Cyber Bites

Numerous big cities across the United States have fallen victim to ransomware attacks costing the municipalities tens of millions of dollars to recover. While some city administrators refrain from giving in to extortion demands, most end up paying in exchange for the decryption keys. Seeing how ransomware operators are showing no signs of stopping, city mayors have decided to stop giving in to extortion demands. Source: Security Boulevard

Companies and public sector organisations say they have no choice but to automate their cyber defences as hacking become increasingly sophisticated. Security professionals can no longer keep pace with the volume and sophistication of attacks on computer systems. In a study of 850 security professionals across 10 countries, more than half said their organisations are overwhelmed with data. So they are turning to machine-learning technologies that can identify cyber attacks by analysing huge quantities of network data...

The total cost of cyber security breaches to UK mid-market businesses with a turnover between £15m and £1bn a year reached at least £30bn in the past 12 months, according to assurance, tax and advisory firm Grant Thornton. More than half (53%) of just over 500 UK mid-market companies interviewed reported losses equivalent to between 3% and 10% of revenue following a cyber breach, with those businesses hit most severely reporting losses as high as 25%...

If you thought instant messaging platforms like WhatsApp and Telegram that provide end-to-end encryption give you rock-solid security, think again. Researchers from cyber-security firm Symantec on Monday revealed the vulnerabilities that allowed hackers to manipulate the images and audio files you receive on these platforms. The security flaw, dubbed "Media File Jacking", affected WhatsApp for Android by default, and Telegram for Android if certain features were enabled, Symantec researchers said in a blog post. Source: Economic...

An attempt to defraud thousands of people using a bogus email from a UK airport was one of a range of cyber-attacks prevented last year. The scam used a fake gov.uk address, but the messages were prevented from ever reaching their intended recipients. The details were revealed by GCHQ's National Cyber Security Centre in an annual report. In all, NCSC disclosed it had stopped 140,000 separate phishing attacks. This refers to the attempted online theft of...

Visa believes the payment industry can move away from passwords in the next five years thanks to advancements in authentication and anti-fraud technologies that are already making "static" cardholder verification (CVM) methods such as signature and PINs optional. With the ability of financial institutions and merchants to share 10 times more data with each other than ever before, and the growing sophistication of artificial intelligence (AI) that is making fraud detection faster and more accurate,...

Researchers have found a way to successfully hack connected hair straighteners to turn them on and increase the heating element up to its maximum temperature—causing a serious fire hazard for unsuspecting owners. Pen Test Partners decided to put the Glamoriser hair straightener through its security paces, given that it has Bluetooth Low Energy (BLE) embedded for connecting to a mobile app. The app allows a user to remotely change the temperature and set a time...

Hackers are increasingly launching ransomware attacks in order to make a quick buck. They lock down the target’s computer systems and then demand a ransom to decrypt the data. That same thing has happened with New York City’s Monroe College which has been hit by a ransomware attack. The hackers are now demanding $2 million to allow the college to access its computer systems once again. This attack has locked down Monroe College’s computer systems at campuses...

A health care provider in Maine is warning patients of a potential data breach. The Bangor Daily News reports that a Penobscot Community Health Care spokesman says a third-party collection agency may have exposed the personal and credit card information of some patients. The provider has a contract with American Medical Collection Agency, which reported an unauthorized person may have accessed its systems between August and March. The agency collected on overdue patient bills but...

The number of whistleblower reports to the information commissioner over data breaches have jumped 175 per cent since GDPR came in, according to research. People have become more vigilant about the handling of personal data, and more likely to report potential breaches, since the regulations were introduced in May 2018 according to law firm RPC. Whistleblower reports in the year ending May 31 2018 numbered just 138, compared to 379 the following year. Source: City...