News

Hitachi Europe limited and My1Login have announced a Technology Partnership to deliver enhanced security solutions to address one of the cybersecurity industry’s most compelling challenges – passwords. The combined solution optimises security and convenience whilst enabling a significant ROI as a result of a number productivity and efficiency benefits. The two companies will deliver solutions utilising Hitachi’s VeinID Five product together with My1Login’s Identity and Access Management software to eliminate the need for passwords in...

The FBI and CISA have announced that Russian hackers have breached US governmental networks. The group has been identified under the codename Energetic Bear and are backed by the Russian state. Government officials have said this group have been targeting several local, territorial and tribal government networks since February. As of the 1st of October, Energetic Bear had successfully lifted data from at least two servers. https://www.zdnet.com/article/fbi-cisa-russian-hackers-breached-us-government-networks-exfiltrated-data/

Cybercriminals have impersonated Marks & Spenser's CEO, Steve Rowe, in order to trick customers into revealing their bank account details. The scammer's poster fraudulent adverts promising victims the opportunity to win a gift voucher as part of a prize draw promotion while under the guise of CEO Steve Rowe. Once victims had clicked the ad they were taken to an M&S-branded portal which asked for their name, mobile phone number, address and bank details including...

Facebook and Twitter chief's, Mark Zuckerberg and Jack Dorsey, will be ordered to testify over the alleged censorship of a New York Post article shared on their platforms. The article reveals emails and photographs copied from Hunter Biden, Joe Biden's son's laptop. Twitter said that the article had violated its "hacked materials" policy and was blocking users from sharing the article, but it later changed its stance. Facebook limited the spread on the article on...

A new report from the US National Security Agency outlines the 25 vulnerabilities most commonly targeted by Chinese sponsored hackers. Exploits for these vulnerabilities are already publicly available, but so are the patches for these flaws. Ciaran Byrne, head of platform operations at Edgescan, provided the follwing analysis: The details published today by the NSA of the top 25 vulnerabilities being leveraged by state-sponsored hackers is a stark reflection on patching policies of organizations. There...

PayPal has recently announced that its customers will be able to use Bitcoin and other virtual currencies while buying and selling items using their PayPal accounts. PayPal has revealed that they will be allowing this option to be used in the US in the next upcoming weeks. They plan to have the option available to all users worldwide by early 2021, with users being able to buy items with cryptocurrency from the 26 million sellers...

The US is blaming Iran for the email shot sent from the far-right group, Proud Boys, urging Democratic voters to vote for Trump. In these emails, the extremist group where threatening registered Democrats with consequences if they didn't vote for Trump in the upcoming election. Although the group claimed to have sent this email to all registered Democrats, it was only sent to those registered in the Alaska, Arizona and Florida. In a press conference,...

Attention all Chrome users - you should update your browser to the latest version released yesterday. Google released this version of Chrome to patch several high-severity security issues. These included a 0-day vulnerability that has been used by hackers on targeted computers. The vulnerability was found by Sergei Glazunov, a security researcher at Google's Project Zero on the 19th of October. https://thehackernews.com/2020/10/chrome-zeroday-attacks.html

Corelight today released new capabilities that provide users with greater network security visibility and the ability to support advanced threat analysis across their entire environment, from physical to cloud. Corelight’s new Software Sensor and Corelight Cloud Sensor for Google Cloud Platform (GCP) deliver comprehensive security insights into network traffic on any platform.   “Organizations today are faced with the challenge of limited visibility across distributed locations, or they have built their network infrastructure in the cloud using Google Cloud or other platform providers,” said Vijit Nair, senior director...

Montreal's transport system, Montreal's Société de Transport de Montréal (STM) has been attacked with ransomware called 'RansomExx'. On 19th October, the systems suffered from an outage which affected its IT systems, customer services and website. Although the outage didn't impact the running of buses and metros, it did affect disabled passengers from booking door-to-door services. STM announced on 20th October that the outage experienced the day before was in fact due to a ransomware attack...