Cyber Bites

  Four serious security vulnerabilities in the IBM Data Risk Manager (IDRM) have been discovered that can lead to unauthenticated remote code execution (RCE) as root, according to analysis – and a proof-of-concept exploit is available for version 2.0.3. However, IBM has not yet patched the problem. IDRM is a software platform that aggregates threat data from disparate security systems, in order to perform enterprise security risk analysis. According to security researcher Pedro Ribeiro from...

The scam, which was discovered by the Lanop Accountancy Group, involves phishing emails to companies about the scheme that purport to be from the first permanent secretary and chief executive of HMRC, Jim Harra. Sent via the email address [email protected], official HMRC branding was used by the culprits, and the message asks for the bank details of the recipient. Approximately 50 company owners reported the scam to Lanop upon noticing the false address alongside the...

The National Cyber Security Centre today launched a new scam reporting service to allow citizens to report fake, fraudulent and suspicious emails, including those that offer coronavirus-related services. The NCSC today announced a cross-governmental ‘Cyber Aware’ campaign which includes advice for people to protect passwords, accounts, and devices and also includes specific precautionary guidelines for personal and professional use of video conferencing services such as how to set up accounts, arrange chats, and protect the...

Ransomware attacks on the United States have diminished significantly and are "now at a level not seen in several years," according to cybersecurity company Emsisoft. In new research published today, Emsisoft found a marked drop in ransomware attacks on US entities coinciding with the onset of the COVID-19 health crisis. In 2019, ransomware impacted 966 government agencies, educational establishments, and healthcare providers in the US. Emsisoft experts who anticipated an even higher number of attacks...

A data breach in the Small Business Association‘s online application portal may have compromised personal information for nearly 8,000 businesses seeking emergency loans last month, the agency said today. In a letter to affected business owners, a copy of which was obtained by POLITICO, SBA said it discovered March 25 that the application system for Economic Injury Disaster Loans may have disclosed personal information to other applicants of the program — including Social Security numbers,...

As the number of cyber criminals targeting remote workers grows, the National Cyber Security Centre has kicked off a new effort to encouraging people to report suspicious emails in an attempt to crack down on fraudsters and phishing scams. The coronavirus pandemic has led to record numbers of organisations requiring people to work from home – and in many cases, those employees haven't had any previous experience of working remotely and could be unaware of...

Over the course of the last month, Nintendo users have been increasingly reporting that their accounts have been getting hacked and accessed from remote locations around the globe, with some users losing money as a result of the unauthorized intrusion. The account hijackings appear to have started mid-March and have reached a peak over the weekend when more and more users started receiving email alerts that unknown IP addresses have been seen accessing their Nintendo...

One of China's largest state-sponsored hacking groups has attempted to breach the internal network of Gravity, the South Korean gaming company behind popular Ragnarok Online MMORPG (Massive Multiplayer Online Role-Playing Game). The intrusion attempts are believed to have taken place earlier this year, although it is unclear if they were successful or not. The attempted attacks came to light today after cyber-security firm QuoIntelligence (QuoINT) published a report on new malware strains it discovered, which...

Just a few days after exposing the sale of some 500,000 Zoom accounts for sale on the dark web, the research team at Cyble are back with another worrying tale of the vast array of information traded on furtive data markets. A “threat actor,” the team reported in a blog, “has dropped an online bomb by dropping the identities of 267 Million Facebook users.” And the price for this data trove—just $540. Thankfully no passwords...

A team of academics says they've discovered a new security bug that impacts Xilinx FPGA (Field Programmable Gate Arrays) chipsets. Named Starbleed, the bug allows attackers -- with both physical or remote access -- to extract and tamper with an FGPA's bitstream (configuration file) to reprogram the chip with malicious code. Source: ZD Net