Tag: Industry News – HOTforSecurity

Read the original article: Fake Instagram follower services slapped with lawsuit Fake engagement sites use bots to follow Instagram accounts Social media influencers desperate for more fans fuel fake engagement industry Facebook has filed federal lawsuits against four individuals who…

Read more →

Read the original article: US Accuses Iran of Sending Threating Emails to Citizens in the Name of Proud Boys Iran sent threatening emails to Democratic voters in the US, emulating the right-wing group Proud Boys, according to a statement made…

Read more →

Read the original article: Hackers Breach Psychiatric Practice in Finland, Hold Patient Data to Ransom Hackers have breached a psychotherapy practice in Finland and are holding patient information to ransom, the victim company said in a notice this week. Vastaamo…

Read more →

Read the original article: Leaky Pharma Giant Database Exposes Personal Information of US Prescription-Drug Users Pharmaceutical giant Pfizer has been exposing private medical information of US prescription-drug users for months, according to vpnMentor’s cybersecurity research team. The sensitive data was…

Read more →

Read the original article: Montreal’s Public Transport Service Hit by Ransomware Attack Société de transport de Montréal (STM) has suffered a ransomware attack that crippled most of its computer systems, the public transport agency disclosed earlier this week. As of…

Read more →

Read the original article: NCSC Says GRU Operatives Attacked 2018 and 2020 Olympic and Paralympic Games The National Cyber Security Centre (NCSC) says that operatives of Russia’s GRU military intelligence service performed cyber reconnaissance directed at the 2020 Olympic and…

Read more →

Read the original article: NSA Walks IT Admins Through Common Vulnerabilities Exploited by Chinese State-Sponsored Hackers The US National Security Agency (NSA) has issued a cybersecurity advisory listing a range of vulnerabilities known to be recently leveraged by Chinese state-sponsored…

Read more →

Read the original article: Twitter 2020 Hack Caused by Fake VPN Login Page The investigative report of the infamous Twitter hack of July 2020 has revealed that the attackers used social engineering skills and phishing links to dupe remote Twitter…

Read more →

Read the original article: FBI Warns of 63 Spoofed Domains Impersonating the US Census Bureau Cybercriminals register fake US Census Bureau domains to dupe unsuspecting citizens to provide personal information and install malware, the FBI warns. In a flash alert…

Read more →

Read the original article: Albion Online gamers told to change passwords following forum hack Hacker exploited forum vulnerability, and offered stolen database for sale Players advised to change their passwords Sandbox Interactive, the developers of the free medieval fantasy video…

Read more →

Read the original article: Rapper Who Bragged About Defrauding US CARES Act Program Could Face Up to 22 Years in Prison A rapper who bragged about fleecing the US Pandemic Unemployment Assistance (PUA) on YouTube was arrested for allegedly defrauding…

Read more →

Read the original article: BBB Warns of Health Insurance Open Enrollment Scams With health insurance open enrollment season just around the corner, US consumers preparing to change or add to their health coverage should watch out for scammers, the Better…

Read more →

Read the original article: Having Saved Credit Card Details in Plaintext Since 2015, British Airways Is Fined £20 Million British Airways broke data protection laws, and failed to detect attack for more than two months Sensitive information left exposed with…

Read more →

Read the original article: Credit Card Details of 3 Million Dickey’s BBQ Customers Up for Sale on Dark Web Marketplace Bad actors are selling access to 3 million Dickey’s Barbecue Pit customer credit cards, cyber-security researchers disclosed earlier this week.…

Read more →

Read the original article: Zoom Is Finally Testing Full End-to-End Encryption Zoom finally announced that it’s starting to roll out end-to-end encryption (E2EE) for all users, marking a significant change in the security deployment of one of the most famous…

Read more →

Read the original article: Barnes & Noble Cyberattack May Have Exposed Personal Information of Shoppers Barnes & Noble has fallen victim to a cyberattack, which resulted in unauthorized access to company networks and exposure of customer information, the bookstore giant…

Read more →

Read the original article: Law Firm Seyfarth Shaw Hit by Apparent Ransomware Attack Seyfarth Shaw fell victim to a crippling malware attack over the weekend, the global law firm disclosed earlier this week. According to an official statement, unauthorized activity…

Read more →

Read the original article: Beware COVID-19 Charity Fraudsters, Warns the FBI Scammers have no qualms about exploiting the pandemic to steal from the unwary Don’t just look out for yourself, warn vulnerable friends and family of scams too From the…

Read more →

Read the original article: Norway Accuses Russia of Cyber Attack on Parliament Norway this week said it has reason to believe Russia was behind an August cyber attack targeting the email system of the country’s parliament, according to an AFP…

Read more →

Read the original article: COVID-19-Related Emails Remain Prevalent in Phishing Campaigns Coronavirus-related email subjects continue to dominate phishing campaigns, remaining the primary threat, with more than half of phishing emails containing some information related to the COVID-19 pandemic. Phishing campaigns…

Read more →

Read the original article: Morgan Stanley Receives $60 Million Fine for Improper Handling of Customer Data Morgan Stanley investment bank must pay a whopping $60 million fine for failing to properly decommission multiple business data centers that stored sensitive customer…

Read more →

Read the original article: CISA and FBI Observed APT Groups Targeting State Networks Related to US Election Systems The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued an advisory after spotting advanced persistent threat (APT) actors exploiting multiple…

Read more →

Read the original article: Prison Video-Calling Service Exposes Call Transcripts Between Convicts and Attorneys A security researcher has discovered a critical security lapse in a popular video visitation service for correctional facilities that exposed the call logs and transcriptions of…

Read more →

Read the original article: Personal and Medical Information of Children and Adults Stolen in DHS Data Breach Cyberattackers have managed to steal personal and medical information of children and adults involved in Child Protective Services (CPS) and DHS Division of…

Read more →

Read the original article: Massachusetts Public School District Cancels Online Classes after Alleged Cyberattack More than 60 Springfield Public Schools shut down remote learning after a cyberattack affected the school district’s IT network on October 8. Yesterday, the second-largest school…

Read more →

Read the original article: Tesla Fires Employee for Allegedly Sabotaging Operations at California-Based Factory Employees at the Tesla car-manufacturing plant in Freemont, California, have been informed by company officials that a former worker “maliciously sabotaged” operations at the factory last…

Read more →

Read the original article: Former Medical Transcriptionist Accused of Trying to Extort Toronto Hospital Using Stolen Patient Data Personal information of roughly 150 patients of Toronto-based St. Michael’s Hospital has been stolen in a data breach, allegedly by a former…

Read more →

Read the original article: FBI Warns Teleworkers of the Risks of Using Hotel Wi-Fi Networks With physical offices shifting to a virtual environment during the pandemic, most remote workers can work from anywhere – café, a hotel or even a…

Read more →

Read the original article: Emotet Is Back and It’s Targeting Local and State Governments, CISA Warns The Emotet botnet is picking up steam again, according to an advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA). The agency directly…

Read more →

Read the original article: COVID-19 Vaccine Trials Slowed Down by a Ransomware Attack eResearchTechnology, a company that offers clinical services and builds software used by the biomedical industry, was hit by a ransomware attack on September 20. Due to the…

Read more →

Read the original article: VISA Warns of POS Malware Campaigns in North America Visa Payment Fraud Disruption (PFD) has warned of a malware campaign targeting point-of-sale (POS) terminals, as cybercriminals have a clear strategy to steal card data. Credit card…

Read more →

Read the original article: FBI and CISA Warn of Spoofed Website Domains and Emails Exploiting the 2020 Election The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint warning to help Americans spot spoofed election-related…

Read more →

Read the original article: COVID-19 Exacerbated Existing Cybercrime Patterns, Europol Says Europol has published its seventh Internet Organized Crime Threat Assessment (IOCTA), the agency’s annual cybercrime report containing updates on the latest trends and effects of cybercrime in the European…

Read more →

Read the original article: CISA and DoD Warn of Sophisticated Threat Actor Wielding New SlothfulMedia Malware The US Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Defense (DOD) Cyber National Mission Force (CNMF) have revealed that new malware…

Read more →

Read the original article: Sisters of Charity Health System Informs Patients of Data Breach As the year unfolds, more victims of the Blackbaud data breach come forward. The Sisters of Charity Health System (SCHS) recently disclosed that intruders may have…

Read more →

Read the original article: Aussie Social News App Leaks 80,000 User Records Online A team of CyberNews researchers has disclosed that Snewpit, an Australian news-sharing platform, has leaked close to 80,000 users records. The exposed data housed in an unsecured…

Read more →

Read the original article: Fake npm Packages Found in GitHub Repository Security researchers discovered four vulnerable npm packages uploaded to GitHub that were capable of collecting the user’s IP address, geolocation and device hardware data. Not all attacks have a…

Read more →

Read the original article: Google Prepares Security Team to Investigate Third-Party Apps Google is preparing a new security initiative and building a new team with a single purpose — to investigate sensitive applications available through the Google Play Store. Google…

Read more →

Read the original article: Tennessee Man Sentenced to 17 Years in Federal Prison for Identity Theft and Fraud James Jackson, a 58-year-old resident of Memphis, Tennessee, has been sentenced to 17 years in federal prison for 13 counts of mail…

Read more →

Read the original article: Retail Giant H&M Fined More Than $41 Million for Breaching GDPR Regulations Hamburg’s data protection watchdog has fined a Hennes&Mauritz (H&M) subsidiary $41.4 million for violating stipulations of the European Union General Data Protection Regulation (GDPR).…

Read more →

Read the original article: More than 12 Data Points are Publicly Available on 60% of Internet Users With more than half the world now using social media and internet traffic increased 30%, new digital behaviors adopted during the coronavirus lockdown…

Read more →

Read the original article: Arthur J. Gallagher Insurance Brokerage Reports Cyberattack A ransomware incident forced international insurance and risk management giant Arthur J. Gallagher & Co. (AJG) to take its computer systems offline on Saturday, the firm has disclosed. In…

Read more →

Read the original article: Alleged Ransomware Attack Disrupts Medical Care at UHS Hospitals Across the US Universal Health Services (UHS), one of the largest hospital chains in the US, was hit by an apparent cyberattack over the weekend that disrupted…

Read more →

Read the original article: Hackers Steal $150 Million from Asian Cryptocurrency Exchange KuCoin, a Singapore-based cryptocurrency exchange, has disclosed a security incident that resulted in the unauthorized transfer of roughly $150 million in digital assets. In a notice published last week, KuCoin…

Read more →

Read the original article: Tyler Technologies’ Clients Urged to Reset Remote Network Passwords after Ransomware Attack Nearly a week has passed since Tyler Technologies announced a ransomware attack that disrupted its internal corporate network and phone systems. While the company…

Read more →

Read the original article: Town Sports International Data Breach Exposed Personal Information of 600,000 Members An unsecured server belonging to the popular Town Sports fitness chain has exposed over 600,000 customers and staff members’ personal information. Customer and employee records…

Read more →

Read the original article: Government Services Firm Tyler Technologies Hit by Ransomware Tyler Technologies, the self-proclaimed largest provider of US public sector software and technology services, is struggling with a cyberattack that disrupted many of its operations. As of yesterday,…

Read more →

Read the original article: Bad Actors Could Exploit US Mail-In Voting System, FBI and CISA Warn A joint statement released by the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday warns that foreign actors and cybercriminals are…

Read more →

Read the original article: Rogue Shopify Staff Accessed Customer Records, Says Ecommerce Platform Investigating Security Breach Members of Shopify’s support team abused access to company network Customer contact information and order details accessed FBI and international law enforcement agencies are…

Read more →

Read the original article: Eyewear Giant Luxottica Confirms Ransomware Attack Luxottica, the world’s largest eyewear manufacturer, has suffered a ransomware attack that forced the company to shut down operations. According to Italian media outlets, operations at Luxottica plants in Agordo…

Read more →

Read the original article: Europol: “The Hidden Internet Is No Longer Hidden, and Your Anonymous Activity is Not Anonymous” Europol this week has announced the arrest of 179 vendors of illicit goods on the dark web, in a coordinated operation…

Read more →

Read the original article: Dunkin’ Donuts Will Pay Over Half a Million Dollar Fine After Data Breach Lawsuit Dunkin Donuts has agreed to pay $650,000 as penalty settlement costs for the lawsuit over its failure to respond to credential stuffing…

Read more →

Read the original article: Ransomware attack foiled, but details of 540,000 sports referees still stolen by hackers Ransomware attack detected and blocked at ArbiterSports But not before sensitive data was exfiltrated Questions raised about how securely firm was storing passwords…

Read more →

Read the original article: Member of ‘The Dark Overlord’ Hacking Grouop Pleads Guilty, Gets Five Years Behind Bars The U.S. Department of Justice this week announced that a United Kingdom national by the name of Nathan Wyatt pleaded guilty to…

Read more →

Read the original article: UK National Cyber Security Centre Warns of Surge in Ransomware Attacks Targeting Education Institutions The UK National Cyber Security Centre (NCSC) has issued an alert to the academic sector regarding a surge in ransomware attacks targeting…

Read more →

Read the original article: Cyberattack on Ontario’s Nurses College May Have Compromised the Personal Information of Nearly 190,000 Individuals The College of the Nurses of Ontario (CNO) has recently announced that it has been dealing with a cyberattack that has…

Read more →

Read the original article: Patient Dies After Ransomware Attack on Düsseldorf Hospital According to reports, the network failure reported by Düsseldorf University Hospital (UKD) last week – which turned out to be a ransomware infection – has resulted in a patient dying.…

Read more →

Read the original article: U.S. Treasury Sanctions Russian Hackers for Stealing $17 Million in Crypto Cash This week, U.S. authorities sanctioned two Russian nationals for defrauding several cryptocurrency exchanges of a combined $17 million. The duo, who had several other…

Read more →

Read the original article: Staples Discloses Data Breach Exposing ‘Limited’ Customer Information US-based Office Superstore, Staples, has recently disclosed a data breach that exposed the order details of nearly 2,500 customers. “We recently learned of unauthorized access to a limited…

Read more →

Read the original article: Düsseldorf University Hospital Emergency Care Postponed After Alleged Cyber Attack Düsseldorf University Hospital (UKD) has suffered a massive network failure that forced the healthcare facility to deregister from emergency care and postpone outpatient treatments, hospital officials…

Read more →

Read the original article: Can You Crack Monero? IRS Offers $625,000 Bounty for Anyone Who Can Break Privacy of Cryptocurrency The IRS want to trace Monero transactions, which – unlike Bitcoin – are entirely private Cracking Monero could help the…

Read more →

Read the original article: US Department of Veterans Affairs Discloses Data Breach Impacting Nearly 50,000 Veterans The personal information of approximately 46,000 US veterans was compromised after unauthorized individuals gained access to a Financial Service Center application, the US Department…

Read more →

Read the original article: Seychelles Bank Doesn’t Know How It Got Infected with Ransomware Last Week The Development Bank of Seychelles (DBS) has suffered a ransomware attack that remains a mystery as to how it occurred, almost a full week…

Read more →

Read the original article: Over 1 Million Patients and Donors Impacted by Inova Health System Data Breach The aftermath of Blackbaud’s data breach continues to extend, with Inova Health System stepping forward as the latest victim of the ransomware incident…

Read more →

Read the original article: Maze Ransomware Operators Claim Fairfax County Public Schools as Latest Victim Fairfax County Public Schools (FCPS) is the latest US school division to be hit by a ransomware attack that disrupted some of its systems. “We…

Read more →

Read the original article: US Staffing Firm Artech Keeps Silent About Data Breach, Leaves Customers at Risk of Fraud for Eight Months Artech Information Systems, a minority- and women-owned diversity supplier and one of the largest IT staffing companies in…

Read more →

Read the original article: Cryptocurrency Exchange Eterbase Loses $5.4 Million to Hackers Overnight A group of hackers on Monday night compromised cryptocurrency exchange Eterbase and raided six hot wallets to steal $5.4 million in Bitcoin, Ethereum, XRP, Tezos, Algorand, and…

Read more →

Read the original article: Secure Your Zoom Account with Two-Factor Authentication 2FA makes Zoom video-conferencing accounts harder for hackers to compromise Users given option of app-based or SMS-based 2FA Admins can set 2FA policy for different user groups We’ve said…

Read more →

Read the original article: Travel Industry Giants Failed to Secure their Websites Despite High-Profile Data Breaches, New Research Shows Major airlines and hotel chains have failed to secure their online platforms even after previous data breaches and cyberattacks exposed information…

Read more →

Read the original article: Netwalker Ransomware Operators Want $4.5 Million from Data Center Giant Equinix The infamous Netwalker hacking group this week breached the security layers of data center giant Equinix and encrypted the data of its clients. A source…

Read more →

Read the original article: Pakistan’s Largest Power Supplier Hit by Netwalker Ransomware K-Electric, Pakistan’s largest power supplier, has been hit by a ransomware attack that disrupted multiple online services, including customer billing. The attack on the morning of September 7…

Read more →

Read the original article: More than 230 Million US Health Records Have Been Stolen or Lost in Past Decade The data breach phenomenon has been plaguing the US healthcare sector for more than a decade, with a 2,733% increase between…

Read more →

Read the original article: Opening Day for Hartford Public Schools Delayed After Ransomware Attack on Critical Network Systems The city of Hartford, Connecticut, was forced to delay the first day of school on Tuesday after a ransomware attack took down…

Read more →

Read the original article: Hackers Shame Newcastle University on Twitter After Infecting it with Ransomware A notorious ransomware gang has taken to Twitter to shame the UK’s Newcastle University after infecting its systems with data-crippling malware. The criminals are threatening…

Read more →

Read the original article: Ransomware Attack Halts Border Crossing for Four Hours in Argentina In a rare occurrence, ransomware operators have managed to halt border crossing into and out of Argentina for four hours after infecting the National Direction of…

Read more →

Read the original article: US Phone Service Exposes Millions of Messages Between Inmates and Their Friends and Families Telmate, a company that facilitates monitored inmate communications with the outside world, has exposed a large database containing tens of millions of…

Read more →

Read the original article: Teenager Arrested for Last Weeks’ DDoS Attacks on Miami-Dade Public School Network The launch of the Miami-Dade school year was abruptly interrupted last week by a series of DDoS attacks targeting school IT infrastructures and the…

Read more →

Read the original article: Warner Music Notifies Customers of Web-Skimming Attack; Personal and Financial Data Potentially Viewed by Cybercriminals US-based multinational entertainment and record label Warner Music Group has disclosed a web-skimming attack that may have let cybercriminals steal customers’…

Read more →

Read the original article: Hacker Steals $7.5 Million from Maryland Non-Profit by Compromising Employee’s Personal Computer A hacker stole $7.5 million from the endowment funds of The Jewish Federation of Greater Washington, a non-profit from Maryland in the US. Such…

Read more →

Read the original article: Data Breach at Roper St. Francis Hospital Affects 6,000 Patients Roper St. Francis Hospital (RSFH) has reported that 6,000 patients are directly affected by a data breach that allowed attackers to steal their medical records and…

Read more →

Read the original article: Feds Propose ‘911’ Emergency Call for Reporting Security Flaws; Experts Warn It’s Easier Said Than Done CISA drafts directive to create a vulnerability disclosure policy for government websites and apps Agency seeks to centralize the effort…

Read more →

Read the original article: Apple Notarized Malware by Mistake, Hackers Ran it Through Third-Party Website Notarized apps should be safe on macOS Threat actors try to deploy “approved” malware through website Apple revoked certificates, but malware is still up Apple’s…

Read more →

Read the original article: American Payroll Association Forgets to Patch Web Portal, Hackers Skim Credit Cards and Passwords Off Site   The American Payroll Association (APA), a professional association for individuals responsible for processing company payrolls, is warning clients of…

Read more →

Read the original article: DDoS Attacks Disrupt Miami-Dade Public Schools Virtual Learning Classes, Police Looking for Culprits • Miami-Dade County Public Schools (M-DCPS) have suffered daily DDoS attacks since school year’s launch • Students and teachers advised using alternative methods…

Read more →

Read the original article: Hackers Hijack Indian PM Narendra Modi Twitter Account Twitter account used to spread cryptocurrency scam Hackers deny that they have hacked Paytm Mall, India’s leading online shopping app A Twitter account posting tweets on behalf of…

Read more →

Read the original article: WordPress Websites Attacked via File Manager Plugin Vulnerability Websites are being hijacked by hackers exploiting plugin vulnerability Hackers password-protect compromised sites to keep out rival attackers At-risk websites advised to update WordPress File Manager plugin immediately.…

Read more →

Read the original article: Cybercriminals Target Norwegian Parliament; Email Accounts of Elected Members and Employees Compromised The Norwegian Parliament (Stortinget) has become the latest cyberattack victim, according to a statement released by administrative director Marianne Andreassen on September 1. The…

Read more →

Read the original article: Companies Can Build Accurate User Profiles from Online History, Mozilla Research Finds Users are sometimes tracked online despite no-track options Online profiles are accurate most of the time Large companies can build online profiles with little…

Read more →

Read the original article: Security Researcher Discovers Over 50,000 Scanned Driver’s Licenses Exposed on Unsecured Amazon Server A data leak containing 54,000 scanned New South Wales (NSW) driver’s licenses and various tolling notice statutory declarations were discovered by security researcher…

Read more →

Read the original article: Aggressive Adware Promised Free Stuff to Android Users Just to Stay Installed Aggressive adware apps invade tens of thousands of devices Operators designed the apps to run unhindered in the background Google removed all of the…

Read more →

Read the original article: Cybercriminals Make Millions Selling Stolen Fortnite Accounts, New Research Shows Thousands of stolen Fortnite accounts are selling like hotcakes in underground marketplaces, amassing around $1.2 million a year for cybercriminals, a new report shows. The Fortnite…

Read more →

Read the original article: Romance Scams Are on the Rise, FBI Warns The FBI is warning individuals who use online dating apps and platforms to watch out for scammers leveraging social distancing measures and defrauding unsuspecting victims of their hard-earned…

Read more →

Read the original article: Man-in-the-Middle Attack Makes PINs Useless for VISA Cards EMV protocol is vulnerable to a man-in-the-middle attack All VISA credit cards are affected VISA has to issue update for POS terminals Swiss security researchers have discovered a…

Read more →

Read the original article: REvil Ransomware Operators Claim Valley Health Systems as New Victim Valley Health Systems have been targeted by REvil ransomware operators, according to Cyble security researchers. The discovery was made during routine monitoring for data leaks when…

Read more →

Read the original article: COVID-19 Pandemic Drives Sharp Uptick in Misinformation, Fake Domains Half of cybersecurity professionals regard misinformation as a major threat to the enterprise 46% of organizations plan to improve their ability to react to misinformation and fake…

Read more →

Read the original article: US Military Personnel Actively Targeted By Cybercriminals; Over $350 Million in Reported Losses in the Past Five Years The most recent AtlasVPN research delves into fraud targeting US military personnel between 2015 and June 2020. In…

Read more →

Read the original article: FBI Arrests Russian ‘Tourist’ for Offering $1 million to US Employee to Plant Malware on Company Network Egor Igorevich Kriuchkov, a 27-year-old Russian national, was arrested by FBI after conspiring to bribe a US company employee…

Read more →

Read the original article: Unfixed Safari Bug Lets Attacker Steal Files Safari bug affects users sharing content Attackers can exploit the issue to steal files Details on the vulnerability are now public, Apple has no fix planned Security researcher Pawel…

Read more →

Read the original article: FTC Reports Over $118 Million in Losses Due to Coronavirus-Related Fraud Since the beginning of the pandemic, the Federal Trade Commission (FTC) has received over 175,000 consumer reports related to Covid-19 scams, totaling a whopping $118.81…

Read more →

Read the original article: Freepik Company Discloses Data Breach Affecting More Than 8 Million Users The Freepik Company has disclosed a data breach impacting the login information of more than 8 million Freepik and Flaticon users. According to a press…

Read more →