VPN services are available to iOS users, but they don’t seem to work as intended due to a bug in iOS that doesn’t allow all network connections to route through the VPN service as soon as it starts. ProtonVPN found…
Tag: Industry News – HOTforSecurity
Pay me or I’ll cough: Bad actors bully email recipients with new Covid-19 extortion scam
Cyber criminals hit a new low this month, proving once again that they’ll go to any lengths to extort their victims. This time around, it’s not just about ruining your reputation and disclosing a ‘dirty little secret’ to your friends…
Cybersecurity insurance firm Chubb investigates its own ransomware attack
A notorious ransomware gang claims to have successfully compromised the infrastructure… of a company selling cyberinsurance. The Maze ransomware group says it has encrypted data belonging to Chubb, which claims to be one of the world’s largest insurance companies, and…
Scammers Target U.S. Troops with Fake COVID-19 Tests
Scammers continue to piggyback on the COVID-19 Coronavirus scare with new tricks, this time targeting U.S. Army service members with phone calls requesting their personal information and promising a testing kit to check if they’re infected, according to the Military…
FBI Takes Down Russia-based Cyber Platform Selling Private Data and Contraband
The Federal Bureau of Investigation (FBI) took down the DEER.IO website, a known cybercrime platform based in Russia, along with Kirill Victorovich Firsov, its alleged administrator. When you hear of personal information stolen in data breaches and sold on the…
Cybercriminals move quickly in UK to abuse distress over Coronavirus pandemic
According to the UK’s National Fraud Intelligence Bureau (NFBI), criminals were quick to latch on to news of the novel Coronavirus outbreak, swindling £970,000 out of the pockets of UK citizens since February. The most recent alert shows an additional…
Canon Data Breach Affects General Electric’s Current and Former Employees
General Electric (GE) has revealed that a data breach at Canon Business Process Services (Canon), one of the company’s service providers, exposed details about GE employees, former employees, and other beneficiaries. Just because the world seems to have stopped to…
Flattening the curve: E-commerce is thriving and here’s what you need to consider
The practice of social distancing has already influenced our shopping patterns, as more and more consumers turn to the usage of e-commerce to fulfill their everyday needs. A recent study by TransUnion shows digital commerce has spiked 23% since the…
Hackers Try to Compromise WHO’s Infrastructure amid Pandemic
Hackers tried using a phishing campaign to steal login credentials of officials working for the World Health Organization (WHO) by setting up a fake website. Fortunately, their efforts were thwarted and no damage was done. One way to steal credentials…
Coronavirus Job Listings and Money Laundering Schemes
Criminals never cease to amaze us. If the recent outbreak wasn’t enough to fill your plate, picture yourself tricked into becoming a money mule for scammers feeding off the Covid-19 scare. Many people have had their lives turned upside down…
Stolen data of 538 million Weibo users for sale on the dark market
Personal information of more than 500 million Weibo users has been found for sale on the dark web, as reported by ZDNet and Chinese media. The bad actor claiming to have breached the famous Chinese social network last year posted…
Cyber-Attack Potentially Slows Down Development of Coronavirus Vaccine
A medical research company scheduled to test a potential vaccine for the Covid-19 Coronavirus has been hit with ransomware by Maze Team, the very hacking group that, just last week pledged to stop interfering with entities combating the Coronavirus pandemic.…
Free Netflix pass because of Coronavirus? It’s a scam
The public is being warned about fraudulent messages being shared on social media platforms that Netflix is offering free passes to its platform because of the Coronavirus pandemic. The messages, which have been seen spread across social networking sites and…
Microsoft Finds Adobe Type Manager Library Exploit Used in the Wild; Patch Incoming
A zero-day Adobe Type Manager Library exploit is now wielded in limited, targeted attacks against Windows users, technically allowing for remote code execution. The good news is that Microsoft knows about the problem, but the bad news is that a…
Fake Email from WHO Installs Malware
An email seemingly from the General Director of the World Health Organization, Dr. Tedros Adhanom Ghebreyesus, contains a new HawkEye malware variant, designed to steal valuable information from infected computers. The attackers are using the current Coronavirus epidemic to attract…
Don’t Fall for These COVID-19 Scams, FBI Warns
The FBI has warned that scammers are using email scams to capitalize on the coronavirus scare, including messages purporting to be from national authorities like the Centers for Disease Control and Prevention. “Scammers are leveraging the COVID-19 pandemic to steal…
Fake Email from WHO Installs Malware
An email seemingly from the General Director of the World Health Organization, Dr. Tedros Adhanom Ghebreyesus, contains a new HawkEye malware variant, designed to steal valuable information from infected computers. The attackers are using the current Coronavirus epidemic to attract…
Don’t Fall for These COVID-19 Scams, FBI Warns
The FBI has warned that scammers are using email scams to capitalize on the coronavirus scare, including messages purporting to be from national authorities like the Centers for Disease Control and Prevention. “Scammers are leveraging the COVID-19 pandemic to steal…
Data breach at online guitar lesson platform may have exposed user credit card information
TrueFire, a leading online guitar-tutoring platform, has suffered a “Magecart-style” security incident that may have exposed customers’ personal identifiable information and credit card numbers. The facts The data breach was discovered on January 10, when the company noticed that an…
One Hacking Group Promises to Stop Attacking Medical Units Until COVID-19 Cools Down
Perhaps they want to avoid provoking the white-hot rage of an already wounded public. Or maybe they’ve realized their victims can’t pay. Or, just possibly, some black hats do have a smidgen of ethics. At least in grim times like…
Hacking Group Promises to Stop Attacking Medical Units Until COVID-19 Cools Down
Perhaps they want to avoid provoking the white-hot rage of an already wounded public. Or maybe they’ve realized their victims can’t pay. Or, just possibly, some black hats do have a smidgen of ethics. At least in grim times like…
Maze Ransomware Continues to Hit Healthcare Units amid Coronavirus (COVID-19) Outbreak
The infamous Maze Team has struck again, this time infecting an urgent walk-in care center in Texas with its system-crippling ransomware. Sticking to its traditional modus operandi, the hacking group is threatening to leak the caregiving unit’s patients’ data if…
Europol Arrests SIM Swappers in Spain, Austria and Romania
Police across Europe have been ramping up operations against two new SIM swapping operations, resulting in the arrest of 26 individuals accused of stealing more than $3 million from unsuspecting victims. In January, investigators from the Spanish National Police, together…
Phishing Email Aims to Trick Hospital Staff with ‘Coronavirus Seminar’
A new phishing scam is capitalizing on the COVID-19 pandemic, seeking to steal credentials of healthcare workers with the promise of a “coronavirus awareness” seminar. An email purporting to come from the organization’s IT department urges employees to access a…
Mysterious cyberattack cripples Czech hospital amid COVID-19 outbreak
A cyberattack his the second-biggest hospital in Czech Republic in the midst of the Coronavirus outbreak last Friday. The incident was confirmed by the Czech National Office for Cyber and Information Security (NÚKIB), which is working alongside police and hospital…
UK intelligence agency warns of cybercriminals exploiting the Coronavirus outbreak
A division of GCHQ (Britain’s equivalent to the NSA) has warned the public to be on their guard against cybercriminals exploiting the Coronavirus outbreak. The National Cyber Security Centre (NCSC) has described on its blog how criminals have spread malware…
IT Admins Allegedly Offer Hackers ‘Naked Photos of Boss’s Secretary’ in Exchange for Ransomware Decryption Keys
The infamous ransomware operatives known as the Maze Team have issued a “press release” condemning IT administrators who tried to use bribery to cover up their failure to protect their employers from hackers. In an interesting twist, ransomware operators have…
Public Health Agency Shut Down by Ransomware Amid Coronavirus Outbreak
The Champaign Urbana Public Health District (CHUPD) in Illinois, which serves hundreds of thousands of Americans, has had its official website taken down by ransomware operatives. CHUPD serves 210,000 people, including the University of Illinois, with advice and information on…
Latest Firefox Version Unveils and Fixes an AirPod Vulnerability
The latest Firefox version fixes quite a few problems, but one of the more interesting fixes was for a vulnerability that affected people using AirPods connected to an iPhone, which is not something you’d expect to find in a browser…
FBI to Internet Users: Don’t Let Your Browser Remember Your Password
The U.S. Federal Bureau of Investigation this week offers some radical tips for private Internet users and businesses alike. Chief among them: disable autofill and remembering passwords. It’s not entirely clear whether the FBI’s tips are meant to ensure online…
Some VPN Apps Secretly Gather Anonymized User Data
An investigation has revealed that Sensor Tower, a tech platform that allows developers to gather usage data, has been collecting information about millions of users from apps such as VPNs and ad-blockers. According to a BuzzFeed News investigation, Sensor Tower…
Secret-sharing app Whisper failed to keep users’ fetishes and locations private
Launched in 2012, the Whisper app declared itself to be a place where anyone could post their private thoughts and extreme confessions anonymously. In its promotional material it describes itself as “the largest online platform where people share real thoughts…
Researcher wins $55,000 for ‘Login with Facebook’ hack
Facebook’s bug bounty program has yielded a hefty paycheck to a researcher from India who discovered a serious security flaw in the platform. In December, last year, Amol Baikar was tinkering with the “Login with Facebook” feature when he discovered…
Spammers Use Coronavirus Message to Deploy Keylogger
Hackers are weaponizing the COVID-2019 coronavirus disease, trying to trick people into downloading malware so attackers can steal valuable information from victims’ computers. Malware deployed through infected emails and files is nothing new. Still, hackers need a hook to capture…
Over one billion Android devices at risk as they no longer receive security updates
More than one billion Android devices are at risk of being hacked or infected by malware, because they are no longer supported by security updates and built-in protection. That’s the conclusion of an investigation by Which?, which found that at-risk…
Data breach: U.S. retailer J.Crew reveals 2019 security incident to customers
J.Crew suffered a credential stuffing attack that may have compromised the personal data of customers, the U.S. clothing retailer disclosed earlier this week. Fraudulent activity was apparently noticed last spring, but the firm did not reveal the number of compromised…
Virgin Media Admits Failing to Secure Online Database with Info on 900,000 Customers
Virgin Media admitted it left an unsecured database online containing personal data for about 900,000 customers, including their phone numbers, names, and physical addresses. When people hear about data breaches, they usually imagine hackers gaining access to secure systems, but…
Two Las Vegas Casinos May Have Been Crippled by Ransomware Attacks
An apparent ransomware attack hit the Four Queens Hotel and Casino and Binion’s Casino in Los Angeles, crippling their ability to trade in anything other than cash and affecting some of the slot machines. A strange sight greeted customers of…
T-Mobile Suffers a Data Breach, Again
T-Mobile has begun notifying customers of a security breach that might affect an undetermined number of them, possibly revealing their names and addresses, phone numbers, account numbers, rate plans and features, and billing information. Wireless carriers are a prime target…
Loyalty program fraud targets 600,000 Tesco shopper accounts
U.K. supermarket giant Tesco has recently warned its loyalty program members of a security incident that may have affected over 600,000 Clubcard holders. “We are aware of some fraudulent activity around the redemption of a small proportion of our customer’s…
Revocation of Millions of Certificates Leaves Websites Labeled as ‘Insecure’
A certificate authority named Let’s Encrypt found a bug in code used to generate certificates and was forced to revoke millions of certificates, leaving websites very little time for renewal. When a user visits a site that has an invalid…
Cathay Pacific slammed for security failures following hack which exposed 9.4 million people worldwide
The UK’s Information Commissioner’s Office (ICO) has fined Cathay Pacific for “a number of basic security inadequacies” which resulted in hackers stealing the data of 9.4 million people worldwide – including 111,578 from the UK. In October 2018, the Hong…
Head of MI5 Calls on Tech Companies to Let Law Agencies Access Encrypted Messages
The UK’s domestic counter-intelligence and security agency, MI5, and Sir Andrew Parker, the general director, are pressing companies that provide end-to-end encryption for their messaging apps to offer law enforcement a way to read messages, when a warrant is available.…
What About GandCrab’s $2 Billion? Ransomware Operators Pocketed Only $140 Million Over Six Years, FBI Calculates
Ryuk, Dharma, Bitpaymer, SamSam and other prominent ransomware strains have generated hundreds of millions of dollars for their authors, according to calculations by the FBI. Does that mean the GandCrab gang, which doesn’t even make the FBI’s list, was lying…
NVIDIA Fixes High-Severity Vulnerability in Drivers
NVIDIA released a security update for its drivers, fixing several issues that could lead to denial of service, escalation of privileges, or information disclosure. The update covers multiple vulnerabilities affecting both the display driver and the Virtual GPU Manager (VGPU).…
City of Cartersville Admits Paying Ryuk Ransomware Operators $380,000
Almost a year after getting infected with ransomware, the City of Cartersville in the U.S. State of Georgia this week admitted to paying ransomware operators $380,000 to unlock its systems. Cartersville reportedly got infected in early May last year when…
Firefox Enables DNS over HTTPS by Default in the United States
Mozilla is turning on DNS over HTTPS by default for users in the United States and is making it available for users throughout the rest of the world if they choose it. The goal is to make it more difficult…
“Shark Tank” TV star loses almost $400,000 in Business Email Compromise scam
Barbara Corcoran, one of the business moguls who head up the judging team on US TV’s “Shark Tank” investment show, has lost nearly $400,000 to an email scammer. According to media reports, a scammer – posing as Corcoran’s executive assistant –…
Ransomware Attack in Florida Forces Prosecutor to Drop Charges in Drug Cases
A ransomware attack against the police department in Stuart, Florida last year had an unexpected consequence; the police officers had to drop several cases after losing important evidence. When a ransomware attack hits an institution or company, expectations are roughly…
Facial Recognition Start-Up That Sells Data to Police Got Its Client List Stolen
Someone stole the client list of a somewhat obscure company called Clearview AI. While that might not seem like much, the company was recently in the news for all the wrong reasons – it claims that it scrapes the Internet…
Raccoon Malware Aims to Steal Credentials of People Who Use Popular Apps
Security researchers have followed the evolution of a piece of infostealer malware named Raccoon, as it’s being developed and enhanced to work in as many scenarios as possible, including email clients, Internet browsers, and more. Infostealers are a type of…
Attackers Use SMS Phishing to Steal Credentials and Install Emotet Malware
Researchers have discovered a new SMS phishing campaign targeting mobile numbers in the United States aiming to steal online banking credentials and install the Emotet malware wherever possible. SMS phishing campaigns, also known as smishing, follows a straightforward recipe. Victims…
US defense IT agency says data breach may have affected 200,000 people
The Defense Information Systems Agency (DISA), which handles IT and telecommunications support for the White House and U.S. military troops, has disclosed a data breach that may have affected 200,000 people between May and July 2019. According to a letter…
Google Removes 600 Apps from Play Store for Serving Disruptive Ads
Google has removed more than 600 apps from the Play Store and banned them from the Google AdMob and Google Ad Manager advertising platforms for violating policies on disruptive ads. The massive Google Play Store marketplace holds lots of interesting…
Developers Hack McDonald’s Reward System to Get Free Hamburgers
A couple of German software developers discovered an oversight in McDonalds’ promotion systems that allowed them to get as many hamburgers as they wanted, without paying anything. While software vulnerabilities or loopholes are sometimes used for nefarious purposes, that’s not…
US Gas Company Attacked with Ransomware
Hackers have installed ransomware on systems of a natural gas compression facility in the United States, affecting the operational technology (OT) network, including human-machine interfaces (HMIs), data historians, and polling servers. The Cybersecurity and Infrastructure Security Agency (CISA) offered details…
FC Barcelona Twitter Account Hacked, Again, By the Same Group
The Twitter account of FC Barcelona has been hacked by the OurMine group, who had time enough to post sensitive information, seemingly taken from private messages. After OurMine took control of the account, they said private messages on the platform…
Hamas Tries to Trick Israeli Soldiers into Installing Malware Using Fake Messages from Women
Dozens of Israeli soldiers were tricked by Hamas into installing malware on their phones and computers via an old ruse: messages from young women looking for companionship. Investing in security solutions is always a good idea, but what’s the point…
Australian Transportation Company Is Still Battling Ransomware Infection 18 Days Later
18 days after the Australian transportation firm Toll was crippled by ransomware, the company is still suffering problems, and the attack continues to impact its customers. It shows that the cost of ransomware is often much higher than the ransom…
!@#$%^&*: The Most Used Passwords in the World Are as Bad as You Imagine
A complex and robust password is the first step towards a safer online presence, but some people straight up ignore this simple rule and choose the worst possible password. The weakest passwords, at least, are remarkably consistent from year to…
Twitter accounts of The Olympics and FC Barcelona hijacked by OurMine hacking group
The International Olympic Committee and FC Barcelona are the latest victims of a spree of Twitter account hijacks orchestrated by the notorious OurMine gang. But rather than abuse their access to the high profile accounts (@Olympics has six million followers,…
Email Fraudsters Trick Puerto Rico’s Government into Wiring $2.6 Million to Bogus Accounts
Thieves managed to trick the Puerto Rico government into making $2.6 million worth of payments to the wrong recipient in an elaborate phishing scheme. Tricking local government officials into making payments to bogus accounts is not as uncommon as you…
Google Blocked 790,000 Apps from the Play Store in 2019
Google is fighting an uphill battle when it comes to dangerous apps that try to work their way into the Android ecosystem, and the company prevented 790,000 dangerous apps from being published on the Play Store in 2019 alone. The…
New Phishing Scam Lures iPhone Owners with Romantic Chat, Gambling, ‘Free’ VPN
Bitdefender this week has detected a new phishing campaign targeting iPhone owners with a range of scams aiming to defraud unsuspecting victims. First things first. If you receive the email pictured below, steer clear! Don’t open if it’s marked as…
Israeli Elector App Accidently Exposes Personal Data of 6.5 Million Voters
The personal data of almost 6.5 million Israeli voters was leaked online after Likud, the country’s governing party, uploaded the information to the highly vulnerable Elector application. Prior to the elections, all parties receive information about the voters, on the…
Cyber-enabled crimes cost U.S. citizens $3.5 billion in 2019
The Internet Crime Report recently released by the FBI’s Internet Crime Complaint Center (IC3) sheds light on Internet-related crimes. The data analyzed covers a year’s worth of cybercrime complaints from consumers and businesses. At an average of 1,300 entries per…
China denies it was behind the Equifax hack, as four men charged for data breach
A Chinese spokesperson has strongly denied that his government was behind the hack of Equifax in 2017, which saw the personal data of hundreds of millions of individuals stolen – including the names, birth dates and social security numbers for…
Google Chrome to Block Downloads from Unsecured Locations
Google is set to make significant changes to the Google Chrome browser that would eventually lead to entirely blocking the download of files from HTTP (unencrypted) sources, starting with Chrome 83. The new measure announced by Google refers to “mixed…
New PayPal Phishing Campaign Asks for Passport Photo, Driver’s License
A new PayPal phishing campaign is taking a novel but direct approach to fraud by asking users, in good grammar, to provide Social Security and PIN numbers, passport and driver’s license data, and even upload photos of official documents to…
Safer Internet Day 2020 – ‘Together for a better internet’
Is the Internet becoming safer or more dangerous? This question is posed by the Safer Internet Day 2020 (SID) event, which calls attention to a subject that should raise more significant concern than it does, especially when it comes to…
Facebook’s and Instagram’s Twitter Accounts Hacked
Facebook’s Twitter and Instagram accounts were hacked via a third-party service, and the hackers quickly published a post on both accounts before the intrusion was discovered. The message posted by the hackers simply read “Well, even Facebook is hackable but…
Data breach hits San Diego low-income preschool provider
An intruder illegally accessed an employee email account at San Diego, California-based preschool education provider Enrichment Systems, Inc (EES) and may have viewed sensitive personal information of parents and students, the firm said in a press release last week. The…
Infrastructure of Australian Transportation Company Infected with Mailto Ransomware
A ransomware attack has crippled the operations of Australian transportation firm Toll, affecting more than 1,000 servers were affected, according to inside sources cited by itnews. After the attack on January 31, the company immediately began to disconnect parts of…
FBI Outlines Technique Behind DDoS Attacks on US Voter Registration Website
Hackers who unleashed DDoS attacks (Distributed Denial of Service) attacks on a state-level voter registration and voter information website in the US used a technique called Pseudo Random Subdomain Attack (PRSD,) which is a form of attack that uses DNS…
How your network could be hacked through a Philips Hue smart bulb
Security researchers at Check Point have published details of vulnerabilities they have found in Philips Hue smart bulbs that could be exploited by hackers to compromise networks remotely. The researchers were able to hijack control the IoT bulbs and install…
Dutch university pays $220,000 ransom to infamous Russian cybercrime ring
The University of Maastricht in Holland has ended up paying a $220,000 ransom to a group of Russian hackers after an unwary employee fell for a phishing scam. The university was attacked with ransomware on Christmas Eve, 2019, a month…
YouTube Takes New Measures to Combat Disinformation Ahead of US Elections
YouTube says it is making changes to its platform in advance of the 2020 United States elections in an effort to curb the spread of false information about candidates or the election process. Checking content uploaded to YouTube for such…
US Wireless Carriers Shared Customer Location Data with Third Parties
The Federal Communications Commission found that one or more wireless carriers in the United States sold location data regarding its consumers to third parties, in apparent violation of federal law. After a 2018 investigation by the New York Times unveiled…
Twitter Discovers Attackers Trying to Match Usernames and Phone Numbers
Attackers likely sponsored by a nation state used an extensive network of Twitter accounts to match phone numbers to usernames by abusing an existing API and going well beyond its intended use, the social network has said. A Twitter feature…
Iranian-Backed APT34 Tries to Compromise Company Linked to U.S. Government
Security researchers say they have uncovered a phishing campaign, likely organized by the Iran-backed APT34 group, that sought to infect Westat employees with malware. U.S. companies and institutions are the usual targets of APT34, and hackers are always looking to…
Google accidentally sent users’ private videos to strangers in stunning ‘Takeout’ mix-up
In a disconcerting security warning, Google is saying videos stored in some users’ Google Photos archive were incorrectly sent to other users who requested a download of their files. The message, originally highlighted on Twitter by one Jon Oberheide, begins…
Google accidentally sent some people’s private videos to strangers in massive ‘Takeout’ mix-up
Google is sending out an appalling security warning saying that videos stored in some users’ Google Photos archive were incorrectly sent to other users who requested a download of their files. The message, originally highlighted on Twitter by one Jon…
Man admits hacking Nintendo, leaking details of Switch games console
A 21-year-old Californiana man has pleaded guilty to hacking into into the servers of Nintendo and stealing confidential information about the (then upcoming) Nintendo Switch video game console. The case dates back to 2016 when Ryan S Hernandez, who was…
Emotet Operators Are Using Wuhan Virus Info to Spread Malware
Emotet operators are looking to pray on people’s fears to spread malware through malicious emails. In this case, they are using the real health crisis of the coronavirus outbreak in China. Using people’s fears to spread malware is not new,…
AlphaBay Dark Web Market Moderator Faces up to 20 Years in Prison
Dark web marketplace moderator Bryan Connor Herrell pleaded guilty in the United States to conspiring to engage in a racketeer-influenced corrupt organization. While the infamous Silk Road made a lot more headlines, another dark web market place had many more…
Windows 7 Gets New Final Update to Fix the Previous Final Update
It turns out that the final day of Windows 7 was not actually the last, as Microsoft messed up an update. Now, a new patch is required to fix a problem introduced by mistake. The official end of life for…
ProtonMail and StartMail blocked as Russia hunts for bomb threat spammers
Protonmail is the second encrypted email provider in the last week to find itself blocked from its Russian users, after authorities in the country said bomb threats had been spammed out claiming that bombs had been planted in public places.…
Americans would pay up front to keep their online identity and data private
2020 is off to a good start in the United States, with rising consumer awareness about privacy matters, according to new research published on National Data Privacy Day. After America’s Health Insurance Plans (AHIP) showed in a recent study that…
Computer science researchers in Texas expose security risks of micromobility vehicles
Researchers at the Department of Computer Science of the University of Texas at San Antonio (UTSA) have recently exposed vulnerabilities in the micromobility ecosystem that may compromise the security, safety and privacy of users of battery-powered electric scooters. According to…
Mozilla is cleaning out its closet by removing almost 200 dodgy Firefox add-ons
Mozilla’s security team has been busy the past two weeks, removing add-ons caught stealing user data and executing malicious code. In a crusade to “make browsing smarter, safer, and faster,” the Firefox administrators decommissioned around 200 extensions and add-ons that…
Head of ‘Cardplanet’ Stolen Credit Card Marketplace Pleads Guilty in the US
Aleksei Burkov, 29, pleaded guilty in the United States to money laundering, device fraud and other crimes after he was caught running an illegal website, called Cardplanet, that sold stolen credit card data. Burkov had been on the run since…
North Carolina water supplier targeted in ‘international cyberattack’
A water supplier in Greenville, North Carolina has suffered a targeted cyber-attack that affected online payments for half a million a people. The outage is expected to last at least two more days as experts investigate the hack. Greenville Water,…
Americans want stronger privacy over easier access to health data
In a welcome mentality shift, Americans are starting to put their privacy first and convenience second when it comes to their health data, according to a study by America’s Health Insurance Plans (AHIP). Most surveys asking people about their experience…
FBI warns of spoofed websites and hiring scams that target your wallet
A recent public service announcement from the FBI warns job seekers of risks they may face when seeking jobs online. When you are in search of honest work, you should not be paying for hiring fees, certifications or training materials.…
Cryptomining Malware Vivin Uses Pirated Software as Attack Vector
Vivin, a cryptomining malware that likes munching on Monero, is one of the many examples of such software roaming the dark corners of the Internet. Security researchers have been tracking it for the last couple of years, and it shows…
Five Microsoft Elasticsearch Servers with Private Data for 250 Million People Found Unsecured Online
Security researchers found a total of 250 million Microsoft customer records spread on five unsecured servers that could have been accessed by anyone using just a web browser. Microsoft has since secured the servers. Unsecured Elasticsearch servers seem to be…
AMD patches critical vulnerabilities in its Radeon graphics cards
The research team from Cisco Talos has spotted four exploitable vulnerabilities in AMD ATIDXX64.DLL driver that can affect VMware Workstation running on Windows, according to recent Talos Vulnerability reports. The security issues, tracked as CVE-2019-5124, CVE-2019-5146, CVE-2019-5147 and CVE-2019-5183, were…
Teenager charged over $50 million SIM-swap cryptocurrency theft
Samy Bensaci, an 18-year-old living in Montreal, Canada, has been charged in connection with the theft of over $50 million worth of cryptocurrency in a SIM-swapping scam. A SIM swap attack (also sometimes called a Port Out scam) is one…
Ubisoft Sues Alleged DDoS-for-Hire Service
Game developer Ubisoft has sued the owners of SNG.ONE, an alleged DDoS (distributed denial-of-service) website, claiming that they are behind recent attacks against Tom Clancy’s Rainbow Six Siege servers. Tom Clancy’s Rainbow Six Siege is a multiplayer game developed and…
Maryland Bill Would Make Owning Ransomware a Criminal Offense
Lawmakers in the US State of Maryland are debating a new bill that would make it illegal to own and distribute ransomware, and stiffens punishment for ransomware operators. If the bill passes, Maryland would be the third state, after Michigan…