News

by Budgie Dhanda, CEO of Qufaro & Adrian Davis, Visiting Professor at University of Sunderland The lack of trained professionals in the cybersecurity industry is a problem that official statistics predict will only get worse with time. In fact, the 2017 ISC2 Global Information Security Workforce Study predicted a global 1.8M shortfall by 2022. The threats that organisations need to brace for are in continuous evolution, and more than ever is there a need for a...

The Maze Ransomware is conducting a new spam campaign that targets Italian users by pretending to be the country's Tax and Revenue Agency. The Maze Ransomware is not a new infection, but within the past month it has been picking up steam with new campaigns, partnering with exploit kits, and inserting playful comments targeting researchers in their executables. Source: Bleeping Computer

A ransomware attack hitting Las Cruces Public Schools forced the district to shut down the entire computer system to contain the infection. Exchanging information with schools is impaired as email and other forms of computer-based communication is no longer possible at this moment. Source: Bleeping Computer

Data breaches hitting massive entities like Equifax, Facebook and Target grab headlines, but the impact on small businesses is just as severe with attacks causing bankruptcy or even forcing a firm to shutter its doors. A report issued by the National Cyber Security Alliance, based on a Zogby Analytics survey of 1,008 small businesses with up to 500 employees, found that after suffering a data breach 10 percent went out of business, 25 percent had to file...

Italian global banking and financial services company UniCredit S.p.A. yesterday disclosed a data breach incident involving a file containing roughly 3 million records. The file was generated in 2015, which suggests that customers who created accounts in 2016 and beyond are likely safe. Affected information consisted of customers’ names, cities, telephone numbers and emails. Source: SC Magazine

Facebook-owned WhatsApp has filed a lawsuit against Israel's NSO Group, alleging the firm was behind cyber-attacks that infected devices with malicious software. WhatsApp accuses the company of sending malware to roughly 1,400 mobile phones for the purposes of surveillance. Users affected included journalists, human rights activists, political dissidents, and diplomats. Source: BBC

Companies need to beware of both external cyberattacks and insider threats. Like a classic horror film, both threats come with their own elements of mystery, suspense and fear. Fortunately, it is possible to defend each type of attack vector using a similar cybersecurity strategy for each. More on that later. First, let’s set the scene of the current security landscape.

Scammers are hacking into WordPress and Blogger sites and using the hacked accounts to create posts stating that the blogger's computer has been hacked and that they were recorded while using adult web sites. Source: Bleeping Computer

U.S. fast-food restaurant chain Krystal disclosed a security incident involving one of is payment processing systems and affecting some of its restaurants between July and September 2019. Krystal was founded back in 1932, currently has 342 locations in the Southern United States and "is the original quick-service restaurant chain in the South" according to a press release published on Friday. Source: Bleeping Computer  

French fashion online store Sixth June is offering shoppers more than the latest in men and women streetwear apparel as the site was infected some time ago with code that steals payment card info at checkout. The infosec community typically refers to this type of scripts as MageCart because they initially targeted sites using the Magento e-commerce platform. Source: Bleeping Computer