Tag: Information Security Buzz

Read the original article: Details Of 20 Million Aptoide App Store Users Leaked On Hacking Forum – Expert Insight News broke over the weekend, detailing that the stolen records of 20 million users of a popular Android app store have been published…

Read more →

Read the original article: Singapore Warns Political Parties Of Cybersecurity Threats, Election Interference With general elections expected to be held within a year, Singapore’s political parties have been issued advisories about the threat of foreign interference and cybersecurity threats. They…

Read more →

Read the original article: Experts Insight On Coronavirus Scammers Taken Offline In Major Phishing Crackdown UK’s National Cyber Security Centre (NCSC) has taken down more than 2,000 online coronavirus scams last month. The NCSC has created a new national reporting service where members of…

Read more →

Read the original article: Imperva Releases Seventh Annual Bad Bot Report; Uncovers Nearly A Quarter Of Overall Website Traffic Driven By Bad Bots Financial services industry hit hardest by bad bots, making up almost half of overall website traffic; Russia…

Read more →

Read the original article: New Phishing Scam Exploits COVID-19 Crisis To Spread TrickBot Malware – Comment From Security Expert Microsoft Security Intelligence has revealed that the TrickBot malware is being spread via a new phishing campaign that exploits the current…

Read more →

Read the original article: Hackers Prey On Streaming Services As More Britons Watch TV During The Lockdown With more people on furlough, home schooling and students unable to go to university, Britons are spending a lot more time using streaming services.…

Read more →

Read the original article: Malvertising Campaign Targeting Internet Explorer Users According to researchers, cybercriminals are adjusting their malvertising campaigns to adapt their malicious ads making them relevant to the COVID-19 crisis, including using website names appearing to host information related to…

Read more →

Read the original article: £2m Lost To COVID-19 Fraud And Google Blocking 18m COVID-19 Related Phishing Attempts – Experts Insight Following the announcement today that £2m has already been lost to coronavirus related fraud and Google’s blocking of 18 million phishing emails, please find…

Read more →

Read the original article: UK Government To Launch Virtual Parliament – Cybersecurity Expert Reaction As reported by BBC News, plans to allow MPs to take part in some parliamentary business virtually have been approved by the body responsible for administration in…

Read more →

Read the original article: Clearview AI Leaves Internal Data Exposed Including 70,000 Videos Of Residential Building – Expert Insight Clearview AI, the facial recognition startup, has left a misconfigured server exposed, which included data of the company’s internal files, apps…

Read more →

Read the original article: $25 Million Worth Of Cryptocurrency Stolen By Hackers – Expert Insight Hackers have stolen more than $25 million in cryptocurrency from the Uniswap exchange and the Lendf.me lending platform. With both attacks taking place over the…

Read more →

Read the original article: Google Says It’s Blocking Millions Of COVID-19 Phishing & Spam Emails – Expert Reaction VentureBeat and ZDNet reported this afternoon that Google’s saying it blocked 18 million COVID-19 themed phishing emails last week. The blocked COVID-19 phishing emails targeting…

Read more →

Read the original article: Why COVID-19 Budget Cuts Shouldn’t Include IT Security Spend – Expert Source IT leaders and managers are moving beyond business continuity, evaluating budget cuts and tighter spending controls to help weather the COVID-19 crisis and the…

Read more →

Read the original article: Cybersecurity Specialist On Banks See Spike In Cyber Attacks As the impact of COVID-19 leads cybercriminals away from attacking targets in the healthcare and retail sectors, it seems their attentions have been turned to financial institutions…

Read more →

Read the original article: Wappalyzer Breach – Expert Insight Following the news that tech company Wappalyzer has disclosed a security incident this week after a hacker began emailing its customers and offering to sell Wappalyzer’s database for $2,000, “If you…

Read more →

Read the original article: Expert Insight On Slack Phishing Attacks Using Webhooks AT&T Alien Labs recently conducted research into how webhooks in Slack can lead to some pretty convincing phishing attacks. The ISBuzz Post: This Post Expert Insight On Slack Phishing Attacks…

Read more →

Read the original article: Reducing The Security Risks Of Mobile Technology To Improve Patient Care It’s hard, if not impossible, to think of a time when more attention has been paid to healthcare. While the government and the National Health…

Read more →

Read the original article: Expert Comment: TikTok Vulnerability Enables Hackers To Show Users Fake Videos In response to a new report that reveals hackers are exploiting a security weakness in TikTok and planting fake videos in users’ feeds that appear to come from…

Read more →

Read the original article: TikTok Flaw Allows Threat Actors To Plant Forged Videos In User Feeds ThreatPost has reported that a security weakness in the popular TikTok video-sharing service allows a local attacker to hijack any video content streamed to…

Read more →

Read the original article: COMMENT: Privacy Experts Fear A Boom In Coronavirus Surveillance As federal and state officials scramble to fight the novel coronavirus pandemic, experts are sounding alarms about the potential danger of increased surveillance programs they say could…

Read more →

Read the original article: Comment: Microsoft Battles 3 Zero Days Under Active Exploit In April’s Patch Tuesday Microsoft has released its April 2020 Patch Tuesday security updates, its first big patch update released since the work-from-home era truly got underway.…

Read more →

Read the original article: US Issues Guidance On North Korean Hackers, Offers $5M Reward – Expert Comment The U.S. government has issued guidance on North Korean hacking activity in a joint advisory published by the U.S. Departments of State, Treasury,…

Read more →

Read the original article: Cybersecurity Expert Comments On Zoom And The Importance Of Security Zoom is making rapid security changes after being banned from a number of high-profile businesses including Siemens, SpaceX and Standard Chartered following high-profile criticism from the…

Read more →

Read the complete article: b’Expert On News: Phishing Kit Prices Skyrocketed In 2019 By 149%’ This post doesn’t have text content, please click on the link below to view the original article.   Advertise on IT Security News. Read the…

Read more →

Read the complete article: b’Energy Giant Energias De Portugal (EDP) Hit By Ransomware Attack \xe2\x80\x93 Expert Comments’ This post doesn’t have text content, please click on the link below to view the original article.   Advertise on IT Security News.…

Read more →

As reported by BleepingComputer,  over 500,000 Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free. These credentials are gathered through credential stuffing attacks where…

Read more →

In response to a new report that indicates credit card thieves are targeting WordPress e-commerce sites powered by WooCommerce with a dedicated JavaScript-based card-skimmer malware, a security awareness expert offers perspective. The ISBuzz Post: This Post Security Awareness Expert On New E-skimmer…

Read more →

Check Point’s researchers highlight Yahoo! as most imitated brand for email-based phishing, and Netflix as the most imitated for mobile-based phishing attempts  Check Point Research has published its new Brand Phishing Report for Q1 2020, highlighting the brands which were…

Read more →

As reported by BBC News, the UK has confirmed plans for an app that will warn users if they have recently been in close proximity to someone suspected to be infected with the coronavirus. NHSX – the health service’s digital innovation…

Read more →

It has been reported that security researchers have uncovered multiple XSS vulnerabilities in TAO, an open source assessment platform. Researchers discovered the ‘medium’ severity vulnerabilities after examining the community edition of TAO, an employee training and assessment tool. The ISBuzz…

Read more →

Phishing scammers have started to impersonate President Trump and Vice President Mike Pence in emails that distribute malware or perform extortion scams. In phishing emails discovered by an email security firm called Inky, threat actors try to impersonate the White…

Read more →

In response to a recent vpnMentor report that revealed RigUp experienced a data breach compromising more than 70,000 private files belonging to its US energy sector clients, a cybersecurity expert offers perspective. The ISBuzz Post: This Post Expert Comment: RigUp…

Read more →

Today, cybercriminals have the capacity and resources to carry out mass-targeted attacks that can inflict a great deal of destruction on an organisation. With these sophisticated skills and a growing number of solutions available to them, it is possible for…

Read more →

Dark Reading recently wrote about cybercriminals increasingly relying on SSL certificates to lull people into a false sense of security when clicking malicious links. The assumption that HTTPS links and the accompanying lock icon protect employees from an attack can…

Read more →

According to reports, phishing scammers have started to impersonate President Trump and Vice President Mike Pence in emails that distribute malware or perform extortion scams. In phishing emails discovered by email security firm Inky, threat actors try to impersonate the…

Read more →

To avoid exposing their stores to Magecart attacks and to remain PCI compliant, Visa is urging merchants to migrate their online stores to Magento 2.x before the Magento 1.x e-commerce platform reaches end-of-life (EoL) in June 2020. #Visa urges merchants to migrate…

Read more →

The BBC and Twitter moved quickly yesterday to remove a fake account impersonating the corporation’s Breaking News Twitter page, but not before it had managed to spread an untrue story about the health of UK Prime Minister Boris Johnson. The…

Read more →

According to Javelin’s 2020 Identity Fraud Report, financial institutions’ methods to identify and respond to fraud are no match for criminals’ high-tech schemes to hijack consumer accounts. Fraud losses grew 13 percent in 2019 to $16.9 billion even as instances of…

Read more →

We seem to be blasé about our use of personal information in the modern world and share data freely with one and all with little regard to any possible consequences. There are more than 100 million Alexa devices in our…

Read more →

We are living in a world in which we have either embraced technology, or we have been forced to use it (an example her is online banking) – and of course, we also may accept that, today in the majority…

Read more →

Malicious cyber actors are taking advantage of the mass move to home working by exploiting a variety of publicly known vulnerabilities in VPNs. By taking advantage of these vulnerabilities, hackers could gain access to sensitive corporate files by breaching someone’s…

Read more →

Google is delaying a Chrome security update to minimize disruption while people are forced to work remotely, according to TechRadar. Back in February, Google started to implement an important change to limit the functionality of third-party cookies in Chrome. Launched…

Read more →

In a report published today (http://blogs.360.cn/post/APT_Darkhotel_attacks_during_coronavirus_pandemic.html), Qihoo 360 made it public that it detected an APT attack that delivers malicious files through hijacked security services of a domestic VPN provider. They have reported the vulnerability details to the service provider…

Read more →

Over the weekend there was news that developers and medical experts across Europe are looking to launch opt-in apps that they say will help health officials stem the spread of the virus while protecting personal privacy. The ISBuzz Post: This…

Read more →

Following the news around the UK government considering plans to use the NHS contact-tracing app to boost social distancing, CTO leading data privacy experts company offers the following comment. The ISBuzz Post: This Post Privacy Expert On UK Govt Considering Plans…

Read more →

It has been reported that INTERPOL (the International Criminal Police Organisation) has warned that cybercriminals are increasingly attempting to lockout hospitals out of critical systems by attempting to deploy ransomware on their networks despite the currently ongoing COVID-19 outbreak. The ISBuzz Post: This…

Read more →

Over the weekend, it was reported that Schools in New York City are moving away from using the video conference app Zoom after a review of security concerns. The city’s Department of Education is directing schools to “move away from…

Read more →

With cyber criminals threatening to hold hospitals to ransom and the increased threat of criminals using the Coronavirus outbreak to launch online attacks, individuals and businesses need to ensure they are protecting their personal data and are dedicated to all…

Read more →

Cybercriminals are bundling malware inside installers of video-conferencing application Zoom in an effort to lure victims into unwittingly infecting their computers with malicious software. The ISBuzz Post: This Post Expert Advise On Cyber Criminals Are Bundling Malware Inside Zoom Installers…

Read more →

It has been announced that the Italian email provider Email.it and now the data of more than 600,000 users is being sold on the dark web. The ISBuzz Post: This Post Email.it Data Breach Exposes 600,000 Users – Expert Commentary…

Read more →

Attackers are taking advantage of the increased popularity of the Zoom video conferencing service to distribute installers that are bundled with malware and adware applications. Today, TrendMicro reports that they have found a Zoom Installer being distributed that will also install a cryptocurrency…

Read more →

The Key Ring app data leak has exposed 44 million images uploaded by users – compromising data including government IDs, NRA membership cards, medical marijuana ID cards, credit cards with all the details. A misconfigured Amazon Web Services server owned by…

Read more →

Foreign state-sponsored hackers have launched a massive hacking operation aimed at Chinese government agencies and their employees. Attacks began last month, in March, and are believed to be related to the current coronavirus (COVID-19) outbreak. Chinese security-firm Qihoo 360, which…

Read more →

As reported by Forbes, ethical hacker Ryan Pickren has found seven zero-day vulnerabilities that enabled him to construct a kill chain, using just three of them, to hijack the iPhone camera successfully, or any iOS or macOS camera for that matter.…

Read more →

What lessons can be learned from reviewing how we manage cybersecurity and applying it to an anti-Coronavirus campaign? In recent years, some in the cyber world recognize that there is a lot to learn from the biological world when protecting…

Read more →

Computer hackers have attacked Italy’s social security website, forcing it to shut down on Wednesday just as people were starting to apply for coronavirus benefits, the head of the welfare agency said. The ISBuzz Post: This Post Expert On News:…

Read more →

It has been reported that online threats have risen by as much as six-times their usual levels over the past four weeks as the COVID-19 pandemic provides new ballast for cyber-attacks, according to security researchers. The ISBuzz Post: This Post Expert Reaction…

Read more →

World Backup Day is an annual reminder for both individuals and businesses to back up important data, but also to test recoveries. It is also a good time to assess your backup strategy because data management is at an inflection…

Read more →

Threatpost is reporting 44M Digital Wallet Items Exposed in Key Ring Cloud Misconfig due to unsecured AWS S3 buckets. Key Ring allows users to upload scans and photos of membership and loyalty cards onto a digital folder on one’s phone; however, many users also…

Read more →

The FBI has just issued a warning about the growing threat of hackers targeting remote education platforms as schools and universities are forced online by COVID-19. Malicious actors are now escalating the intensity of their attacks, posting student information online to help…

Read more →

In response to a Reuters report that discusses hackers working in the interests of the Iranian government have attempted to break into the personal email accounts of staff at the World Health Organization during the coronavirus outbreak, an expert from KnowBe4 offers perspective.…

Read more →

COVID-19 has driven the global workforce to examine some of the longest-held aspects of workplace culture – working in a physical office. Recently, many businesses have been encouraging employees to work from home to safeguard business continuity. As such, businesses…

Read more →

With no vaccine yet developed, and with much of the world undergoing intense social distancing measures and near-total lockdown procedures, threat actors are flooding cyberspace with emailed promises of health tips, protective diets, and, most dangerously, cures. Attached to threat…

Read more →

The FCA has today announced that it will relax rules around the use of selfies for identification purposes of customers. This is something of a shift for the FCA, and poses some challenges for FS organisations in ensuring that they correctly verify…

Read more →

In response to the recent Krebs On Security report that indicates a spear-phishing attack hooked a customer service employee at GoDaddy.com, the world’s largest domain name registrar, a cybersecurity expert offers perspective. The ISBuzz Post: This Post Security Awareness On GoDaddy Employee Phishing Scheme Jeopardized…

Read more →

The Zoom Windows client is vulnerable to UNC path injection in the client’s chat feature that could allow attackers to steal the Windows credentials of users who click on the link. When using the Zoom client, meeting participants can communicate with…

Read more →

There are lots of stories about the security around Zoom, BUT hackers are attacking more remote working tools than just Zoom, Ilia Kolochenko, Founder & CEO of web security company ImmuniWeb, warns. The ISBuzz Post: This Post Zoom Is Just The Tip…

Read more →

A company claiming to provide “the world’s most secure online backup” leaked metadata and customer information in over 135 million records after misconfiguring an online database, Infosecurity has learned. The trove included PII such as names, emails, phone numbers, business…

Read more →

As reported by Computer Weekly, Supermarket chain Morrisons has succeeded in its appeal to the Supreme Court against judgments that held it liable for an insider data breach caused by a disgruntled employee. The breach occurred in 2014 when payroll data on thousands…

Read more →

The FBI has re-issued the third warning about Kwampirs malware in the span on three months. The ISBuzz Post: This Post FBI Re-issues Warning About Kwampirs Malware appeared first on Information Security Buzz.   Advertise on IT Security News. Read the complete article: FBI…

Read more →

Data breaches in the healthcare industry have been accelerating during this pandemic with the latest total equaling 105 breaches affecting more than 2.5 million thus far in 2020 according to the Department of Health and Human Services. The ISBuzz Post: This Post…

Read more →

As reported by BBC News, videoconferencing app Zoom has come under fresh high-level scrutiny as its popularity soars during the coronavirus pandemic. New York’s attorney general has written to the firm raising concerns over its ability to cope with the rise…

Read more →

The Marriott International hotel chain has fallen victim to its second major data breach in as many years, after information of 5.2 million guests was accessed using the login credentials of two employees at a franchise property. Compromised information may…

Read more →

Since at least early December 2019, a mysterious hacker group has been taking over DrayTek enterprise routers to eavesdrop on FTP and email traffic inside corporate networks. In a report published on the blog of its network security division Netlab, Qihoo said its…

Read more →

As reported by ZDNet, video calling platform Houseparty has said it would pay a $1 million bounty to anyone who could unmask the entity behind what the company described as “a paid commercial smear campaign.” The company’s apparent anger comes after…

Read more →

It is estimated that ransomware generates an estimated annual revenue of $1 billion a year. This World Backup Day, Industry Leaders, are urging companies to take control and back up their data. The ISBuzz Post: This Post Expert Advise On World Backup…

Read more →

The global pandemic is challenging the world to creatively and intelligently adapt to rapid change. People and organizations must define their new normal while adjusting to sweeping modifications such as social distancing and extensive remote work. For IT leaders, there…

Read more →

In response to findings from insurer Chubb that 2019’s ransomware attacks are already outpacing 2018, cybersecurity experts with diverse backgrounds commented below. The ISBuzz Post: This Post Experts Insight On Chubb Ins. Reports 2019 Ransomware Attacks Outpacing 2018 appeared first…

Read more →

It has been reported that there is currently an unpatched security vulnerability affecting iOS 13.3.1 or later which prevents virtual private networks (VPNs) from encrypting all traffic and can lead to some Internet connections bypassing VPN encryption to expose users’ data…

Read more →

Social distancing is a term applied to certain actions that are taken by Public Health officials to stop or slow down the spread of a highly contagious disease such as COVID-19. Out of an abundance of caution and following the…

Read more →

According to Bleeping Computer, the Ryuk Ransomware operators continue to target hospitals even as these organizations are overwhelmed during the Coronavirus pandemic. The ISBuzz Post: This Post Security Experts Re: Ryuk Ransomware Targets Hospitals appeared first on Information Security Buzz.…

Read more →

Privacy experts have branded a planned NHS coronavirus tracking app ‘Orwellian’, but say it may be necessary for the country to survive the pandemic, according to an article in the Daily Mail. No specific details of the ‘opt-in’ app have been revealed but it…

Read more →

A hacker has threatened to ‘leak everything’ about the graphics source code for the Xbox Series X console, according to T3. While Microsoft has revealed much about the console since it was unveiled last year, including the hardware specs in…

Read more →

A malicious USB device and letter was sent out that was in the guise of a gift card for Best Buy where users were thanked for being customers and the USB device supposedly had gifts customers could choose from up…

Read more →

The emerging cybersecurity threats targeting telemedicine and healthcare organisations in the wake of the coronavirus pandemic. Bindu explores the issue below and offers advice on what precautions to take in order to prevent cyber-attacks of this nature. The ISBuzz Post:…

Read more →

Watford Community Housing (WCH) sent out an unencrypted spreadsheet with 3,544 rows of personal information on its tenants, including names, addresses, dates of birth, religion, sexual orientation, ethnic origin and disability status.  It’s not yet been confirmed if any of these…

Read more →

It has been reported that a Chinese cyberespionage group has been attacking organizations worldwide by exploiting vulnerabilities in popular business applications and devices from companies such as Cisco, Citrix and Zoho. In light of the ongoing COVID-19 crisis, the risk…

Read more →

Researchers yesterday published the discovery of a serious breach in an open Amazon S3 bucket owned by secure cloud storage provider Data Deposit Box.The leak exposed detailed information about 270,000 private files uploaded by customers through the company’s secure cloud…

Read more →

Reuters broke the story late yesterday that elite hackers tried to break into the World Health Organisation earlier this month. The ISBuzz Post: This Post Hackers Tried To Break Into The World Health Organisation – Expert Comments appeared first on Information Security…

Read more →

It has been reported that Kimchuk, a medical and military electronics maker, has been hit by data-stealing ransomware. The manufacturer, which builds electronics for medical equipment, telecoms systems and energy grids, also makes nuclear modules for the Navy, work that often requires security…

Read more →

Accounts pushed hundreds of tweets advertising a sketchy mask website on Tuesday, according to Vice. Hackers have taken over a wave of Twitter accounts to aggressively advertise a website that claims to be selling face masks and toilet paper during…

Read more →

DCMS has released its annual Cyber Security Breaches Survey, which found that – while threats have become more frequent – ransomware has decreased. The ISBuzz Post: This Post DCMS Cyber Security Breaches Survey – Commentary appeared first on Information Security Buzz.…

Read more →

It has been reported that hackers have breached the website of Tupperware, a US company known for its plastic food container products, and placed malicious code on its website to collect payment card details from site buyers. The malicious code…

Read more →

Latest research from Neustar reveals across-the-board growth in attacks of all sizes Neustar, Inc., a global information services and technology company and leader in identity resolution, announced that its Security Operations Center (SOC) saw a 168% increase in distributed denial-of-service…

Read more →

It’s being reported that a new cyberattack is hijacking router’s DNS settings so that web browsers display alerts for a fake COVID-19 information app from the World Health Organization that is the Vidar information-stealing malware. For the past five days, people have been reporting their…

Read more →

As reported by the Independent, Facebook could stop people from forwarding messages to too many people in an attempt to stop the spread of misinformation about coronavirus. The company is testing a new feature for Messenger that only allows messages to be…

Read more →

The government has just released its annual cybersecurity breaches survey – see here. Unsurprisingly, phishing remains the biggest threat, with 86% of breached companies listing it as their most common cause of a breach, up from 72% in 2017. The ISBuzz…

Read more →

The Covid-19 salvage plan includes the provision of ImmuniWeb solutions totaling $500,000 for eligible entities and an extended version of free Community Edition for everyone. ImmuniWeb has decided to support businesses and public sector organisations most in need amid the…

Read more →

Social distancing is a term applied to certain actions that are taken by Public Health officials to stop or slow down the spread of a highly contagious disease such as COVID-19. Out of an abundance of caution and following the…

Read more →

With Russia once again being in the news for spreading disinformation regarding COVID-19, cyber threat intelligence advisor commented below. The ISBuzz Post: This Post Cyber Threat Intelligence Advisor On More Misinformation From Russia Around COVID-19 appeared first on Information Security…

Read more →