News

Around 1.8 million customers credit card details were stolen following a cyberattack on four affiliated online sporting goods websites. The incident took place on October 1st, 2021, affecting Tackle Warehouse LLC, Running Warehouse LLC, Tennis Warehouse LLC and Skate Warehouse LLC. The website owners only became aware of the incident on October 15th, 2021. An investigation was carried out which concluded that customers payment information was stolen. The details included customers' full names, financial account...

Reuters has reported exclusively on a simulated war game in which 10 countries, including Israel, the US, UK, Germany, Italy and Switzerland, cooperated to fight a mock cyberattack on the global financial system. The event evolved over 10 days as sensitive data emerged on the Dark Web and the war game used fake news reports that further increased chaos caused in global markets. The simulated attack was purported to have been caused by what officials...

The hackers responsible for the SolarWinds supply chain attacks have again been linked to multiple attacks targeting businesses and governments globally. The hacking group is continuing to refine and retool its methods at an incredible speed while targeting cloud solution providers, services and reseller companies. The intrusions are being actively tracked under two different activity clusters: UNC3004 and UNC2652. Both of these are associated with UNC2452, an uncategorised hacking group, which has been tied to...

A recent survey, conducted by GoodFirms, assesses the risk factors associated with password management and how to safeguard them from attacks or breaches. The results revealed that 30% of respondents reported password leaks and security breaches as a result of poor password practices. Surveyees admitted to making poor password choices, such as sharing them with colleagues, family members or friends; writing them on sticky notes, papers, planners; re-using passwords across multiple sites and only changing...

GOautodial, an open source call center software suite with 50,000 users around the world, has patched two vulnerabilities that could lead to information disclosure and remote code execution (RCE). Unearthed by Scott Tolley of the Synopsys Cybersecurity Research Center (CyRC), the first bug – tracked as CVE-2021-43175 – has been rated medium severity. An API router accepts a username, password, and action that routes to other PHP files that implement the various API functions. However, vulnerable versions of GOautodial validate the username and password incorrectly, allowing...

The National Institute of Standards and Technology (NIST) released analysis showing the number of vulnerabilities reported in 2021 was 18,378 this year. The figure set a record for the fifth year in a row, though the amount of high severity vulnerabilities fell when compared with 2020 There were 3,646 reported high risk vulnerabilities in 2021, as opposed to 2020's 4,381. This year, the number of medium and low risk vulnerabilities reported exceeded those seen in 2020...

A new Identity Fraud Report, conducted by Onfido, has revealed that passports are the most frequently attacked form of identity document. In fact, over the course of the past year, fraudsters increasingly forged passports as opposed to national identity cards. Onfido's researchers believe this to be a sign of fraudsters changing their methods: "they to target the one-sided passport page, rather than a two-sided ID card, and target the most high-assurance document in the hope...

Moobot botnet is leveraging a known remote code execution (RCE) vulnerability in Hikvision products (CVE-2021-36260) to spread a Moobot, which carries out distributed denial of service (DDoS) attacks. The attack surface could be significant: China-based Hikvision touted itself as the “world’s leading video-surveillance products supplier” on the company site.   Although a patch was released in September, any still-vulnerable Hikvision IP Network Video Recorder (NVR) products are being actively targeted by the Mirai-based botnet known as Moobot.   Source:...

A new phishing attack, discovered by Proofpoint, is using the Omicron variant of COVID-19 to steal students' credentials and gain access to accounts. The threat-actors targeting US universities are leveraging the concern around the new virus strain to trick students into opening attachments that lead students to spoofed university login portals. This isn't an entirely new tactic, as attackers have been using the virus as an attack vector since the pandemic began. Threat-actors are using...

Earlier this week, Nordic Choice Hotels announced an attack on its IT systems, which they believed to be a “computer virus”. However it has since been revealed that it was the target of Conti ransomware, leading to hotel guests being locked out of their rooms. As IoT becomes more connected the threat of home and corporate security systems being targeted will only increase. Commenting on this story was Javvad Malik lead security awareness advocate at KnowBe4:...