News

The Cyber Security Academic Startup Accelerator Programme (CyberASAP) has announced its annual funding competition for the 5th year running. This competition is open to academics at any UK institution who are interested in commercialising their cyber security ideas. The programme is funded by the Department for Digital, Culture, Media and Sport in collaboration with Innovate UK and KTN, and provides comprehensive mentorship and support from cyber security experts. Winners will receive £800,000 in funding to...

Ransomware gangs are exploiting the VMWare ESXi product to encrypt the virtual hard drives found in virtual machines. These attacks were first seen in October 2020, and have been linked to a criminal group that deployed the RansomExx ransomware. Evidence from multiple security researchers suggests that the hackers used CVE-2019-5544 and CVE-2020-3992. These are found in VMware ESXi, a hypervisor solution that allows multiple virutal machines to share hard drive storage. These bugs impact the...

Growing up was not easy for entrepreneur, Iron Man and author, Christian Espinosa. “I played football, but I was also smart, but I also liked heavy metal, so I felt out of place from each particular clique” Espinosa revealed reminiscing on his formative years. As a response to various socio-economic difficulties beyond control, Espinosa’s mindset changed dramatically as he threw himself at every challenge and character development opportunity, trying to be the best he could...

Greek police are planning to introduce new devices into their force in order to allow real-time fingerprint scanning and facial recognition to help verify citizens identities. The introduction of this technology is part of Greece's 4.5 million euro 'Smart Policing' initiative. The 'Smart Policing' project began in 2017 and aims to improve the identification process of citizens who are stopped by police. At the moment, if a Greek citizen is unable to provide identification documents...

The flaw was discovered on January 28th by Travis Ormandy of Project Zero, which is a security research unti within Google. It was found in GNU Privacy Guard (GnuPG)'s Libgcrypt encryption software, and potentially allowed attackers to write arbitrary data to the target machine. This is a severe vulnerability, which could lead to remote code execution. Fortunately, no other version of Libcgrypt seem to be affected by the vulnerability and GnuPG addressed the weakness almost...

The UKRI announced this week that it feel victim to a cyberattack, which resulted in "data being encrypted by a third party.” Details are scarce, and it has not been reported who was behind the attack. The incident has been reported to the National Crime Agency, the National Cyber Security Centre and Information Commissioner's Office. The attackers encrypted data and impacted two of the UKRI's services. The first was a portal for the UK Research...

Myanmar has been experiencing phone and internet service disruptions as the country faces a possible military coup. Data from NetBlocks Internet Observatory, a UK internet monitoring group, found that the service disruption are impacting a number of both local and international service providers such as Telenor and Myanma Posts and Telecommunications (MPT). NetBlocks Internet Observatory who specialise in the internet monitoring of digital rights, cybersecurity, and internet governance mapped Myanmar's IP address space in real-time...

Florida Healthy Kids Corp, a children Medicaid health plan based in Tallahassee has discovered that it has been victim to a 7-year data breach. The health plan was first notified of the breach on 9th December 2020 and soon after launched an investigation into it. During the investigation, they found that there had been "significant vulnerabilities" in their website and databases which support the online children health insurance application since 2013. The vulnerabilities in their...

  Robert Meyers, channels solutions architect and fellow of information privacy at One Identity:  “2020 was a very tumultuous year and, in privacy, some good things happened, and some bad things happened. On the good side, we had the NIST Privacy Framework 1.0, and on the bad side, breach after breach, let alone things that aren’t directly privacy related. The problem with privacy programs is there is too much that comes under the category of...

USCellular has suffered a data breach due to hackers gaining access to their CRM. Once the hackers infiltrated the CRM they were then able to view customers' accounts and personal data. USCellular stated in a data breach notification filed to the attorney general's office in Vermont, that the retail store's employees were victims of a phishing attack which tricked them into downloading software onto company computers. Once the software was installed it allowed the attackers...