News

Research has revealed that the likes of Costco, Walmart and The Home Depot are more at risk to web-based cyberattacks then compared to their EU counterparts, according to findings from Outpost24. In a year that saw a global pandemic leading to a 30% surge in online shopping and exponential growth in cybersecurity threats for enterprises, Outpost24 analysed the web application attack surface for 20 of the biggest retailers in Europe and the US to evaluate...

The Outbound Email Security Report by Egress has recently found that tired and stressed employees are the cause of 4 in 10 of the most severe data breaches. As stress levels rise and remote working increase, rushed employees are more likely to make easy mistakes such as attaching the wrong file to an email or sending an email to the wrong person. All the distractions of working from home and increased stress levels due to...

The Australian government have recently sent out a security alert encouraging health sector organisation to check their cyber-security defences, and most importantly their controls for detecting ransomware attacks. Australia’s Cyber Security Centre said that it "observed increased targeting activity against the Australian Health sector by actors using the SDBBot Remote Access Tool (RAT)." This warning comes after a recent increase in attacks on health service organisations worldwide since the COVID-19 pandemic.

The stock photo service 123RF has recently suffered a data breach after their database containing 8.3 million users records has been hacked and put up for sale on a hacker forum. Over the weekend a data breach broker put 123RF’s database of 8.3 million users records online following a data breach. The database includes personal data such as 123RF members’ names, email addresses, company names, phone numbers, PayPal emails, IP addresses, and MD5 hashed password....

The UK's ex-chief of National Cyber Security Centre (NCSC), Ciaran Martin, has warned that we should avoid arming ourselves with new weapons and instead maintain a strong defence in the cyber realm. Martin added that if we do weaponise then we do so 'at our peril'. Martins remarks follow on from reports that nations such as the UK are using offensive cyber-techniques. Martin went on to say that although he is not a digital pacifist,...

Microsoft has recently begun to urge users to stop using mobile-based multi-factor authentication (MFA), such as one-time SMS codes or voice calls, and instead are encouraging users to use newer MFA solutions such as security keys or app-based authentication. Alex Weinert, Directory of Identity Security at Microsoft has issued these warnings, with Weinert being Microsofts main advocate over the past year for encouraging users to enable MFA for their Microsoft accounts.

Multiple sources have reported that Iranian threat actors have been identified as being responsible for the two recent ransomware waves targeting Israeli companies. These ransomware attacks targeting Israeli targets have been happening since mid-October, and have intensified this month. There have been Israeli companies of all sizes targetted by the attacks, with the actors using Pay2Key and WannaScream ransomware strains in these attacks. In these attacks, hackers have breached corporate networks, encrypted files, stolen company...

Outpost 24's 2020 Web Application Security for Retail & E-commerce Report has found that US retailers are far more vulnerable to web application attacks than EU based retailers. The cybersecurity firm Outpost 24 discovered that web apps used by US retailers had a higher aggregated average risk score of 35 compared to EU retailers who have a lower aggregated average risk score of 31. Outpost 24 report also shows that the US retailers have a...

Over 6,000 people's personal data has been published online by Bungling officials following a 'serious' data breach. The Department for the Work and Pensions (DWP) has apologised after it was discovered that an extensive list of National Insurance numbers was left exposed online for over two years. The data that has been left exposed is thought to belong to welfare claimants applying for PIP disability benefits. A watchdog has been examining the incident, with two...

A number of data-scraping groups have been using the Facebook link preview feature to scrape data from internet sites which disguised as Facebook's content crawler. They are using a technique which consists of utilising Facebooks developer accounts in order to place calls to Facebook or Facebook's Messenger API servers requesting a link preview for pages a group wanted to scrape. Facebook then fetch the data, assemble it in a link preview, and send it to...