News

More than 80 coronavirus-related phishing and scam websites have been taken down just one day after the UK's National Cyber Security Centre asked for the public to report suspicious emails. On Tuesday, the NCSC, in collaboration with the government and the City of London Police launched the 'Suspicious Email Reporting Service' urging people to alert the authorities about potential cyberattacks and scams – whether they're related to coronavirus or something else. Now, just 24 hours...

  Millions of records belonging to users of a fitness technology app were exposed online for almost a month due to a misconfigured database, including a swathe of personal details. Approximately 40GB worth of information belonging to users of Kinomap, a service that creates immersive workout videos for people on rowing and cycling machines as well as treadmills, was discovered by security researchers in March. Source: IT Pro

Hackers are turning their attention to streaming services in an ongoing bid to capitalize on the current COVID-19 pandemic and increase their own profits, according to Mimecast. The email security vendor revealed that it had detected the registration of over 700 suspicious domains designed to impersonate the Netflix brand in under a week. The recently launched Disney+ service is also coming under increasing scrutiny from black hats, it claimed. The reason is simple: COVID-19-related government...

  Four serious security vulnerabilities in the IBM Data Risk Manager (IDRM) have been discovered that can lead to unauthenticated remote code execution (RCE) as root, according to analysis – and a proof-of-concept exploit is available for version 2.0.3. However, IBM has not yet patched the problem. IDRM is a software platform that aggregates threat data from disparate security systems, in order to perform enterprise security risk analysis. According to security researcher Pedro Ribeiro from...

The scam, which was discovered by the Lanop Accountancy Group, involves phishing emails to companies about the scheme that purport to be from the first permanent secretary and chief executive of HMRC, Jim Harra. Sent via the email address [email protected], official HMRC branding was used by the culprits, and the message asks for the bank details of the recipient. Approximately 50 company owners reported the scam to Lanop upon noticing the false address alongside the...

The National Cyber Security Centre today launched a new scam reporting service to allow citizens to report fake, fraudulent and suspicious emails, including those that offer coronavirus-related services. The NCSC today announced a cross-governmental ‘Cyber Aware’ campaign which includes advice for people to protect passwords, accounts, and devices and also includes specific precautionary guidelines for personal and professional use of video conferencing services such as how to set up accounts, arrange chats, and protect the...

Ransomware attacks on the United States have diminished significantly and are "now at a level not seen in several years," according to cybersecurity company Emsisoft. In new research published today, Emsisoft found a marked drop in ransomware attacks on US entities coinciding with the onset of the COVID-19 health crisis. In 2019, ransomware impacted 966 government agencies, educational establishments, and healthcare providers in the US. Emsisoft experts who anticipated an even higher number of attacks...

A data breach in the Small Business Association‘s online application portal may have compromised personal information for nearly 8,000 businesses seeking emergency loans last month, the agency said today. In a letter to affected business owners, a copy of which was obtained by POLITICO, SBA said it discovered March 25 that the application system for Economic Injury Disaster Loans may have disclosed personal information to other applicants of the program — including Social Security numbers,...

As the number of cyber criminals targeting remote workers grows, the National Cyber Security Centre has kicked off a new effort to encouraging people to report suspicious emails in an attempt to crack down on fraudsters and phishing scams. The coronavirus pandemic has led to record numbers of organisations requiring people to work from home – and in many cases, those employees haven't had any previous experience of working remotely and could be unaware of...

Over the course of the last month, Nintendo users have been increasingly reporting that their accounts have been getting hacked and accessed from remote locations around the globe, with some users losing money as a result of the unauthorized intrusion. The account hijackings appear to have started mid-March and have reached a peak over the weekend when more and more users started receiving email alerts that unknown IP addresses have been seen accessing their Nintendo...