News

Intel, the U.S. based global chip provider is investigating a data breach after highly confidential and restricted information was leaked onto online sharing website, MEGA. The data was uploaded to MEGA by software engineer, Till Kottman after receiving the documents from an anonymous hacker who allegedly hacked Intel earlier this year. After analysis, the information has been verified and authenticated and contained intellectual property including chip blueprints and product guides. Till Kottman is no stranger to viewing...

It was announced yesterday that Capital One has been ordered by the Office of the Comptroller of the Currency (OCC) to pay an $80 million fine after the company suffered a massive data breach in 2019. It is estimated that the breach impacted more than 100 million Capital One customers, with names and addresses of individuals from both the US and Canada. It is believed that the cybercriminals behind the attack were a former employee of...

Next-Gen SIEM provider, Securonix has announced availability of its SearchMore functionality that helps operations teams better detect and respond to threats that bypass preventative and detection controls. The company states that "SearchMore delivers the industry’s first Community-Powered Threat Hunting capability and provides the ability to search on real-time, streaming data, as well as long-term data." CEO Sachin Nayyar elaborated: “This is a huge step in cybersecurity monitoring. With a combination of cloud-native and big data...

Optical and imaging giant Canon has been the latest business to be hit by the scourge of ransomware. The Maze strain of ransomware has brought operations to an effective standstill, hitting the Canon email servers as well as internal applications including their instant messaging services provided by Microsoft Teams. Additionally, the US website was also affected by the attack. Maze is a ransomware strain which attempts to gain a foothold in a network by targeting...

A small rural council in the North of England has suffered a staggering financial hit in recovering from a cyberattack. Redcar and Cleveland in Yorkshire were forced to spend £10 million in order to recover from a cyberattack which took online public services offline for a week in February. Infrastructure and system recovery cost £2.4m, and individual council directorates needed £3.4 in recovery funds. This is a very significant number for a local council, already...

Ten influence campaigns emerging from hostile states such as China, Tunisia, Russia, and Iran have been discovered across Google platforms, and removed throughout Q2, Google’s Threat Analysis Group have announced. The group is responsible within Google’s security department for keeping track of high-end cybercriminal activity, which includes nation-state influence campaigns detected. Although the group is run by Google, it also includes external data gained from other social media platforms and other security vendors such as...

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, has released a new report that explores how and why the reputation of security departments have traditionally been perceived as “The Department of No.”   This new report, authored by Javvad Malik, security awareness advocate at KnowBe4, explains how many security teams face a reputational challenge within their organisations. Because they are responsible for the well-being of the organisation at large,...

On June 26, 2020, Wordfence's threat intelligence team discovered a vulnerability in The Official Facebook Chat Plugin, a WordPress plugin installed on over 80,000 sites. This flaw made it possible for low-level authenticated attackers to connect their own Facebook Messenger account to any site running the vulnerable plugin and engage in chats with site visitors on affected sites. Researchers initially reached out to Facebook on June 26, 2020 and included the full disclosure details at...

AdGuard has discovered 295 Chrome extensions that hijack and insert ads in Google and Bing search results. The extensions have been installed by more than 80 million users. In a technical analysis shared with ZDNet, AdGuard said all extensions loaded malicious code from the fly-analytics.com domain, and then proceeded to quietly inject ads inside Google and Bing search results. The apps included utilities such as changing the background for Chrome's 'new tab' page, as well...

Security firm RiskIQ has published a report highlighting several critical vulnerabilities in 12 widely used remote access and perimeter devices. The findings show that the rapidly increasing adoption of these devices amid the COVID-19 pandemic is expanding digital attack surfaces outside the corporate firewall at incredible speed—and introducing a range of critical, rapidly proliferating vulnerabilities. Cybercriminals and nation-states are already taking advantage of these security flaws, including those in F5 Networks' BIG-IP product and Cisco's...