Category: Industry News – HOTforSecurity

Read the original article: Attackers Try to Deploy Remcos Malware with COVID-19-related Messages A new phishing campaign targeting U.S. users is trying to deploy Remcos, a powerful trojan that allows an attacker to gain full control of a victim’s computer,…

Read more →

Read the original article: HMRC Removes 292 COVID-19 Phishing Websites in Less Than 2 Months Governments across the globe have been struggling to block the ongoing fraud attempts and attacks that have proliferated amid the coronavirus lockdown. According to official…

Read more →

Read the original article: Ransomware Operators Hit Major Healthcare Supplier in Europe as COVID-19 Continues to Take Lives Ransomware attackers have breached Europe’s largest private hospital operator, affecting not just its European branches, but every part of the company’s operations…

Read more →

Read the original article: Phishing Campaign Targets FINRA in Search for Microsoft Office or SharePoint Credentials A new phishing campaign is targeting members of Financial Industry Regulatory Authority (FINRA), with emails purporting to be from FINRA officers. The goal is…

Read more →

Read the original article: US and UK Cyber Security Agencies Warn of APT Attacks against Healthcare Organizations An advisory from the US Department of Homeland Security (DHS) Cybersecurity, the Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre…

Read more →

Read the original article: Wii, N64, and GameCube Source Codes Leak Online A massive data leak is hitting Nintendo as source code, demos, videos and other content for Wii, N64 and GameCube become available online, following the publishing of a…

Read more →

Read the original article: CAM4 Data Leak Exposes Personal Data of Millions of Users The digital world is once again tainted by a highly sensitive data leak that puts millions of users at risk of blackmail attempts, identity theft and…

Read more →

Read the original article: New Trickbot Campaign Uses Fake Emails from U.S. Department of Labor A new campaign is targeting people with messages that seem to come from the U.S. Department of Labor (DoL), trying to trick them into opening…

Read more →

Read the original article: Tesla Data Leak: Pre-Owned Vehicle Infotainment Components Store Owners’ Personal Details and Passwords According to white hat hacker GreenTheOnly, Tesla forgot to wipe personal information of customers from previously used infotainment and Autopilot hardware.The discovery came…

Read more →

Read the original article: Microsoft Teams Phishing Attack Wants Your Office 365 Credentials A phishing attack using a notification from Microsoft Teams in an effort to trick people into revealing their credentials is spreading through emails that use convincing content.…

Read more →

Read the original article: Privacy issues in Australia’s SkillSelect platform may have exposed personal information of 700,000 aspiring migrants Personal details of more than 700,000 migrants and hopeful immigrants to Australia may have been exposed in a data breach concerning…

Read more →

Read the original article: Cybercriminals are using Google reCAPTCHA to hide their phishing attacks I doubt any of us would claim to be fans of CAPTCHA – the puzzles that a website asks you to complete to prove if you’re…

Read more →

Read the original article: Twitter Users, Say Goodbye to Old-Fashioned SMS Tweets In a bid to keep user accounts safe, Twitter has decommissioned SMS-based tweeting in most countries around the globe. The social media platform did not specify which countries…

Read more →

Read the original article: Pirated Movies Are Used to Distribute Malware People in lockdown are watching more movies and TV shows, and some users are getting their content from pirate streaming services and torrents. It turns out that attackers are…

Read more →

Read the original article: Cybercriminal are using Google reCAPTCHA to hide their phishing attacks I doubt any of us would claim to be fans of CAPTCHA – the puzzles that a website asks you to complete to prove if you’re…

Read more →

Read the original article: Bitdefender Identifies Tens of Thousands of Phishing Emails Targeting South African Customers Bitdefender identified a new phishing campaign directed at the Standard Bank of South Africa, with tens of thousands of malicious emails sent in April.…

Read more →

Read the original article: Treasure Trove of Covid-19 Protective Gear and Medical Supplies Selling on Dark Web Markets Over the past month, criminals have continued to leverage the high demand medical supplies, plaguing the digital world with fake coronavirus-related items…

Read more →

Read the original article: A Single Phishing Email Can Cost a Small Business $100K – Here’s How to Protect Your Office Against Fraud Phishing and business-email-compromise (BEC) schemes are on the rise, causing losses in the $50,000 to $100,000 range…

Read more →

Read the original article: Epic Games Stores to Require 2FA when Claiming Free Games Epic Games announced that two-factor authentication (2FA) will now be required periodically for people who claim free games from April 28 to May 21. The reasons…

Read more →

Read the original article: Two European Usenet Providers Announce Data Breach and Blame Anonymous Third-Party Company The network systems of UseNeXT and Usenet.nl, two popular Usenet providers, have recently experienced a major data breach that may have led to the…

Read more →

Read the original article: New Research Shows 20% Spike in Fraud as Digital Behavior Shifts Amid COVID-19 Pandemic New data showing the impact of the COVID-19 crisis on online fraud in the first quarter of 2020 shows that 26.5% of…

Read more →

Read the original article: Shade Ransomware Groups Shuts Down Operation and Releases Decryption Keys The group behind the Shade ransomware has closed up shop and distributed around 750,000 decryption keys, along with decryption software, apologizing to everyone that was affected…

Read more →

Read the original article: Lack of Basic Security Measures on Sheffield’s ANPR System Exposes 8.6 Million Records of Vehicle Movements and License Plate Numbers Earlier this week, security researcher Chris Kubecka and freelance writer Gerard Jannsen stumbled upon a major…

Read more →

Read the original article: Smart Parking Meter Company Hit by Sodinokibi A company named CivicSmart from Milwaukee that’s selling smart parking meters was hit by Sodinokibi ransomware, and the attackers manage to steal a large amount of data which they…

Read more →

Read the original article: Cybercriminals Leak ExecuPharm Internal Documents After Ransomware Attack A successful ransomware attack was deployed on March 13 against ExecuPharm, a subsidiary of the U.S. Biopharmaceutical giant Parexel, according to a recent announcement made by the company.…

Read more →

Read the original article: WHO Admits to Leaked Credentials, Says Number of Cyber Attacks Increased Fivefold The World Health Organization (WHO) admitted that around 450 active credentials were leaked online last week and noted that the number of cyberattacks directed…

Read more →

Read the original article: Medical Information of 233,000 Individuals Exposed after Genetic Testing Lab Hack As the tab for security incidents in 2020 remains open, cybercriminals are diligently looking for new ways to attack and capitalize on valuable healthcare information.…

Read more →

Read the original article: Nintendo Confirms that 160,000 Accounts Were Compromised Nintendo admitted that around 160,000 accounts have been compromised through the Nintendo Network ID (NNID) system. The company announced that the NNID system was disabled, at least for now.…

Read more →

Read the original article: Zoom Phishing Campaign Tricks People into Revealing Login Credentials A new Zoom phishing campaign preys on people’s fears related to job security, tricking them into revealing credentials that criminals can abuse in a variety of ways.…

Read more →

Read the original article: How to Block the “Sindhi Text Bomb” on iOS Apple has made quite a few headlines these past couple of days, including one of a particularly annoying – and potentially dangerous – crashing bug. The Sindhi…

Read more →

Read the original article: US Law Enforcement Takes Down COVID-19-related Online Malicious Campaigns The Department of Justice cooperated with several private companies and internet domain providers and registrars to disrupt hundreds of websites and malicious campaigns that tried to exploit…

Read more →

Read the original article: Heineken freebies: Scammers resurrect an old phishing scam to steal your personal data Amid stay-at-home orders, many companies have come to aid consumers with goodies and free deliveries, and sometimes they’ve even surprised customers with freebies…

Read more →

Read the original article: Apple: iOS Mail Bug Doesn’t Pose an ‘Immediate’ Risk to Our Users In a statement released today, Apple refutes claims made by a security firm that iOS suffers from a serious flaw that can allow bad…

Read more →

Read the original article: Text ‘bomb’ crashes iPhones, iPads, Macs and Apple Watches – what you need to know An innocent-looking message, containing characters in the Sindhi language, can cause your iPhone, Ipad, Mac, or even Apple Watch to crash…

Read more →

Read the original article: Email Credentials of WHO, The Gates Foundation, Other Leaked Online Around 25,000 email addresses and corresponding passwords belonging to the World Health Organization (WHO), the Gates Foundation, and a number of others organizations were leaked online.…

Read more →

Read the original article: Cyber Aware Campaign in the UK Asks for People’s Help and 83 Phishing Scams Get Shut Down The National Cyber Security Centre (NCSC) in the UK launched a suspicious email reporting service (SERS) to the public,…

Read more →

Read the original article: Stop Using Your iOS Mail App Now! Here’s What You Need to Know About the Scary Flaw Just Discovered (and How to Stay Safe) Reports are coming in that the stock Mail application preloaded on iOS…

Read more →

Read the original article: FBI warns extortion scams are on the rise amid stay-at-home orders Amid the coronavirus lockdown and social distancing measures, cybercriminals have found new ways to continue their attacks against consumers worldwide. Making a quick buck has…

Read more →

Read the original article: Data Breach: Bad actor leaks 23 million account credentials from Webkinz children’s platform Over the weekend, ZDNet learned that nearly 23 million usernames and hashed passwords of the Webkinz World online children’s game platform were leaked…

Read more →

Read the original article: FBI Warns About People Sharing Security Information on Social Media The FBI issued a warning regarding a worrying social media trend, with seemingly innocuous activities that would give possible attackers information they could use to gain…

Read more →

Read the original article: U.S. Treasury anticipates surge in fraudulent attempts regarding Economic Stimulus Payments Last week, the United States government rolled out its highly anticipated Economic Impact Payments (EIP) for qualifying taxpayers. Since the beginning of March, the $2…

Read more →

Read the original article: Hackers Hit Los Angeles Suburb, Demand 100 Bitcoin Ransom Ransomware operatives have hacked the City of Torrance in the Los Angeles metropolitan area and are holding city systems ransom. The hacking group is threatening to leak…

Read more →

Read the original article: Some Users Lost Access to Their Nintendo Accounts The Nintendo accounts of an unspecified number of users were compromised in the past few days in an attack from an unknown vector, at least for now. In…

Read more →

Read the original article: Zoom-Bombing Attack Targets U.S. Government Meeting A Zoom bombing attack hit a U.S. government meeting that was held despite clear recommendations from the FBI not to use the software. Zoom has been struggling with this security…

Read more →

Read the original article: Have you accidentally received money through Venmo? It’s probably another scam. Old scams never die. They are simply repackaged or adapted. A skilled con artist always finds a way to dupe his victims. Digital wallet apps…

Read more →

Read the original article: A hackers’ dream payday: Ledf.Me and Uniswap lose $25 million worth of cryptocurrency The cryptocurrency industry has suffered a major loss over the weekend, after bad actors managed to steal more than $25 million worth of…

Read more →

Read the original article: Hackers Continue to Exploit Patched Pulse Secure VPN Flaws, CISA Warns The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning that bad actors are still exploiting a known vulnerability in a popular VPN…

Read more →

Read the original article: IT services giant Cognizant hit by Maze ransomware attack One of the world’s leading professional service companies, Cognizant, has confirmed that its systems have been hit by a ransomware attack. In a statement released on its…

Read more →

Read the original article: Canadian Authorities Email Private Details of 247 MS Zaandam Cruise Passengers Some 247 of the passengers aboard the cruise MS Zaandam that faced coronavirus infection are now having to deal with an entirely different problem that…

Read more →

Read the original article: Zoom Zero-Day Windows Vulnerability Selling for $500,000 A couple of zero-day Zoom vulnerabilities are reportedly for sale online, including one for Windows and one for macOS, with the asking price for the Windows one topping $500,000,…

Read more →

Read the original article: Wappalyzer reveals data breach after hacker disclosed incident to customers Wappalyzer, a company that specializes in software that uncovers technologies used on websites by detecting ecommerce platforms, web frameworks, server software and analytics tools, reported a…

Read more →

Read the original article: 49 crypto-wallet pickpocketing browser extensions booted from the Chrome web store Hackers have been using Google Ads to target unsuspecting cryptocurrency investors into installing malicious browser extensions, with the aim of stealing passphrases and private keys…

Read more →

Read the original article: Nemty Ransomware Gang Shuts Down Public Gig, Announces ‘Exclusive’ Business Model The ransomware-as-a-service business model has proven lucrative over the years, but not every hacking group is happy with it. At least not with the current…

Read more →

Read the original article: U.S. Government offers $5 million bounty for information on North Korean cyber criminals Yesterday, the U.S. Departments of State, Treasury, Homeland Security, and FBI released a joint report offering guidance on the emerging North Korean (previously…

Read more →

Read the complete article: b’April 2020 Patch Tuesday: Microsoft fixes 4 actively exploited zero-day bugs’ This post doesn’t have text content, please click on the link below to view the original article.   Advertise on IT Security News. Read the…

Read more →

Read the complete article: b’Portuguese Energy Company Hit with Ragnar Locker Ransomware; Attackers Demand $10 Million to Decrypt the Data’ This post doesn’t have text content, please click on the link below to view the original article.   Advertise on…

Read more →

Read the complete article: b’FBI Warns of Surge in Coronavirus-Related BEC Schemes and Advance Fee Frauds’ This post doesn’t have text content, please click on the link below to view the original article.   Advertise on IT Security News. Read…

Read more →

Read the complete article: Cyber security researchers uncover hidden backdoors and secret commands in 12,000 Android apps The use of mobile apps is a part of our daily routine, and anyone using a smartphone has downloaded and installed a variety…

Read more →

The coronavirus outbreak has opened new doors for bad actors and fraudsters attempting to profit off the health crisis. Scammers have shown no sign of fatigue over the past months, hitting consumers with a varied menu of tricks, ranging from…

Read more →

On April 10, Dutch police announced that they arrested a 19-year old suspect responsible for shutting down MijnOverheid.nl and Overheid.nl through planned DDos attacks on March 19. A frequently visited government information hub, Overheid.nl, offered Covid-19 emergency regulations and other…

Read more →

An unnamed source within Travelex disclosed to The Wall Street Journal (WSJ) that the company paid $2.3 million in Bitcoin in an effort to restore functionality to its systems following a ransomware attack. Travelex was hit with a ransomware attack…

Read more →

The list of companies and industries targeted by cybercriminals has grown steadily since March, and the newest addition is none other than the San Francisco International Airport (SFO). In a data breach notice sent to all airport commissions on April…

Read more →

SBTech, a provider of interactive sports betting solutions and services, has set aside up to $100 million to fix a mess left when a cybersecurity incident hit right in the midst of a merger. In a filing with the U.S.…

Read more →

A new piece of wiper malware is being distributed through warez sites, locking users out of their Windows computers after they unknowingly run the program. As reported by BleepingComputer’s Lawrence Abrams, the malware is apparently distributed through “download” sites that…

Read more →

Zoom disabled the file-sharing feature in its popular application after it found an undisclosed vulnerability that was endangering the security and privacy of the users. As the COVID-19 pandemic started to spread throughout the world, people and companies turned to…

Read more →

A leaky online database belonging to marketing and email delivery provider Maropost was found lacking minimum security measures, exposing 95 million email records belonging to their customers. Researchers from Cybernews stumbled on the unprotected database on a Google Cloud server…

Read more →

A security researcher found a possible exploit in Microsoft’s PowerPoint that would let an attacker run an application when the user simply hovers with the mouse over a link. By default, PowerPoint won’t open an application when the user hovers…

Read more →

Researchers have uncovered several shadowy sellers eager to capitalize on the quest for a treatment for COVID-19. Scared shoppers should be aware that these websites are only trying to get their attention to defraud them. Researchers from NormShield looked for…

Read more →

Microsoft Corp finally agreed earlier this week to acquire corp.com, a domain that poses security risks to Microsoft users due to a namespace collision issue. In February, security researcher Brian Krebs noted that the owner of corp.com was ready to…

Read more →

The National Cyber Security Centre, the UK’s independent authority on cybersecurity, has released practical advice for individuals and organizations on how to deal with coronavirus-related malicious cyber activity. In a joint announcement with the United States Department of Homeland Security…

Read more →

Bisq, a decentralized crypto exchange network, was forced to disable trading on Tuesday after the discovery of a critical security vulnerability. The open source peer-to-peer application allows Bitcoin aficionados to buy or sell digital currency anonymously in exchange for national…

Read more →

Scam emails and phishing campaigns are surging as the COVID-19 pandemic is taking hold on a global level. Bitdefender telemetry reveals that attackers are changing and diversifying their messages to reach as many people as possible. Most phishing campaigns follow…

Read more →

Facebook announced an interesting new limitation to WhatsApp with the clear goal of curbing the spread of false information related to COVID-19. While it’s difficult to dispute the benefits of having a messaging application with such a widespread user base,…

Read more →

The hidden dangers of the digital world are slowly becoming clear, revealing more than the traditional phishing email or malware attack. Bad actors are not just after our personal or financial information, — they’re also working hard to find new…

Read more →

Attempts to defraud consumers are on the rise, as scammers exploit the surge in online activity during the COVID-19 lockdown. Merchants are starting to suffer dramatic increases in COVID-19-related phishing activities, with stolen credentials released into the eCommerce payments chain,…

Read more →

A security researcher found 10 vulnerabilities in the HP Support Assistant application shipped with every laptop the company makes, from the officially dead Windows 7 up to the latest version of Windows 10. Many companies pre-install software on their laptops…

Read more →

Email.it, an Italian email provider, has recently confirmed that it was breached, confirming suspicions raised after an announcement posted by the NN Hacking Group on its Twitter account on April 5. Data stolen is said to contain private information on…

Read more →

Last week, the FBI announced that fraudsters are sending out bogus text messages offering stimulus checks or packages to loyal Costco customers. Consumers all across the U.S. should be aware that Costco Wholesale is not giving out stimulus checks or…

Read more →

NASA’s Security Operations Center (SOC) experts have issued a warning regarding  a growing trend toward phishing attempts, malware attacks, or just people accessing malicious sites. Many NASA employees have started to work from home, just like numerous other employees throughout…

Read more →

An investigation by Citizen Lab underlined a few security issues of teleconferencing application Zoom, on all platforms, and the company was quick to promise sweeping changes that would make Zoom more secure and transparent. Two major issues were brought up…

Read more →

As the cybercrime landscape continues to expand amid the Coronavirus pandemic, governments around the world have joined forces to fight the rising criminal activity. In a press release from April 6, Europol announced that a 39-year old man suspected of…

Read more →

New scams taking advantage of the current lockdown are popping up daily. According to Richmond Council leaders, fraudsters have a new trick up their sleeve – “fines” for not respecting social distancing measures. Following the UK’s government’s announcement informing citizens…

Read more →

An Elasticsearch database holding 42 million records of Iranian Telegram users was found on the web, for anyone to access. The private data included phone numbers and user names, and it’s unclear how long it was exposed. Despite heavy restrictions…

Read more →

Zoom-bombing, the act of highjacking Zoom video conferences by sharing pornographic and hate images among other things, might seem like an annoying practice, but law enforcement is warning people that it’s actually a crime and perpetrators might end up in…

Read more →

The Firefox Internet browser received a critical patch from the Mozilla Foundation to fix a couple of actively exploited zero-day vulnerabilities that were endangering both regular users and institutions. Zero-day vulnerabilities in Internet browsers are dangerous because criminals and hackers…

Read more →

Five misconfigured Amazon Web Services (AWS) S3 buckets revealing private data of Key Ring users were discovered by vpnMentor researchers in January. Like many similar apps, Key Ring lets users store digital copies of their loyalty cards, create a shopping…

Read more →

The State of New York has decided to ban Zoom from city schools amid news of security and privacy concerns surrounding the popular videoconferencing software. “DOE staff and service providers should cease using Zoom as soon as possible,” Department of…

Read more →

Zoom has disabled a feature in its web conferencing software that allowed the company to secretly gather data and match the information with LinkedIn sources, giving some users the ability to identify participants in the conference without their knowledge. Following…

Read more →

Twitter recently warned users of a Mozilla Firefox bug that grants access to accounts’ non-public information to anyone using the device. “We recently learned that the way Mozilla Firefox stores cached data may have resulted in non-public information being inadvertently…

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) is advising companies, institutions and regular users to update their Google Chrome browsers to the latest version as soon as possible. Given the dominant position of Google Chrome in the Internet browser…

Read more →

A quick overview of data breaches from the healthcare industry in March 2020 reveals 26 security incidents added to the Health Insurance Portability and Accountability Act (HIPAA) Breach Reporting Tool. The HIPPA Breach notification Rule“requires covered entities to notify patients…

Read more →

A couple of zero-day vulnerabilities found in the MacOS version of the Zoom video conferencing application could let attackers elevate their rights to root or to gain access to the microphone and camera. Just a couple of days ago, Zoom…

Read more →

Due to the troublesome spread of coronavirus-themed scams and malware attacks, the U.S. Department of Justice (DOJ) launched a nationwide campaign to detect, inhibit and punish any fraudulent or malicious online activity. “It is essential that the Department of Justice…

Read more →

The Zoom video-teleconferencing app seems to be everywhere today, as people turn to an online environment for classes, events, meetings or even a good-old-fashioned family dinner. Recent events have pushed school staffers to reunite with students virtually, as online classes…

Read more →

A security breach has exposed the personal information of more than 5 million guests that found comfort at the Marriott Bonvoy Hotel, according to an incident notification issued by Marriott yesterday. What Happened? In a statement, the company said guest…

Read more →

As the number of coronavirus infections continues to rise, we are becoming more dependent on video chat apps to connect with family, friends and coworkers. There’s never been a better time for face-to-face social networks to shine, and the Houseparty…

Read more →

A database containing the private information of Georgian citizens is up for grabs on a dark web forum. Researchers from Under the Breach stumbled on the data leak over the weekend, and reported that it contained 4,934,863 entries. Full names,…

Read more →

After reports that the Zoom app on iOS was sending details about the users’ devices to Facebook, even if they had no Facebook account, the company announced that it removed the Facebook SDK from the application. The Facebook SDK sends…

Read more →

As Covid-19 continues to wreak havoc globally, companies are keeping their employees at home. To ensure compliance and stay atop security standards, teleworkers have to patch into their company’s infrastructure using remote desktop protocol (RDP) and virtual private networks (VPN).…

Read more →

Payments in cryptocurrency are not limited to extortionists who provide you their Bitcoin (BTC) wallets in their ‘contact info’. Adapting to the growing popularity, merchants around the world have added payment options that accept bitcoin or other types of cryptocurrency.…

Read more →