Eskenzi PR ad banner Eskenzi PR ad banner

Cyber Bites

21Nails: Multiple Critical Vulnerabilities in Exim Mail Server

Researchers from Qualys released a study that found 21 unique vulnerabilities in the Exim mail server. Some of these can be linked together to obtain full remote unauthenticated code execution and gain root privileges. In a blog post, the Qualys Research Team said that the vulnerabilities potentially affect numerous organisations due to an estimated 60% of internet servers that run on Exim. Researchers also executed a Shodan search to find that nearly 4 million Exim...

Read more
Deja Vu: Apple macOS needs updating again to sort vulnerabilities

Just last week, Apple notified customers about a serious security vulnerability that was patched in macOS 11.3. And just a week later, it's now warning over another bug fix in a macOS 11.3.1 release that corrects two separate issues which, if exploited, would allow for arbitrary code execution. It's possible that these new vulns are actively being exploited - allowing hackers to run commands of their choosing. Bottom line: if you're a mac user -...

Read more
Dorset police investigating data breach

ITV reports on how Dorset police are investigating a "serious data breach" involving pupils from two schools in Christchurch. This is after information about an alleged race hate crime was sent by mistake to a man from Wimborne who had initially emailed the police about a separate incident. Dorset police insist it was human error that led to the information about the school incident being leaked to a third party.

Read more
BBC reports on the Ransomware surge ruining lives

Technology giants Microsoft and Amazon, as well as the FBI and the UK's National Crime Agency have joined the Ransomware Task Force (RTF) to give governments nearly 50 recommendations on how to take action against ransomware, according to a BBC report. The task force is critical now more than ever as ransomware gangs are now routinely targeting schools and hospitals, using malicious software to scramble and steal an organisations' computer data. The RTF has now...

Read more
Lloyds Bank tells customers to beware of text message scam

Lloyds Bank customers are under attack by cybercriminals again. This time, text messages are being used to bait people into thinking there is a security issue with their bank accounts. An example message reads: “LLOYDS-SECURITY: You have successfully scheduled a payment of £69.99 to payee MR ADAMS 28/04. If this was NOT you, visit: https://payee-confirmationcentre.com.” The link leads victims to a scam website which can easily harvest the personal information of unsuspecting individuals or a...

Read more
Warning over illegally streaming football on websites “riddled with malware”

A report from cybersecurity firm Webroot shows that almost all (92%) illegal football streaming websites contain some form of malicious content, from malware and phishing lures to social engineering scams. This puts fans at considerable risk In fact, Webroot says in its report that anyone who used an illegal website to watch last weekend’s Carabao Cup Final or games from Europe’s top domestic leagues will have potentially been exposed to a sophisticated cryptocurrency scam orchestrated...

Read more
Student researcher discovered Experian API flaw that exposed credit scores of “most Americans”

Credit bureau Experian just fixed a weakness with a partner website that let anyone look up the credit score of tens of millions of Americans just by supplying their name and mailing address, KrebsOnSecurity learned. Though the flaw has been fixed according to Experian, the researcher, Bill Demirkapi, who reported the finding says he fears the same weakness may affect other lending websites that work with the credit bureau. Demirkapi found he could access the Experian...

Read more
Computer desktop displaying man with binoculars that have the FB logo in the lenses

Facebook threat intelligence analysts discovered recent activities linked to two known APT Groups that have been active since 2015. According to Facebook, the groups, AridViper and Preventive Security Service, used Android and Windows malware and advanced social engineering tactics in an effort to attack journalists, human rights activities and military groups in the Middle East. More specifically, the groups launched cyber-espionage campaigns in Palestine, Syria, Turkey, Iraq, Lebanon and Libya. Facebook's director for threat disruption...

Read more
Rotary telephone on a bed

An elderly woman has lost £23 Million to what could be the largest phone scam ever. The scam took place in Hong Kong in which the victim, who remains nameless, was contacted by someone pretending to be a Chinese official. The scammer tricked the woman in August last year, by telling her that her identity was being used in a money laundering scheme in China. She was told the situation was under control and in...

Read more
Page 55 of 262 1 54 55 56 262