18 Jan 2019

Iranian online collaboration forums incubating some of the world’s most significant cybersecurity incidents, hacking forces

A study produced by Cybersecurity firm Recorded Future suggests that the hacking culture heavily incubated by online forums and direct ties to the government have helped the country’s cyber forces generate some of the most significant and sophisticated attacks in the world. These have included crippling attacks against Saudi’s state

Read More
18 Jan 2019

Government cybersecurity at risk as shutdown lingers

Due to the ongoing shutdown, US government agencies are becoming increasingly vulnerable to cyberattacks. Because cybersecurity and IT staff have been furloughed in many government agencies, TLS certificates for government websites are not being renewed, systems aren’t being patched and there is no active monitoring of agency networks for performance

Read More
18 Jan 2019

These malicious Android apps will only strike when you move your smartphone

Once again, cybercriminals have managed to sneak malicious apps onto the Google Play Store. Researchers with Trend Micro have found two Android apps on Google Play that serve the Anubis banking Trojan, but only if information from the motion sensors on the targeted device indicate movement. The two apps are Currency

Read More
18 Jan 2019

Facebook Shuts Hundreds of Russia-Linked Pages, Accounts for Disinformation

Helped by a tip from US law enforcement, Facebook has shut down two massive Russian disinformation campaigns comprising hundreds of Facebook groups and pages as well as Facebook and Instagram accounts with hundreds of thousands of followers. One of the campaigns focused on Ukraine, whereas the other targeted countries in Central

Read More
18 Jan 2019

Malware can now evade cloud security tools, as cybercriminals target public cloud users

Rocke Group, a cybercrime group believed to be operating from China, has developed cryptocurrency mining software that can uninstall cloud-based security solutions from targeted systems as a way of evading detection. Researchers with Palo Alto have so far only found proof that the malware works on Chinese cloud security solutions,

Read More
18 Jan 2019

Ongoing Attacks Hit West African Financial Institutions Since Mid-2017

Financial institutions in Cameroon, Congo (DR), Equatorial Guinea, Ghana and Ivory Coast have been targeted by unknown threat actors in a cyberattack campaign that started in mid-2017 and is still ongoing. According to security researchers with Symantec, the attackers have been using a variety of open-source and off-the shelf malware tools including

Read More
18 Jan 2019

Twitter Fixes Four Year Old Bug in Android App Exposing Private Tweets

Due to a bug in Twitter for Android, the app has exposed the private Tweets of an unknown number of users for over 4 years. The issue caused the app to make changes to the accounts of affected users, such as turning off the “Protect your Tweets” setting. The bug

Read More
17 Jan 2019

Massive Oklahoma Government Data Leak Exposes 7 Years of FBI Investigations

In the latest data leak stemming from an unsecured web server, 3 terabytes of data belonging to the Oklahoma Securities Commission has been found exposed to the Internet. The millions of unencrypted files included highly sensitive government information, such as details of FBI investigations, email archives and social security numbers. An UpGuard

Read More
17 Jan 2019

An Astonishing 773 Million Records Exposed in Monster Breach

A data set containing a whopping 772,904,991 email addresses and more than 21 million passwords has been found on a hacker forum by a security researcher. The data set, dubbed Collection #1, was first reported by Troy Hunt, the researcher behind Have I Been Pwned, a website where people can check

Read More
17 Jan 2019

Compromised ad company serves Magecart skimming code to hundreds of websites

In a massive new Magecart campaign, hackers have inserted malicious payment card skimming code into “277 e-commerce websites providing ticketing, touring, and flight booking services as well as self-hosted shopping cart websites from prominent cosmetic, healthcare, and apparel brands”. Magecart is an umbrella term for various criminal groups that attack e-commerce

Read More