News

Following the great Twitter hack last week, it has been revealed that hackers had viewed the private messages of 36 of the affected accounts. While it has not been announced who these accounts belong to, one is believed to be owned by an elected official in the Netherlands. According to Twitter, no other former or current politician has had their DM accessed. It is not clear how many of the accounts overlap with the 45...

Researchers at Cisco Talos have identified a new botnet dubbed Prometei which has been active since March of this year. They have described the attacks to be a complex campaign utilising multi-modular malware. It has been spreading across compromised networks through SMB exploits, including the EternalBlue exploit for Windows Server Message Block communication protocol. The goal of the attack is to mine for Monero (XMR) cryptocurrency and lock as many systems possible for increased profit,...

During a transfer deal, a Premier League club almost lost £1m and this was only halted because of an intervention by the unnamed club's bank, reports the BBC. A report from the NCSC revealed that the attempted theft came about as a result of an email address hack; specifically, a hack of the Premier League club's managing director email. Hackers also cut off the club's security systems, and blocked turnstiles which almost lead to a...

Edgescan's Senior Security Consultant Guram Javakhishvili has identified numerous vulnerabilities across several popular applications. Some of which have not yet been announced to the public until vendors have implemented the appropriate patches. For the moment, however, five vulnerabilities have been found in the content management system, CMS Made Simple, and has been disclosed. Three of which have been resolved and two remains outstanding. Guram has also discovered three vulnerabilities in LimeSurvey 3.21.1 which have been fixed...

An automated 'meow' attack is circulating the public web targeting dozens of unsecured databases without any explanation or a ransom note. According to BleepingComputer, a simple search on Shodan shows many databases affected by this attack. Many researchers are now scrambling to identify any exposed databases and report them responsibly before they are wiped, or 'meowed'.    

Collating data from government reports, police websites, and news articles across 150 countries, cybersecurity analysts at Comparitech have identified London to be the third most surveilled city in the world. London was only one of two cities, the other being Hyderabad in India, outside of China that ranked in the top 20 most surveilled cities. Of the 770million cameras currently installed across the globe, it was found that 54% were found in China.

According to YorkMix, the personal details of staff and students from the University of York have been stolen by hackers. The US tech company, Blackbaud, which provided the university with a customer management system had suffered a ransomware attack in May of this year. However, they only informed the university on the 16th of June. The university, in turn, only informed those impacted on the 21st of July. Information stolen included phone numbers and email...

According to a report by Check Point, attackers are increasingly leveraging public cloud services to share malicious documents or phishing pages which collect login details. This includes the use of Google Drive but also Microsoft Azure, Microsoft Dynamics and IBM Cloud, finds Bleeping Computer.

WeLiveSecurity yesterday reported that seven Virtual Private Network VPN providers had exposed the personal data of over 20 million users. This is in spite of the fact that they had claimed not to keep any logs of their users online activity. The data leaked included email and home addresses, clear text passwords, IP addresses as well as internet activity logs.    

The largest telecommunications company in Argentina fell victim to a ransomware attack on the 18th of July. The attack was largely contained by the company's IT workers and services such as landlines, mobile phones or the internet do not look to have been affected. However, hackers are now demanding the company pay $7.5 million, or $15million if this is not paid within 48 hours, CoinTelegraph reports.