11 Jul 2019

Magecart compromised 17,000+ sites through unsecured Amazon S3 buckets

Threat actors are taking advantage of misconfigured Amazon S3 cloud storage buckets as part of Magecart campaigns, RiskIQ research shows. Magecart is an umbrella term for various criminal groups that attack web shops with the aim of injecting them with this kind of malware. In addition to targeting websites directly,

Read More
11 Jul 2019

Corporate users struggle to identify phishing attacks, other security threats

A new Proofpoint report shows that cybersecurity awareness among employees is still lower than it should be in many organizations. When asked about various cybersecurity topics, respondents provided wrong answers for 22% of questions, which is higher than last year, when 19% of answers were incorrect. The areas that accounted

Read More
11 Jul 2019

Latest FinSpy Modules Lift Data from Secure Messaging Apps

Researchers with Kaspersky have uncovered new versions of the notorious FinSpy malware in the wild. The malware, which has been found on both iOS and Android devices, is designed to steal information such as contact lists, text messages, emails, GPS location data and much more. In fact, FinSpy can “monitor

Read More
11 Jul 2019

Apple Updates Millions Of Macs After Dangerous Webcam Hijack Risk Exposed

In a nearly unprecedented move, Apple has rolled out an automated update that addresses a previously disclosed flaw affecting a legitimate application. The update fixes a vulnerability in the Zoom video-conferencing software for macOS that put up to 4 million users at risk. Earlier this week, a security researcher discovered

Read More
10 Jul 2019

Cyber Attacks Cost $45 Billion in 2018

Internet Society’s Online Trust Alliance (OTA) has released an extensive report on cybersecurity breach trends. According to the research, around two million cyber attacks occured last year, resulting in global damages of over $45 billion. The report also indicates that financial losses from ransomware rose by 60%, while the total

Read More
10 Jul 2019

Hackers breached Greece’s top-level domain registrar

Earlier this year, a threat group referred to as Sea Turtle hacked into the systems of ICS-Forth, a firm that manages the top-level domain country codes used by Greece, namely .gr and .el. Sea Turtle goes after domain registrars and managed DNS providers because this allows the group to target

Read More
10 Jul 2019

“Cloud Apps Make Us Targets” Say 49% of Companies

IT decision makers believe the most likely reasons their organization may suffer a cyberattack are insecure infrastructure including Internet-of-things (IoT) devices (54%), web portals (50%) and cloud applications (49%), a recent survey by Thales found. The research also indicates that companies are increasingly recognizing the importance of a CISO. In

Read More
10 Jul 2019

Zoom Zero-Day Bug Opens Mac Users to Webcam Hijacking

A security researcher has uncovered a critical flaw in Zoom video-conferencing software for macOS that puts up to 4 million users at risk. The zero-day flaw, tracked as CVE-2019–13450, can enable threat actors to hijack the webcam of users running the vulnerable software. In order to exploit the vulnerability, an attacker

Read More
10 Jul 2019

July 2019 Patch Tuesday: Microsoft plugs two actively exploited zero-days

As part of this month’s Patch Tuesday, Microsoft issued fixes for 78 vulnerabilities, including 15 critical flaws of which two are actively being exploited in cyber campaigns. The two zero-days are tracked as CVE-2019-0880 and CVE-2019-1132 and both are privilege escalation flaws. The former flaw affects all modern Windows versions, while the

Read More
10 Jul 2019

Marriott Faces $123 Million GDPR Fine for 2018 Data Breach

In addition to considering an unprecedented $228 million fine for British Airways over the data breach the company experienced in the summer of 2018, the UK Information Commissioner’s Office (ICO) plans to fine Marriott International Inc £99,200,396 ($123,705,869) over its failure to protect customer data under the EU’s General Data

Read More