Uncategorized

As the transition to remote working has forced many companies' hands for increased or faster adoption of cloud services, One Identity has announced the availability of its new software-as-a-service (SaaS) identity governance and administration (IGA) and privileged access management (PAM) solutions. Based on the One Identity Security Platform and designed with the full IGA and PAM capabilities of its industry-leading solutions, the new SaaS offerings allow organisations to implement a Zero Trust model and are...

Florida Healthy Kids Corp, a children Medicaid health plan based in Tallahassee has discovered that it has been victim to a 7-year data breach. The health plan was first notified of the breach on 9th December 2020 and soon after launched an investigation into it. During the investigation, they found that there had been "significant vulnerabilities" in their website and databases which support the online children health insurance application since 2013. The vulnerabilities in their...

A serious vulnerability has been found in the latest version of GNU Privacy Guard (GnuPG)'s free encryption software cryptographic library, Libgcrypt 1.9.0. Libgcrypt is GnuPG's general purpose cryptographic library GnuPG, but a number of other encryption software's also employ it. Libgcrypt 1.9.0 was originally been released last week, on 19th January 2021, and was supposed to be integrated into the latest GnuPG 2.3 release. However, Werner Koch, the author of Libgcrypt and the principal developer...

A new phishing tool kit has been developed by a cybercrime group which allows criminals to change text and logos in real-time on phishing pages in order to adapt to victims. The kit is called LogoKit, and according to it RiskIQ is has already been seen in use online. RiskIQ has said that the toolkit has been identified on over 300 domains in the past week alone, and more than 700 sites in the past...

New research from Seqrite has found that in 2020 there were 13,733 malware threats detected every hour. The report showed that of all threats Trojan malware threats were the leaders quarter-on-quarter (QoQ) and year-on-year (YoY). According to the research out of the 113 million malware detections, the first quarter totalled the highest at 36 million detections. It also showed that in the month of January there were the most malware attacks. Himanshu Dubey, Director, QuickHeal...

Google has revealed that a number of cyber-security researchers who are focused on vulnerability research have been targetted by a North Korean government hacking group. Google's Threat Analysis Group (TAG), who is a security team specialised in discovering advanced persistent threat (APT) groups, first noticed the attacks. Google's TAG published a report outlining the attack, explaining that North Korean hackers contacted security researchers using fake personas on multiple profiles across a range of various social...

Surveillance Camer The former ADT Security technician pleaded guilty to computer fraud. He admitted to secretly tapping into customers' home security systems over 9,600 times since 2015. A prosecutor explained how Aviles added his personal email address to his customers' ADT Pulse accounts, giving him real-time access to their surveillance systems. “This defendant, entrusted with safeguarding customers’ homes, instead intruded on their most intimate moments,” said U.S. Attorney Prerak Shah. “We are glad to hold...

President Joe Biden has announced that he will be appointing a number of national security experts in order to help the US government recover from one of the most vicious hacks its agencies have ever suffered. While cybersecurity was demoted as a policy focus with the Trump administration, it will be of increased importance for the Biden administration. In December a major hack targeted eight federal agencies, as well as a number of companies, including...

This weekend IObit, a Windows utility developer, was hacked resulting in strange DeroHE ransomware being distributed to a number of its forum users. IObit is a software developer that is known for anti-malware programs, such as Advanced SystemCare, and Windows system optimization. Over the weekend IObit forum members started to receive emails that were supposedly from IObit. The emails stated that forum members are entitled to a 1-year license to their software for free.