News

Tech Crunch has reported that a recently found Air India passenger data breach indicates that the SITA hack is worse than first anticipated. Three months after air transport data giant SITA reported its own data breach, the damage is still mounting. Air India said this week that personal data of about 4.5 million passengers had been compromised following the security incident at SITA, the data processor for the airline. The stolen information included passengers’ name,...

A pair of TPG TrustedCloud customers were breached, ZDNet reported. The telco said two customers on the legacy TrustedCloud hosting service were breached in a recent security incident that it announced on Monday morning. The company added that it did not believe any other customers were impacted by the breach. "The incident was isolated to the TrustedCloud service. The TrustedCloud service is hosted in a standalone environment that is separate from our telecommunications networks and...

Eufy warned its customers this week after discovering an internal server bug that gave strangers the power to access and control private home-video feeds for an entire day. Customers were also given access to do the same to other users. The vulnerability was the result of a planned server upgrade, which accidentally connected Eufy customers with the home-video streams of other customers. Fortunately, the China-based parent company, Anker, managed to patch the vulnerability quickly.

Domain Group, an Australian digital real estate business has recently confirmed being targeted in a phishing attack. Jason Pellegrino, CEO of Domain Group, released a statement, in which he stated that " have identified a scam that used a phishing attack to gain access to Domain's administrative systems to engage with people who have made rental property enquiries." He added: "We understand the scammers then contacted some of these people by email to suggest that...

Synopsys, Inc. has announced the expansion of the Technology Alliance Partner (TAP) segment of the Software Integrity Group’s new Global Partner Program at RSA Conference. Synopsys is showcasing integrations between the company’s Intelligent Orchestration solution and technology partner tools, including CloudBees and GitHub Actions. With more than 40 DevOps ecosystem vendors currently engaged, the TAP program simplifies and accelerates partner integration with Intelligent Orchestration and other Synopsys application security solutions. Recognised as a leader by...

The National Audit Office (NAO) has said that the Covid-19 pandemic has "laid bare" issues caused by legacy IT within the government. The report analysing the government and the pandemic exposed some significant issues with regards to legacy data and IT systems. A large part of the government's Covid-19 response has been the use and sharing of data, however NAO found that this was not always "timely". The report claims that local authorities did not...

Researchers from NETSCOUT's ATLAS Security Engineering & Response Team (ASERT) have reported that the first quarter of 2021 saw the launch of approximately 2.9 Distributed Denial of Service (DDoS) attacks. This is a 31% increase to the amount launched at the same time last year. The researchers claimed that "the first two months of the year are usually the slowest months in the DDoS attack calendar. This year, we saw 972,000 attacks in January, which...

Following the cyber attack on the Ireland's Health Service Executive (HSE), the attackers have sought a ransom. HSE has, however, stated they will not be paying the hackers, even while the country's healthcare and social services continue dealing with the disruption of the ransomware, which has been described as potentially the 'most significant' case of cybercrime experienced against the Irish State. The HSE has said: "Following an initial assessment we know this is a variant...

Recently, KrebsOnSecurity discovered that close to all ransomware strains have a particular built-in failsafe: they will not install on a device that uses specific virtual keyboards, specifically Russian or Ukrainian. Several Russian-language affiliate moneymaking programmes, including Darkside, prevent their criminal associates to install any malicious software on devices in several Eastern European countries. This is an attempt to minimise the chances of investigation against them by local authorities. For example, in Russia, authorities have a...

It has been confirmed that Ireland's healthcare system fell victim to two cyber-attacks on Thursday and Friday last week. The Department of Health reported that its IT systems were shut down after the first ransomware attack on Thursday. On Friday a similar attack was launched against the Health Service Executive (HSE) causing "substantial" cancellations to services. Both incidents were allegedly carried out by the same cyber-crime group.