News

According to a report by Digital Shadows Photon Research Team, there is at present 15 billion usernames and passwords for sale on the dark web. This is as a result of 100,000 different data breaches that have taken place over the course of the last two years; that is, a 300% increase in stolen credentials. Providing access to bank accounts, streaming as well as other internet services, these credentials are sometimes offered for free by...

Following a breach in the technical database, the casino gambling app, Clubillion, was found recording the daily activities of millions of players across the globe. Alongside this, the vpnMentor research team, also revealed that private user information has been exposed. This puts millions of users at risk of further cyberattacks, not least phishing. Source: European Gaming

It has been revealed by security firm, CRITICALSTART, that mitigation of the severely critical security flaw in F5 Networks' BIG-IP tool can be bypassed. This leaves another 6,000 F5 devices exposed to an attack once again. Source: Computer Business Review

It has recently been discovered that fake TikTok links are being used by cybercriminals to spread malware that captures user data. As part of 59 other Chinese apps banned in India due to privacy concerns, hackers are now leveraging this to target gullible individuals hoping to download the app. The Maharashtra Cyber Police has warned citizens not to open any links from unknown sources. Source: Money Control

Since last July, senior-level executives across 46 different countries were targeted by the business email compromise group, Cosmic Lynx. This is the first known Russian BEC group outside of Nigerian scanners looking to exploit this email-based attack vector. Researchers have found that Cosmic Lynx specifically targets companies that don't use DMARC and utilises a "mergers and acquisitions" pretext to draw people in. Source: Threatpost

Chinese-state sponsored hackers have been using Android spyware tools to target ethnic minority groups particularly Uighurs, Tibetans, and Muslims, across 15 countries which include Malaysia, Turkey, Indonesia and Kazakhstan. First discovered by mobile cybersecurity providers Lookout, the primary aim of these apps is to track, gather and exfiltrate personal user data to attacker-operated command-and-control servers, with the surveillance attributed to the Chinese government’s national security and counter-terrorism efforts. Threat researchers state the spyware exploits the victim’s...

Following the imposition of new national security laws by Beijing, TikTok has announced its withdrawal to operate in Hong Kong. Owned by China-based ByteDance, TikTok has been persistent in denying any affiliation with Chinese authorities or in sharing user data. This withdrawal from Hong Kong app stores is expected to take several days. Source: The Guardian

According to a study by DSA Connect, out of a thousand workers interviewed, 37% believe there will be an increase in fines for data breaches between 2020 and 2025, whilst 6% affirm the rise will be dramatic. The principal reason behind this anticipated rise is due to employees gaining greater access to data. In the last 12 months, 30% of respondents have accessed more data at work than before. Source: Infosecurity Magazine

Xchanging, a managed service provider for those in the insurance industry, has recently informed its investors of a ransomware attack on some of its systems. The incident was initially reported on the 5th of July but representatives of the company claimed that the ransomware did not spread outside of the Xchanging network. Moreover, investigations appear to suggest that the data has been left unaffected. Source: Bleeping Computer

According to research conducted by Frauhofer Institute, out of 127 home routers from seven different manufacturers throughout Europe, 46 were not updated in 12 months. Others had not been updated for more than five years, leaving many routers vulnerable to attack. Despite the fact that vendors have the capability to distribute security patches more often, they do not. Source: SC Magazine