Cyber Bites

A council has admitted its IT service was targeted by hackers, who scrambled files and made a demand for money. Systems at Redcar and Cleveland Council have been down for almost three weeks after the ransomware attack. It said it had been prioritising frontline services and has now built a new server and website, as well as mobilising a temporary call centre. Source: BBC

Clearview AI, the company whose database has amassed over 3 billion photos, has suffered a data breach, it has emerged. The data stolen in the hack included the firm’s entire customer list–which will include multiple law enforcement agencies–along with information such as the number of searches they had made and how many accounts they’d set up. Clearview AI said the huge database of images was not part of the breach. The firm’s attorney, Tor Ekeland,...

Cybercriminals are taking advantage of the recent security flaws reported recently in popular WordPress plugins and are targeting websites that still run vulnerable versions. At least two threat actors are actively attacking unpatched variants of ThemeGrill Demo Importer, Profile Builder, and Duplicator plugins which are installed on.What the three WordPress components have in common are recent reports of a critical severity bug that could be exploited to compromise the website they run on. Source: Bleeping...

Irish IT services group Ergo is forecasting further growth as it reported revenues of €85.2 million last year as the company said it recently foiled a major ransomware attack. Ergo said it immediately moved to lock down servers late last Wednesday after becoming aware of a serious security incident. It was able to recover most of the data lost from the attack within hours and without paying a ransom demand. However, the incident led to...

The Financial Conduct Authority has admitted it had revealed the confidential details of consumers on its website in a data breach last year.In a statement published today (February 25) the regulator said it had referred itself to the Information Commissioner’s Office over the incident, which occurred in November 2019. In response to a Freedom of Information request the FCA mistakenly published on its website the details of individuals who had made a complaint to the...

French sports giant Decathlon has leaked over 123 million records via an improperly secured ElasticSearch server, according to security researchers Noam Rotem and Ran Locar at VPNmentor. The two spotted the database on February 12 and notified the company four days later. (They say they typically need “days of investigation before we understand what’s at stake or who’s leaking”). Decathlon has 44 stores around the UK, and is present in 46 countries. It employs over...

Samsung has been breached, and a “small number” of users were able to access other people’s personal data. The South Korean tech giant confirmed the breach, following user reports of unexplained Find My Mobile notifications. Find My Mobile is a Samsung app that comes pre-loaded with its Android devices and can only be disabled, not uninstalled. The only way to uninstall Samsung apps is to wipe the operating system completely and install a different ROM....

An infostealing malware that is relatively new on cybercriminal forums can extract sensitive data from about 60 applications on a targeted computer. The malware scene is constantly changing and what used to be top of the line a few years ago is now available for a modest price by comparison and a much richer set of features. Source: Bleeping Computer

The United States lags behind much of the world in having yet to establish some sort of a data protection agency at the national level. Several attempts at federal data privacy standards have been floated in recent years, but failed to gather traction. Senator Kirsten Gillibrand is taking another pass at the issue, but is the first to propose creating a data protection agency at the federal level with sweeping enforcement powers similar to those...

The operators of the DoppelPaymer Ransomware have launched a site that they will use to shame victims who do not pay a ransom and to publish any files that were stolen before computers were encrypted. A new extortion method started by the Maze Ransomware is to steal files before encrypting them and then use them as leverage to get victims to pay the ransom. Source: Bleeping Computer