News

Zoom has awarded researchers $1.8 million in bug bounties over 2021, and $2.4 million since the programs launch. Bug bounties have emerged as a popular cybersecurity method recently, amidst the industry's skill shortage. Estimates suggest that there will be roughly 3.5 million unfilled job openings by 2025 in the US alone. Zoom has experienced a huge rise in popularity in recent years, as COVID-19 forced many employees into a work-from-home or hybrid working environment. An...

Electric vehicle owners in the Isle of Wight, UK, were surprised yesterday when public charging points displayed pornography. Service screens at the council-owned car parks across Quay Road, Cross Street, Cowes and Moa Place, Freshwater were supposed to display the council website, but hackers changed several of them to show explicit images. The Isle of Wight County Press first reported the incident, after being notified by its readers. A council spokesman has made a statement...

Cash App, a popular stock trading app, has suffered a data breach impacting up to 8.2 million former and current users. It has been reported that the breach was caused by a former employee illegitimately accessing customer information. Block, Cash App's owner, notified the Security and Exchange Commission (SEC) of the breach on Monday. The filing reported that a former employee downloaded investing reports containing information belonging to US customers, including full names, brokerage account numbers,...

The Hydra Market, a Russian-language darknet marketplace formerly specialising in the sale of illicit drugs, forged documents, intercepted data and illegal digital service, has been shut down by German Federal police. Working in conjunction with the United States Justice Department, authorities closed German servers of the marketplace on Tuesday, seizing $25m in Bitcoin of alleged dirty money. Prosecutors in Frankfurt have said that Hydra, active since 2015, was the largest darknet market in the world...

Today, Armis announced the appointment of Tom Gol as CTO for Research. He will be reporting directly to Nadir Izrael, Global CTO and Co-founder at Armis. In this role, Tom will lead and oversee all research efforts as the company continues to solidify its place as a security leader and expert in threat and vulnerability research. His team will work to bolster the Armis platform and enhance product development, effectively integrating research to make a substantial impact. Tom...

The Works has reported that five of its 526 shops were forced to close last week as hackers gained access to its computer systems and caused issues with its tills. While customers are experiencing longer delivery times for online orders, the company has said that no shoppers' payment details had been compromised. The Works said in a statement: "Customers can continue to shop safely at The Works, both in store and online." All debit and...

Academics from the University of Oxford and Armasuisse S+T have identified a novel attack technique targeting the widely-used Combined Charging System (CCS). They say the method could potentially disrupt the ability to charge electric vehicles at scale. The "Brokenwire" attack method meddles with the control communications between the vehicle and charger, wirelessly aborting charging from as far as 47m away. Researchers explained: "While it may only be an inconvenience for individuals, interrupting the charging process...

There is often confusion between Cloud Access Security Brokers (CASB) and SaaS Security Posture Management (SSPM) solutions, as both are designed to address security issues within SaaS applications. CASBs protect sensitive data by implementing multiple security policy enforcements to safeguard critical data. For identifying and classifying sensitive information, like Personally Identifiable Information (PII), Intellectual Property (IP), and business records, CASBs definitely help. However, as the number of SaaS apps increase, the amount of misconfigurations and...

Iberdrola, a Spanish energy provider, has suffered a data breach affecting over one million customers, local reports suggest. The company is headquartered in Bilbao and is the parent company of Scottish Power. They have reported that the attack took place on March 15 this year. The breach reportedly resulted in the theft of customer ID numbers, phone numbers and home and email addresses. Fortunately, it does not seem as if financial information was stolen. Iberdola...

Trezor, who manufacture hardware devices designed to store digital currency, has warned its customers not to reply to official-looking emails after identifying a convincing phishing campaign. Several customers complained to Trezor's twitter account over the weekend to complain about a scam email claiming that a data breach had hit over 100,000 customers. The email reportedly told customers that a "malicious actor" had successfully compromised Trezor Suite servers and accessed their wallets. In the email, scammers...