News

New research from Comparitech has revealed that UK government employees received 2.4 billion malicious emails in 2021. This equates to around 2400 emails per employee, per year. The tech research firm acquired this information through Freedom of Information Requests. Perhaps more concerning, it's estimated that employees across 260 organisations clicked 57,000 suspicious links over 2021. Assessed by employee, NHS Digital recorded by far the highest number of malicious emails in 2021 (89,353), followed by the government...

Research carried out by Check Point Research (CPR) has revealed that LinkedIn is the most impersonated brand for phishing attacks. In its 2022 Q1 Brand Phishing Report, CPR revealed that phishing attacks impersonating LinkedIn made up 52% of all attempts globally in the first quarter of 2022. This is a 44% increase when compared to Q4 2021, during which LinkedIn was the fifth most impersonated brand. ollowing LinkedIn, the most frequently impersonated brands in phishing...

One Identity, a leader in unified identity security, announced yesterday that its One Identity Partner Circle Program had achieved exceptional results during the recently ended fiscal year as evidenced by 80% of global company sales linked to the channel (fiscal year 2022 ended January 31). Other milestones include the addition of more than 600 new partners driven by the recent acquisition of OneLogin and the growth of new partner resources and training classes. For many...

The US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation and the Treasury Department have all warned of new, ongoing attacks targeting blockchain companies, carried out by the Lazarus Group. The activity cluster has been dubbed TraderTraitor, involving the North Korean state-sponsored advanced persistent threat (APT) actor striking entities operating in the Web 3.0 industry since at least 2020. Lazarus Group typically targets cryptocurrency exchanges, decentralised finance (DeFi) protocols, play-to-earn cryptocurrency video...

The UK Prime Minister's Office has been targeted by Pegasus spyware over the past two years. Citizen Lab, a Canadian non-profit, has been tracking the use of the spyware, produced by Israel's NSO group, in recent years. NSO Group is being sued by WhatsApp and Apple as their customers were targeted by the covert malware. It also emerged last year that the iPhones of nine US State Department officials were compromised by the spyware. Citizen Lab revealed...

Cloud security is the umbrella that holds within it: IaaS, PaaS and SaaS. Gartner created the SaaS Security Posture Management (SSPM) category for solutions that continuously assess security risk and manage the SaaS applications' security posture. With enterprises having 1,000 or more employees relying on dozens to hundreds of apps, the need for deep visibility and remediation for SaaS security settings is only getting more critical. The top pain points for SaaS security stem from:...

A global consortium of cybersecurity companies have collaborated with Microsoft to disrupt the Zloader botnet. The operation succeeded in seizing control of 65 domains used to control and communicate with infected hosts. "ZLoader is made up of computing devices in businesses, hospitals, schools, and homes around the world and is run by a global internet-based organized crime gang operating malware as a service that is designed to steal and extort money," Amy Hogan-Burney, general manager...

Nordex Group, a major German wind turbine manufacturer, suffered a cyberattack on the 31 March 2022. According to Nordex, the attack was discovered early by IT security teams, who reacted quickly. The company has announced that IT systems across multiple locations and business units were shut down as part of their response protocols. The company has said in a statement: "Nordex turbines continued operating without restrictions and wind farm communication with grid operators and energy...

Authorities in Pinellas Park, Florida have arrested 27-year old Aaron Daniel Motta after he allegedly stole a client's Trezor hardware wallet and its password while providing security assistance. Motta is a "certified ethical hacker", and has been charged with grand theft and other computer offenses. The accused is currently self employed and owns Motta Management and Mitigation Services, alongside actively participating in Apple's bug bounty program. Motta was taken to Pinellas County Jail on April...

RaidForums, one of the world's largest hacking forums, has been raided and taken down by an international law enforcement operation. The forum was notorious for selling access to stolen personal information. The operation, dubbed "Tourniquet", involved authorities from the US, UK, Sweden, Portugal and Romania. The investigation culminated in the arrest of the forum's administrator last month at his home in Croydon, England. The three confiscated domains associated with the illicit marketplace include "raidforumscom," "Rfws,"...