News

An urgent warning has been issued by the U.S Internal Revenue Service (IRS) about a phishing scam that is trying to steal Electronic Filing Identification Numbers. The scam emerged in early February, just before the start of tax filing season on Feb. 12 2021. The scam phishing emails are impersonating the IRA, and the subject line of the email says "verifying your EFIN before e-filing." The body of the email then goes on to ask...

New research by Barracuda has found that cybersecurity protection organisations have missed millions of email attacks. The research discovered 2,029,413 unique attacks in 2,600,531 unique mailboxes. The cybersecurity firm said that an average of 512 attacks were found per organisation out of the 4550 organisations that took part in the research. They also said that 14 per cent of organisations had at least one attack currently in their company mailbox, even though the messages were...

Over 3.2 billion email addresses and paired passwords have been posted online in what is being called one of the biggest breaches of all time. The database of passwords and emails are thought to have been compiled following data breaches carries out on various platforms, such as Netflix, Gmail, LinkedIn and many more. According to one news report, it is thought that the data includes almost 70 per cent of global internet users' data. Users...

Several members of the Egregor ransomware group were arrested following a joint operation between Ukrainian and French law enforcement. French law enforcement officers made the arrests after they were able to trace ransom payments to group members based in Ukraine. The investigation on the Egregor attacks was first initiated by the Tribunal de grande instance de Paris after a number of French companies, such as Ouest France, Gefko, and Ubisoft, suffered attacks, and so issued...

Recently, WhatsApp informed its users that it would be implementing a change to its Terms of Service and Privacy Policy. Users were given an ultimatum to accept or cease to use the app. This sent millions of people into a frenzy, with many individuals jumping ship in search for an alternative platform. The extent to which the impact of WhatsApp’s T&C changes will truly have on individuals has likely been exaggerated. Indeed, WhatsApp simply wants...

Researches from RiskSense, a risk-based vulnerability management service, discovered 223 different vulnerabilities in the Common Vulnerabilities and Exposures (CVE) database that were used in ransomware attacks throughout 2020. This is four times the number of vulnerabilities related to ransomware than found in 2019 by RiskSense. The findings also show that ransomware families are not only growing but they are also becoming more complex. The previous report from 2019 found that there were 19 separate ransomware...

Web shells are tools deployed by threat actors on already hacked servers to gain and maintain access. They allow these hackers to remotely execute arbitrary code or commands, move laterally within a network or deliver malicious payloads. Last year the number of monthly web shell attacks nearly doubled, reported Microsoft. Last year an average of 140,000 of these malicious actors were found on compromised servers every month. Web shell attacks can be deployed in many...

More than 6,500 girls entered this years qualifying round of the 2021 CyberFirst Girls Competition, run by the National Cyber Security Centre (NCSC). Teams from more than 600 schools took part in online cyber security puzzles. 9 of the teams are from Scottish schools and will move on to the semi-finals, where they will take on their rivals. These schools have already accepted their place in the virtual semi finals: Hyndland Secondary School in Glasgow...

The US Customs and Border Protection (CBP) used facial recognition scanners in order to monitor the arrivals and departures of more than 23 million travellers at over 30 different entry points in 2020. However, these systems failed to detect a single example of an imposter. The US CBP agency revealed these statistics in their annual report for 2020. The facial recognition scanners are placed at a number of entry points including seaports, pedestrian crossings, and...

On Wednesday Myanmar announced its new proposed cyber-security laws, allowing it to ban content it dislikes, restrict internet providers and intercept data. The proposal outline contains 36 pages, which were given to mobile operators and telecoms license holders for comment. However, spokespeople for the government or the telecommunications ministry were unavailable for comment. The document has not yet been verified, although it has been widely circulated in Myanmar. A statement, which was signed by more...