News

In an attempt to streamline information flows across a fragmented global supply chain, Singapore has officially launched a centralised data platform. The data exchange has already gained the support of more than 70 participants, including banks, logistics operators, and energy companies. The new common data platform, called Singapore Trade Data Exchange (SGTraDex), was introduced in November 2020 as a pilot scheme. The scheme aimed to improve data efficiencies in container flow and financial processes. The...

The website for Russia's Ministry of Construction, Housing and Utilities has reportedly been hacked. An internet search for the site lead users to a "Glory to Ukraine" sign in Ukrainian. On Sunday, Russia's state news agency, RIA, quoted a representative from the ministry, revealing that the site was down, however users' personal data was unaffected. According to the RIA, the hackers were demanding a ransom to prevent the disclosure of sensitive data to the public....

A budget Turkish airline has misconfigured an AWS bucket, resulting in the exposure of flight and source code data, alongside the personal information of crew members. A research team in the employ of SafetyDetectives discovered the cloud data trove was publicly available on February 28. Some of the information was traced back to Electronic Flight Bag (EFB) software developed by Pegasus Airlines. An EFB is an information management tool designed to aid in the productivity...

Italy's Computer Security Incident Response Team (CSIRT) issued an urgent alert on Monday, warning organisations of the significant risk of cyberattack against national entities. The Italian organisation is referring to DDoS (distributed denial-of-service) attacks which, while not necessarily catastrophic, can cause significant damage due to service outages and disruptions. “There continue to be signs and threats of possible imminent attacks against, in particular, national public entities, private entities providing a public utility service or private...

The FBI's cyber division has published a Private Industry Notification warning colleges and universities in the US that higher education credentials are up for sale on the dark web. FBI data suggests that from January 2022, Russian cyber-criminal forums advertised access to credentials from universities and colleges across the US, for prices as high as thousands of dollars. The document also reveals that in May 2021, over 36,000 email and password combinations (it's unknown how...

Remote mobile payments authenticated by biometrics are predicted to reach $1.2 trillion by 2027, according to a new study. In its paper Mobile Payment Biometrics: Key Opportunities, Regional Analysis & Market Forecasts 2022-2027 , Juniper Research has predicted a 365% rise in the value of biometric payments over the next five years. The current value is $332bn. Solutions such as Apple Pay are likely to be a key driver of said growth, alongside the introduction of Strong...

More than 75 vulnerabilities have been added to the Cybersecurity and Infrastructure Security Agency's (CISA)Known Exploited Vulnerabilities Catalogue. Cisco, Microsoft, Adobe, Oracle, Linux vulnerabilities are listed. If an attacker was to exploit these vulnerabilities, they could take control of impacted systems. A considerable number of vulnerabilities were older, ranging from 2010 to 2019, but one more notable vulnerability was a Cisco IOS XR Open Port Vulnerability CVE-2022-20821. “A vulnerability in the health check RPM of Cisco...

Students around the world who were required to use government-endorsed education technology (ed tech) throughout the pandemic had their contact, keystroke and location data plundered and sold to advertising tech companies, according to the Human Rights Watch (HRW).  A staggering 146 out of 164 government-endorsed ed tech products jeopardised children's privacy, with 199 third-party companies receiving personal data, the HRW reported. Out of these, only 35 endorsed vendors disclosed that user data would be collected...

The past two years have seen the energy industry suffer multiple major security breaches, highlighting the need for a collaborative effort in response. During the World Economic Forum (WEF) Annual Meeting 2022, 18 corporations announced their pledge to cooperate on a dedicated solution to strengthen infrastructure across the industry ecosystem. The Cyber Resilience Pledge, according to its website, aims to “mobilize global commitment towards strengthening cyber resilience across industry ecosystems.” “First endorsed by key CEOs...

Crossword Cybersecurity Plc has released a report highlighting anxieties surrounding security strategies soon growing outdated. Over 200 CISOS and senior cybersecurity professionals were surveyed. Key findings include: 40% of respondents expect their current cybersecurity strategy be outdated in the next two years. A further 37% expected their current cybersecurity strategy be outdated in the next three years 61.4% were "fairly confident" in their ability to prevent cyber attacks 44% said they had the means necessary...