Cyber Bites

Phishing scam circulating about Coronavirus “safety measures”

Firstly, it seems to be a compromised music site with a weird name that doesn’t have any obvious connection to any well-known health organisation; secondly, it is an HTTP site, not an HTTPS site, which is sufficiently unusual these days to be suspicious in its own right. Nevertheless, the scam page itself is incredibly simple – it can’t have taken the crooks more than a few minutes to put together – and visually effective. The...

Read more
Google apologies for private-video-sharing bug

Google has apologised after finding a bug which meant some people's private videos were shared with others by mistake. The bug affected Google Takeout, which enables Google Photo users to export the content of their accounts, for four days, between 21 and 25 November 2019. Google said those who used it may have either received an incomplete archive, or some videos which were not theirs. Source: BBC

Read more
17,000 yachting industry professionals details exposed in data breach

Crew and Concierge is an international recruitment agency specialising in securing staff for ultra-high-net-worth clients’ yachts operating around the world. The server, which was discovered during a Verdict investigation, consisted of over 90,000 files, all of which appeared to relate to individuals on Crew and Concierge’s books. It was left exposed on a misconfigured unsecured Amazon Web Services (AWS) S3 bucket and appears to have been online and available for anyone to access without a...

Read more
DDoS attack warning from state voter registration site

The US Federal Bureau of Investigation (FBI) warned of a potential Distributed Denial of Service (DDoS) attack that targeted a state-level voter registration and information site in a Private Industry Notification (PIN) released today. "The FBI received reporting indicating a state-level voter registration and voter information website received anomalous Domain Name System (DNS) server requests consistent with a Pseudo Random Subdomain (PRSD) attack," according to the FBI PIN seen by BleepingComputer. Source: Bleeping Computer

Read more
500,000+ hosts infected with malware cocktail

Attackers are abusing the Bitbucket code hosting service to store seven types of malware threats used in an ongoing campaign that has already claimed more than 500,000 business computers across the world. Systems falling victim to this attack would get infected with multiple payloads that steal data, mine for cryptocurrency, and culminate with delivering STOP ransomware. Source: Bleeping Computer

Read more
Phishing Attack with Coronavirus infects US and UK Inboxes

Cybercriminals capitalize on fears of a global health emergency with phishing emails claiming to offer advice for protecting against coronavirus. As people grow concerned about the Wuhan coronavirus, now classified as a global emergency by the World Health Organization, cybercriminals are preying on their fear with phishing emails claiming to have advice on protective safety measures. Emails have been seen in the US and UK. Source: Dark Reading

Read more
Victims’ Data sold on Darknet by DoppelPaymer Ransomware

The DoppelPaymer Ransomware is the latest family threatening to sell or publish a victim's stolen files if they do not pay a ransom demand. A new tactic being used by ransomware operators that perform network-wide encryption is to steal a victim's files before encrypting any devices. They then threaten to publish or sell this data if the victim does not pay the ransom. Source: Bleeping Computer

Read more
City of Racine offline due to Ransomware knock

The city of Racine, Wis., was hit with a ransomware attack January 31 that knocked most of its non-emergency computer services offline. The Wisconsin-city’s website, email system and online payment collection systems were still down as of February 3 and the city police are unable to processes fee payments or provide copies of police and accident reports, reported the Journal Times and the Racine Police Department’s Facebook page. Source: SC Magazine

Read more
Videos sent to archives of the wrong users from Google bug

Google has reached out to some users to apologise after a "technical issue" saw videos uploaded to another user's archives.  In an email, the search engine giant said the issue affected the Google "download your data" service -- called Google Takeout -- for Google Photos in November last year. "Between November 21, 2019, and November 25, 2019, our records show you requested a Google 'download your data' export, which included Google Photos content," the company...

Read more
Nintendo hacked and details of unreleased products leaked

A 21-year-old man has admitted hacking Nintendo servers and leaking details about unreleased products. Ryan Hernandez, from Palmdale in California, and an associate used a phishing technique to steal the credentials of a Nintendo employee in 2016, according to records. Phishing refers to obtaining sensitive information such as usernames and passwords by disguising yourself as a legitimate or trustworthy user. Source: Sky News

Read more
Page 52 of 151 1 51 52 53 151