News

With cyber threats in continuous evolution, now more than ever do we need new ideas, new products, new protective measures to defend individuals and organisations, public and private, from cyber attacks. To help academics commercialise their ideas, CyberASAP (Cybersecurity Academic Startup Accelerator Project), funded by DCMS in collaboration with Innovate UK & KTN, has created a programme that has, since its launch four years ago, helped over 50 academic teams progress their ideas from lab...

An IT security firm has recovered 9,050,064,764 login credentials in possession by cybercriminals from over 640 data breaches involving emails and usernames secured using plaintext passwords. Password reuse, improper hashing, misconfigured servers, and the use of common weak passwords and common phrases were the main reasons which led to the compromise of users’ accounts. Source: CPO Magazine

A new Emotet campaign is spread via SMS messages pretending to be from banks and may have ties to the TrickBot trojan. Attackers are sending SMS messages purporting to be from victims’ banks – but once they click on the links in the text messages, they are asked to hand over their banking credentials and download a file that infects their systems with the Emotet malware. Source: Threatpost

Health care organizations continue to be a popular target for hackers. According to information from the U.S. Department of Health & Human Services (HHS), over 30 reports of data breaches have been filed by health care entities in the first month and a half of 2020. Although a few reported breaches involved theft or improper disposal of information, the majority of the reported breaches involved hacking/IT incidents and unauthorized access or disclosure. Source: National Law...

The data provided is clearly showing that the UK should be doing a lot more now when securing data. A shocking find from this data was that at least 1,474 devices were reported as being lost; 347 as stolen; and 183 were unknown. Of these devices, just 249 were recovered. Steve Beeching, managing director of Viasat UK has insisted that encrypting devices is not enough when protecting data from hackers. Source: Teiss

The personal details of more than 10.6 million users who stayed at MGM Resorts hotels have been published on a hacking forum this week. Besides details for regular tourists and travelers, included in the leaked files are also personal and contact details for celebrities, tech CEOs, reporters, government officials, and employees at some of the world's largest tech companies. Source: ZD Net

With one of the most anticipated cybersecurity events of the year just around the corner, we thought to help you navigate around the 700 exhibiting vendors we’d highlight some of what a handful of those companies will be talking at the show. ‘The Human Element’ is the theme of RSA Conference 2020, but there is also a lot of noise around issues and challenges surrounding election security, open source tools, product security and anti-fraud. So, what...

While the number of people affected by the coronavirus is climbing daily, it's another form of virus that has analysts worried elsewhere. Coronavirus-themed malware is starting to spread, according to a report by cybersecurity software company Check Point. Several spam campaigns thematically linked to the global epidemic have emerged since the outbreak of the coronavirus in Wuhan, China, according to Check Point's Global Threat Index for January 2020. Source: Mashable

A new email-based form of crypto ransomware is targeting website owners using banners from Google’s AdSense program. According to the report by KrebsonSecurity, the scam involves criminals threatening site owners with a flood of bot and junk traffic to trigger Google’s automated anti-fraud system, leading the suspension of their AdSense account for suspicious traffic. In exchange, the fraudsters are asking for a ransom paid in bitcoin in order to avoid the potential of losing AdSense...

An advanced threat actor has been targeting gambling and betting companies in multiple regions of the globe with malware that links to two Chinese hacker groups. Named "DRBControl" by security researchers, the group uses malware not publicly reported before. The mission appears to be cyberespionage, stealing databases and source code from the targets being part of the operation. Source: Bleeping Computer