Cyber Bites

Half of employees are cutting corners with regards to cybersecurity while working from home – and could be putting their organisation at risk of cyber attacks or data breaches as a result. The coronavirus pandemic has forced both employers and employees to quickly adjust to remote working – and often without the watchful eyes of the IT and information security teams, workers are taking more risks online behaviour and handling data than they would at...

More than 25 million user records, belonging to popular math app Mathway, are being sold on the dark web. According to ZDNet, the hack is the latest in a long line of security breaches carried out by a hacker going by the name of ShinyHunters, the threat actor also responsible for intrusions at Tokopedia, Wishbone, Zoosk, and others. For the past few months, says ZDNet, the hacker has been breaching companies and putting their data...

Bank of America Corporation has disclosed a data breach affecting clients who have applied for the Paycheck Protection Program (PPP).  Client information was exposed on April 22 when the bank uploaded PPP applicants' details onto the US Small Business Administration's test platform. The platform was designed to give lenders the opportunity to test the PPP submissions before the second round of applications kicked off. The breach was revealed in a filing made by Bank of...

 A well-known hacking group, previously linked to the Chinese government, has developed new malware by merging features and source code from older projects. These are the findings of an investigation conducted by cybersecurity researchers at Intezer, who dubbed the new malware Ketrum because it is a patchwork of code from older Ketrican and Okrum backdoors. Ke3chang is allegedly the group behind the malware, known for its attacks on western governments, as well as and the...

Turla, a sophisticated hacking group with suspected ties to the Russian government, recently used a revamped version of its malware to target government entities in Eastern Europe, according to new research from the security firm ESET. Recent attacks using the revised malware have targeted two ministries of foreign affairs in Eastern Europe as well as a national parliament based in the Caucasus region, according to ESET, which did not reveal the names of those targeted....

Microsoft's security team has issued an advisory today warning organizations around the globe to deploy protections against a new strain of ransomware that has been in the wild over the past two months. "PonyFinal is a Java-based ransomware that is deployed in human-operated ransomware attacks," Microsoft said in a series of tweets published today. Human-operated ransomware is a subsection of the ransomware category. In human-operated ransomware attacks, hackers breach corporate networks and deploy the ransomware...

Stormont's Department of Finance is conducting an investigation into a data breach involving the identities of hundreds of historical abuse survivors, the first minister has said. It comes after BBC News NI revealed a letter had been sent without the names of 250 recipients being anonymised. It was sent on behalf of Interim Victims' Advocate Brendan McAllister, who has said he will not resign. Arlene Foster said the executive "deeply regretted" what had happened. "We...

 A new version of the Sarwent malware can open the Remote Desktop Protocol (RDP) port on target Windows computers to make sure that crooks can find their way back into the system through the backdoor. Whether that access is used later by the same crooks or sold to ransomware gangs or cyber espionage groups is unknown, but affected users should know that removing the malware does not close that particular “backdoor”. Sarwent is a piece...

Security researchers have found a major vulnerability in almost every version of Android,  which lets malware imitate legitimate apps to steal app passwords and other sensitive data. The vulnerability, dubbed Strandhogg 2.0 (named after the Norse term for a hostile takeover) affects all devices running Android 9.0 and earlier. It’s the “evil twin” to an earlier bug of the same name, according to Norwegian security firm Promon, which discovered both vulnerabilities six months apart. Strandhogg...

UK budget airline easyJet is facing an £18 billion class-action lawsuit filed on behalf of customers impacted by a recently-disclosed data breach. Made public on May 19, easyJet said that information belonging to nine million customers may have been exposed in a cyberattack, including over 2,200 credit card records. The "highly sophisticated" attacker to blame for the security incident managed to access this financial information, as well as email addresses and travel details. EasyJet is...