News

Amtrak has revealed that some customers may have had their personal information and log-ins stolen after it detected unauthorized access of rewards accounts by a third party. Also known as the National Railroad Passenger Corporation, the state-backed US transportation provider revealed the news in a regulatory filing with the Office of the Vermont Attorney General. Source: Infosecurity Magazine

The Nipissing First Nation administration stopped a ransomware attack in its tracks but not soon enough to prevent disruption of communications. The attack was discovered on May 8 and affected all departments of the administration but most of the network remained unaffected. Source: BleepingComputer 

The team behind the Joomla open source content management system (CMS) announced a security breach last week. The incident took place after a member of the Joomla Resources Directory (JRD) team left a full backup of the JRD site (resources.joomla.org) on an Amazon Web Services S3 bucket owned by their own company. Source: ZDNet In response to the news, Paul Edon, Senior Director Technical Sales and Services (EMEA) at Tripwire, said: This incident confirms the...

Digital collaboration tools have been around for years, however for a lot of businesses they have fallen under the radar until now. Since the outbreak of COVID-19, many organisations have been forced to ask their employees to work from home. This has made these tools a necessity for businesses whose activities rely on collaboration between employees. Finding the right collaborative solutions for your company depends on the unique structure and needs of your organisation. Here...

by Eoin Keary, CEO and founder of Edgescan: For the third year running Edgescan contributed to the Verizon DBiR. The DBiR is recognized as the defacto cyber report which casts a wide net across all types of cyber security and breaches, this includes vulnerability management in both infrastructure and applications. Edgescan vulnerability data is curated and validated, sanitised and reflects tens of thousands of assessments we deliver globally across the full stack to our clients. As stated by...

Toll Group has said it was making "good progress" with the restoration of its key online systems, following the ransomware attack it suffered after a January infection. In an update posted on Friday, the company said MyToll customers could now access most features and its Track and Trace function is available for a number of services, with historical data being progressively uploaded.  "In our Global Forwarding business, systems tests have been completed and we have...

One of the world’s largest telecoms and IT services companies has revealed that attackers may have stolen data from its internal systems, affecting over 600 customers. NTT Communications provides cloud, network and data center services to some of the world’s biggest companies. Its parent, NTT Group, is ranked in the top 100 of the Fortune Global 500. The firm claimed in a lengthy statement on Thursday that it detected unauthorized access to its Active Directory...

The American Civil Liberties Union (ACLU) is taking Clearview AI to court, claiming the company's facial surveillance activities violate the Illinois Biometric Information Privacy Act (BIPA) and "represent an unprecedented threat to our security and safety". The legal action, brought on by lawyers at the ACLU of Illinois and the law firm Edelson PC, is on behalf of organisations that represent survivors of sexual assault and domestic violence, undocumented immigrants, and other vulnerable communities. Clearview...

Security researchers have found a new malware that finds and backdoors open-source NetBeans projects hosted on the GitHub web-based code hosting platform to spread to Windows, Linux, and macOS systems and deploy a Remote Administration Tool (RAT). The malware dubbed Octopus Scanner by researchers at the GitHub Security Lab compromises developers' computers by infecting their NetBeans repositories after planting malicious payloads within JAR binaries, project files and dependencies, later spreading to downstream development systems. "Infecting...

Half of employees are cutting corners with regards to cybersecurity while working from home – and could be putting their organisation at risk of cyber attacks or data breaches as a result. The coronavirus pandemic has forced both employers and employees to quickly adjust to remote working – and often without the watchful eyes of the IT and information security teams, workers are taking more risks online behaviour and handling data than they would at...