News

A new survey by Censuswide and the International Cyber Expo found that over a third (34%) of parents are unaware of what online accounts their children are using, highlighting a worrying lack of awareness surrounding their children’s online activity. The survey was conducted amongst 600 parents across the UK. The survey did find that over a fifth of parents claim to know about all their children's accounts, but they're unable to easily access them to...

India's newest commercial airline, Akasa Air, exposed personal data belonging to its customers. The company blamed these data leaks on technical configuration errors. Ashutosh Barot, a security researcher, added that this issue originated in the account registration process, leading to the exposure of personal information such as gender, email addresses, names, and phone numbers. The bug was identified on 7th August 2022, the same day that the airline commenced its operations in the country. Barot...

According to the Mid-Year Cyberthreat Report, published on August 24th, by Acronis, a Switzerland-based cybersecurity company, nearly half of breaches during the first six months of 2022 involved stolen credentials. The goal of stealing credentials is to launch ransomware attacks. According to the report, this “continue to be the number one threat to large and medium-sized businesses, including government organizations." Attackers usually use phishing techniques to extract these credentials. In the first half of the...

Password management giant LastPass has revealed details of a security incident earlier this month in which proprietary information was stolen by threat actors. The company said that the intrusions took place two weeks ago. The firm said that the intrusion took place two weeks ago. “We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some...

The Dominican Republic's Instituto Agrario Dominicano (IAD) has suffered a Quantum ransomware attack. The attack encrypted multiple services and workstations throughout the government agency. The IAD is part of the Ministry of Agriculture and is responsible for executing Agrarian Reform programmes in the country. According to local media reports, the ransomware attack occurred on 18th August, which has impacted the agency's usual operations. IAD Director of Technology, Walixson Amaury Nuñez, told local media "they ask for...

The EU's Justice and Home Affairs Agencies' Network (JHAAN) has released new details of its continued work to monitor and contain cyber-threats since Russia's invasion of Ukraine. A recently published paper, Contributing to the EU's Solidarity with Ukraine, outlines the work of nine EU agencies in this area. The list includes the European Union Agency for the Operational Management of Large-Scale IT Systems (eu-LISA). It has been helping member states improve cyber-monitoring and protection of...

According to a new study by BlueVoyant, the percentage of media companies susceptible to compromise is double the figure across all other sectors. The vendor performed a cybersecurity posture analysis on 485 organisations from the media industry. The findings were compiled in its Media Industry Cybersecurity Challenges report. Prompt patching appeared a challenge for media companies, with 60% of identified systems still unprotected six weeks after a patch. 30% of the media companies analysed are...

Budget Android device models that are counterfeit versions associated with popular smartphone brands contain multiple hidden trojans designed to target WhatsApp and WhatsApp Business messaging app. Doctor Web first came across the malware in July 2022. It was discovered in the system partition of at least four different smartphones: radmi note 8, P48pro, Note30u, and Mate40. The cybersecurity firm published a report earlier this week. It stated: "These incidents are united by the fact that...

General Bytes, the Bitcoin ATM manufacturer, confirmed that it was the victim of a cyberattack that exploited a previously unknown flaw in its software to steal cryptocurrency from its users. The company issued an advisory last week. It stated: "The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page that is used for the default installation on the server and creating the first administration...

Cryptojackers, trojanised crypto-currency miners, continue to spread across computers globally, while also becoming stealthier and increasingly avoiding detection. The new analysis was published by Microsoft's 365 Defender Research Team on Thursday. The technical write up reads: “In the past several months, Microsoft Defender Antivirus detected cryptojackers on hundreds of thousands of devices every month." “These threats also continue to evolve: recent cryptojackers have become stealthier, leveraging living-off-the-land binaries (LOLBins) to evade detection.” Cryptojackers are using...