News

It has been predicted that cryptocurrency scams are set to explode after researchers reported a triple-digit increase in registered domains in the first half of 2022, compared to the whole of last year. Cyber security service provider, Group-IB said that they had detected over 2000 domains registered to be used as fake promotion websites in the first half of this year, revealing a 335% increase on the number recorded in 2021. Hence showing a five-fold increase...

Two critical vulnerabilities were found in wireless LAN devices that are allegedly used to provide internet connectivity on airplanes. Thomas Knudsen and Samy Younsi from Necrum Security Labs first discovered the flaws, which were found to have affected the Flexlan FX3000 and FX2000 series wireless LAN devices made by Contec. An advisory, referring to the vulnerability tracked as CVE-2022-36158, noted: "After performing reverse engineering of the firmware, we discovered that a hidden page not listed...

Earlier this week, Apple officially launched its new iOS 16 operating system update for iPhone devices. The update contains several security-focused and privacy features. iOS 16 was first unveiled in June at the WWDC 2022 conference. The update supports iPhone devices starting from iPhone 8, as well as second and third generation iPhone SE devices. 'Lockdown Mode' is a particularly significant feature, first launched in July on selective devices. It is now available on all...

Larazrus Group, the North Korean threat actor group, targeted a malicious campaign towards energy providers around the world between February and July 2022. In April and May, the campaign was partially disclosed by Symantec and AhnLab, respectively. Cisco Talos is providing more details now. In an advisory written on Thursday, Cisco Talos said that the Lazarus campaign involved the exploitation of vulnerabilities in VMWare Horizon to gain initial access to targeted organisation. The advisory stated:...

Alert Logic by HelpSystems launched general availability of its new intelligent response capabilities this year. The innovations, including simple mode and a mobile application, relieve IT and security departments of repetitive response tasks and the need for constant administration through human-guided and fully automated workflows. Seedrs, Europe’s leading online private investment platform, is among the first adopters of the new capabilities, now available at no additional cost to Alert Logic MDR® customers. Alert Logic Intelligent Response™ is...

In Late July, an undisclosed number of Samsung customers in the US had their personal information accessed by an unauthorised user. Samsung, the Korean electronics giant, said that it discovered the breach on 4th August 2022. It has since secured the affected systems, engaged a third-party security firm and contacted law enforcement. A statement issued by the firm said: “We want to assure our customers that the issue did not impact Social Security numbers or...

Researchers have discovered a critical vulnerability in the TikTok Android app which could allow hackers to hijack user accounts remotely. The vulnerability, CVE-2022-28799, was reported to the ByteDance owned company by Microsoft in February 2022. Tiktok quickly fixed the issue. It is estimated that the app has around 1.5billion downloads on the Play Store, however, Microsoft added, the bug has not yet been exploited in the wild. Microsoft further explained: “The vulnerability allowed the app’s...

DESFA, Greece's largest natural gas supplier, said, on Saturday 20th August, that it was hit by a cyberattack that impacted the availability of some of its systems. Ragnar Locker, a hacking group, claimed responsibility for the ransomware attack. They added that they had allegedly published more than 350 GB of data stolen from the DESFA. Security researchers from Cybereason have written a report describing details of the attack The Threat Analysis Report report says: “Ragnar Locker...

Security researchers have identified 1,859 apps across Android and iOS containing hard-coded Amazon Web Services (AWS) credentials. This poses a huge security risk. Symantec's Threat Hunter Team, a part of Broadcom Software, wrote in a report that "over three-quarters (77%) of the apps contained valid AWS access tokens allowing access to private AWS cloud services." Over 50% of the apps were found using the same AWS tokes found in other apps maintained by developers and...

A new survey by Censuswide and the International Cyber Expo found that over a third (34%) of parents are unaware of what online accounts their children are using, highlighting a worrying lack of awareness surrounding their children’s online activity. The survey was conducted amongst 600 parents across the UK. The survey did find that over a fifth of parents claim to know about all their children's accounts, but they're unable to easily access them to...