News

High street stationery and book retailer WH Smith disclosed it has been the target of a cyberattack affecting employee and personnel data. It stresses that customer accounts and databases were not affected by the attack as they are stored on separate systems.   On Thursday, the company said it “immediately launched an investigation, engaged specialist support services and implemented our incident response plans, which included notifying the relevant authorities” in a public statement after this...

Salt Security, the API security company, has released new threat research from Salt Labs highlighting several critical security flaws in Booking.com. The now remediated flaws were found in the implementation of the Open Authorization (OAuth) social-login functionality utilised by Booking.com, which had the potential to affect any users logging into the site through their Facebook accounts.   The OAuth misconfigurations could have allowed for both large-scale account takeover (ATO) on customers’ accounts and server compromise,...

CyberSmart has announced the completion of its Series B funding round, raising an additional £12.75 million following its initial Series A investment of over £8 million.  Oxx led the oversubscribed round, with participation from British Patient Capital, Legal & General Capital and Solano Partners, alongside IQ Capital, which backed the company since its seed stage, and other returning investors: Eos Venture Partners, Winton Ventures and Seedcamp. This financial backing will facilitate CyberSmart’s accelerated product development, strengthen channel partnerships, as well as propel the...

Romance Fraud has increased throughout the government implemented coronavirus lockdown. Compared to 2019, the year 2020 saw a 20% increase in money being transferred as a result of romance scams. Scammers were targeting people on dating apps, pretending to want a relationship before asking for money. The UK's Action Fraud reported that £68 million was lost throughout the entire year. People have been warned to be vigilant, especially now with Valentine's Day just around the...

Salt Security, the leading API security company, today announced the addition of Gilad Gruber to the Salt executive team as senior vice president of engineering. A technology veteran with more than 20 years of experience, Gruber brings deep expertise in both consumer and enterprise software solutions. In the newly created role, Gruber will lead engineering functions and drive technology innovation, as the company continues to provide enterprise organisations with the most mature, robust, and intelligent...

Dragos have released the findings from their annual Year in Review report for 2022. The report covers the state of the industrial sectors and the threats against them. Significantly, the report disclosed the identification of two new threat groups: CHERNOVITE and BENTONITE. It also examines new and existing threat activity, key ransomware findings, service engagement updates, as well as information disclosed around key vulnerabilities. Specifically, the report found that cybersecurity risks for industrial organizations continued...

Cato Networks today announced that it was named as a “Leader” and “Outperformer” by GigaOm in the analyst firm’s Radar for SD-WAN Report. This is the first year that Cato was included in the report, alongside 19 other notable vendors in the SD-WAN market. Despite Cato’s “freshman” status, GigaOm rates Cato an Outperformer overall and at the top of the list in both Key Criteria capabilities and Evaluation Metrics. Figure 1: The GigaOm SD-WAN Radar...

A fine of over $400,000 has been handed to the developer of several stalkerware apps, alongside an order to modify the software. A consortium of 16 companies owned by Patrick Hinchy produced apps that snooped users, including DDI Utilities, PhoneSpector, TurboSpy, Surepoint, Easy Spy, and Auto Forward. These apps enabled customers to secretly monitor a range of activities on other devices, including text messages, photos, location, WhatsApp and Skype. Browsing history and other social media...

Ion Markets, a financial data group crucial to the financial plumbing underlying the derivatives trading industry, has fallen prey to the cybercrime group Lockbit.  The company has revealed that 42 clients have been affected by the attack, which has caused major disruption in its cleared derivatives division.  Reports suggest that some clients have been unable to contact Ion by phone since Tuesday, with some travelling to the company's office at St Pauls to seek more...

JD Sports has warned customers that bought items on its website, as well as those of Size?, Blacks and Millets, between November 2018 and October 2020 may have been impacted in the breach. The company has urged customers to be wary of potential phishing emails, calls and texts in the aftermath of the breach, while claiming they were proactively contacting those whose details were confirmed to be stolen. Paul Bischoff, Consumer Privacy Advocate at Comparitech...