recipient and sender. The proposals would make crypto-assets more traceable, the EU Commission said, and would help stop money-laundering and the financing of terrorism. The package also includes the proposal for the creation of a new EU authority to fight money laundering. According to the BBC, the proposals could take two...

This week, cybersecurity provider Netskope released the July 2021 Netskope Cloud and Threat Report, the latest installment of Netskope Threat Labs' biannual research analyzing critical trends in enterprise cloud service and app use, web and cloud-enabled threats, and cloud data migrations and transfers. The results revealed that some departing employees present disproportionately significant cloud security risks. In their last 30 days of employment, workers have been proven to be uploading three times more data than...

This week, news broke that the Financial Counduct Authority (FCA) has issued a warning to Binance, the world's biggest cryptocurrency exchange. The ruling stated that firm cannot conduct any "regulated activity" in the UK, while also advising people to be wary of adverts promising high returns on crypto investments. Binance said the FCA notice would have no "direct impact" on the services it provides from its website Binance.com. Binance's existing crypto exchange is not UK-based...

Sony has reportedly faced a security breach which resulted in millions of PS3 IDs being leaked to the hackers. This is thought to be the reason behind lots of PS3 users reporting in the PSN forums that they were banned for no reason whatsoever, according to reporting from Sportskeeda. While there is not enough evidence to ratify the claim, it does not seem too far-fetched considering the circumstantial evidence at hand. There has been a...

In a speech on Wednesday, the U.S. President, Joe Biden told the Russian President, that 16 sectors of critical infrastructure should be "off-limits" to attacks, specifically cyberattacks. Unfortunately, analysts believe his efforts to be futile. Robert Golladay, the EMEA and APAC director at Illusive claims that "the fact that one of the leaders of the free world stood up to discuss Ransomware on a global stage is significative. We are in the middle of a...

On Thursday, an online database belonging to CVS Health was discovered online. This was the result of another misconfigured cloud service, which can significantly impact security and lead to a massive data leak. The uncovered database was not password-protected and had no security defences in place to prevent access from unauthorised persons. The database was comprised of over a billion records connected to CVS Health and contained event and configuration data. These also included production...

According to a report published by Cybersecurity Ventures, ransomware payments are predicted to cost victims over $265 billion by 2031. This isn't difficult to imagine, given the recent streak of high-profile attacks, some of which caused a ripple effect that reflected on consumers finding themselves having to pay more for gas and finding heftier price tags one meat products. The real scale of the problem is somewhat hard to quantify since most companies would rather...