News

A French father attempting to use a signal jammer to prevent his children from accessing the internet accidentally knocked out an entire town's internet connection. A complaint was sent to the French Agence Nationale des Fréquences, who are responsible for managing radio frequencies in the country received an unusual complaint (translated) from a mobile phone operator. Strange signal drops impacting the telephone and internet services of residents in the French town of Messanges were detected by...

According to BleepingComputer, Element Vape, a major online vendor of e-cigarettes and vaping kits is serving a credit card skimmer on its live site, presumably after being hacked. The company sells e-cigarettes, vaping equipment, e-liquids and CBD products and has significant presence across the US and Canada. Element Vape's website is hosting a malicious JavaScript file from a third party website, appearing to contain a credit card skimmer. It is currently unknown how long the...

UpdraftPlus, a WordPress plugin with over 3 million installations, has been patched following the discovery of a vulnerability by security researcher Marc Montpas. The Wordfence Threat Intelligence team explained in a blog post that the vulnerability enables any logged in user, including subscriber-level users, to download backups made with the plugin. The WordPress security company explained that backups contain a great deal of sensitive information, often including configuration files which can be used to access...

Trickbot, the bane of many cybersecurity professionals lives', has begun to target the customers of 60 major institutions including Wells Fargo and Bank of America. The attacks come through web injections and phishing campaigns. Initially, Trickbot was a relatively simple Banking Trojan similar to Zeus, Agent Tesla, Dridex and DanaBot. Following the retirement of the Dyre botnet in 2016 and the infrastructure supporting the Emotet botnet being disrupted by Europol and the FBI last year,...

The mysterious outage is as yet unexplained and hit Royal Bank of Canada (RBC), Bank of Montreal (BMO), Scotiabank, TD Bank Canada and the Canadian Imperial Bank of Commerce (CIBC). "We are currently experiencing technical issues with our online and mobile banking, as well as our phone systems," an RBC representative confirmed. "Our experts are investigating and working to get this fixed as quickly as possible, but we have no ETA to provide at this time....

The Office of the Inspector General (OIG) has released a report revealing that Baltimore city was tricked out of hundreds of thousands of dollars last year by a cyber-criminal posing as a vendor. After receiving information from Baltimore's Bureau of Accounting and Payroll Services (BAPS) in regards to a suspected fraudulent Electronic Funds Transfer (EFT), the OIG launched the investigation that uncovered the scam. Suspicions arose when a contractor received funds from the Mayor's Office...

Scan text messages claiming to be from NHS Test and Trace have been circulating recently, Cornwall council warns. The messages falsely claim that the recipient has been in close contact with someone that has tested positive for Covid and asks them to click on a link to book a test. The texts are sent from mobile phone numbers. Cornwall Council is advising people to "think twice before clicking any links" "These texts can seem very...

Google has announced that they have doubled the rewards for anyone who can who can demonstrate working exploits for a range of zero-day and one-day vulnerabilities across a variety of platforms. The reward increases are applicable to exploits discovered in the Linux Kernel, Kubernetes, Google Kubernetes Engine (GKE), or kCTF (Kubernetes-based infrastructure for capture the flag exercises). The next review will come at the start of 2023. Rewards for valid one-day security exploits, sometimes known...

A new report from CrowdStrike has revealed that ransomware-related data leaks increased by 82% year-on-year in 2021, but three-fifths of cyber attacks involved no malware whatsoever. The security company’s 2022 Global Threat Report was put together using an analysis of its own incident response engagements and security telemetry. The report revealed that 62% of attacks used legitimate credentials to access networks, a process known as "non-malware, hands-on-keyboard activity" before using "living off the land techniques" to move...

The attacks knocked out the Ukrainian defence ministry's website and two bank networks were knocked out. According to the internet monitoring organisation NetBlocks, the attack hit on Tuesday afternoon and lasted for several hours. In a statement yesterday, the organisation revealed that “NetBlocks metrics confirm the loss of service to multiple banking and online platforms in Ukraine, in a manner consistent with a denial-of-service attack. The incident comes amid heightened tensions with neighbouring Russia.” “Metrics...