News

It is well known that convenience breeds attack vectors in tech, and this is all the more true when considering cheap hardware. Unfortunately, the consequences of cheap devices often comes at the expense of security. Pre-installed Triada and xhelper malware have so far carried out a total of 19.2 million suspicious transactions from over 200,000 used or newly purchased phones. According to HackRead, and Upsteam's security platform, Chinese the manufacturer, Transsion manufactures low-cost Android smartphones...

Last week, the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) issued a joint release cautioning the public of a rise in 'vishing' or voice phishing attacks on organisations. The release indicates that this tactic was employed more prevalently from mid-July, and is the result of a "mass shift to working from home, resulting in increased use of corporate virtual private networks (VPNs) and elimination of in-person verification". Through vishing attacks,...

With attacks on organisations beginning earlier this month, DarkSide is the latest ransomware operation to emerge. Having announced themselves through a 'press release', as revealed in BleepingComputer, this ransomware has already garnered million-dollar payouts for their attacks. The threat actors have allegedly worked with other ransomware operations making millions of dollars. However, this new product was supposedly created to address their unmet needs. They wrote: "We are a new product on the market, but that...

For over 36 hours, the popular darknet market - Empire Market - has remained offline. This is according to a range of sources, not least the researcher and analyst Dark.fail who has been tweeting about this blackout. Moreover, this subject has been attracting significant attention in various online forums, including the Reddit threat r/darknet and its deep web equivalent, Dread. According to Dark.fail, the blackout is a result of a distributed denial-of-service (DDoS) attack. In...

After suffering a ransomware attack the University of Utah has reportedly paid the ransom to hackers in an attempt to stop the criminals from exposing the encrypted student data. It is believed only 0.02% of data was taken from the servers and in a statement the university said: "After careful consideration, the university decided to work with its cyber insurance provider to pay a fee to the ransomware attacker. The statement continues: "This was done...

Research has found that since the beginning of lockdown, there has been an increase of 940% in the amount funded for UK cybersecurity start-ups. Despite the Covid-19 pandemic, it is believed that £496m had been raised in the first half of 2020 – this eclipsed the total amount raised in 2019 which was £521m. Furthermore, the Cybersecurity: Building Business Resilience report claims that business spending on cybersecurity will double to £136bn this year. Given the high...

It was initially reported that the sensitive data on almost 2000 Instacart shoppers may have been exposed to third-party contractors who were providing IT and Security support. However, as information has come to light, Instacart has revealed that no customer information or profiles were accessed or impacted. Instacart released a press release which states the two employees from a third-party contractor "may have reviewed more shopper profiles than was necessary in their roles as support...

In the 2020 “Security Culture Report”, data was collected from 120,050 employees in 1,107 organisations across 24 countries. There was a total of 17 industry sectors examined in detail and results revealed a large gap between the best performers and the poor performers when it comes to security culture. Only 7% of the analysed organisations have demonstrated a good security culture. The majority, 92%, were found to have developed a moderate security culture. The study...

According to data obtained from a Freedom of Information inquiry conducted by the Lanop Accountancy Group, Her Majesty's Revenue and Customs (HMRC) is investigating 10,428 email, SMS, social media, and phone scams exploiting the Covid-19 pandemic. The highest rate of phishing scams occurred shortly after many countries went into lockdown in May with 5,152 reports to HMRC from members of the public and businesses, up from just 133 in March. Likewise, June saw a large...

As if times weren't hard enough for the travel industry, BleepingComputer revealed that the cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend. When it comes to passenger travel, data breaches and ransomware can be especially catastrophic. Biographical information, travel details and potentially passport information are like gold dust on the black market. Perhaps this is why airlines, hotels and cruise operators are so...