Eskenzi PR Eskenzi PR

Cyber Bites

it security guru

Climate change increasingly ranks as the world’s most pressing security threat, with terrorism and cyberattacks also topping the list, according to a new survey by the Washington-based Pew Research Center. In a poll of 26 countries, 13 considered the warming planet the number one concern. This was followed by the threat of Islamic State in Iraq and Syria (ISIS), which eight countries, including Russia, France, Indonesia and Nigeria, rated as the top threat. Four nations,...

Read more
it security guru

Two Weeks Out from the longest government shutdown in United States history—and with the possibility of another still looming—government employees are still scrambling to mitigate impacts on federal cybersecurity defenses. And the stakes are high. Furloughed cybersecurity employees returned to expired software licenses and web encryption certificates, colleagues burned out from working on skeleton crews, and weeks-worth of unanalyzed network activity logs. The job was already hard enough without having to play catch-up. Source: Wired

Read more
it security guru

Network attached storage maker QNAP's customers have reported being hit by a mystery strain of old-school malware that disables software updates by hijacking entries in host machines' hosts file. The malware's full effects are, as yet, unknown – but users have reported that the most visible symptom is that some 700 entries are added to the /etc/hosts file that redirect a bunch of requests to IP address 0.0.0.0. Source: The Register

Read more
it security guru

Business email compromised (BEC) attacks have seen an explosive 476% growth between Q4 2017 and Q4 2018, while the number of email fraud attempts against companies increased 226% QoQ. BEC attacks use social engineering to target specific company employees, regularly from the firm’s Finance department, and try to persuade them into wiring large sums of money to third-party banking accounts controlled by the attackers. Source: Bleeping Computer

Read more
it security guru

A spam-based phishing campaign recently targeted North American banking customers with malicious Excel documents designed to infect victims with a new variant of the information-stealing TrickBot banking trojan, researchers reported earlier this week. The scam dates back to at least Jan. 27 and peaked in volume on Jan. 30, according a new blog post from Blue Hexagon, a brand-new deep-learning cybersecurity firm that launched just this past Tuesday, Feb. 5. Source: SC Magazine

Read more
it security guru

An EE customer has said she was stalked by an ex-partner who worked at the firm, after he accessed her personal data without permission. Francesca Bonafede's number was switched to a new handset and her address and bank details were accessed. She said the company failed to take the data breach seriously and she had to involve police. EE "sincerely apologised" to Ms Bonafede, and said the employee no longer worked for the company. Source:...

Read more
it security guru

Parent gabfest platform Mumsnet has reported a data security breach that it claimed happened amid a "software change" en route to migrating services to the cloud. A user sounded the alarm yesterday evening that they were able to log into and view details of another user's account. This security screw-up, likely some kind of caching blunder, happened between 2pm GMT on 5 February and 9am GMT on 7 February. Source: The Register

Read more
it security guru

Ransomware accounted for one tenth of 1% of all malicious email content in Q4, according to a new threat report from Proofpoint. It’s Q4 threat report found that banking trojans accounted for 56% of all malicious payloads in email in Q4, while remote access trojans (RATs) accounted for 8.4%. Proofpoint claimed that this marked a “significant change” for RATs, as in previous years they were rarely used by attackers. Source: Infosecurity Magazine

Read more
it security guru

WhatsApp says it is deleting 2m accounts per month as part of an effort to blunt the use of the world’s most popular messaging app to spread fake news and misinformation. The Facebook-owned service published the data as part of a white paper on “stopping abuse” that was launched on Wednesday in India, the biggest market for the company with more than 200m users. Source: The Guardian

Read more
it security guru

Cyber-criminal groups are using Google Translate to hide the real domain of their phishing sites, security researchers have discovered. Phishing emails that use this technique have already been spotted in the wild. The trick isn't complex at all. The idea is that phishing groups send their normal phishing emails, but instead of linking directly to their phishing page's domain, they pass the phishing page URL through Google Translate and use the newly generated Google Translate...

Read more
Page 200 of 206 1 199 200 201 206