23 May 2019

TalkTalk Overlooked Nearly 5000 Customers in Breach Notification

An investigation by the BBC consumer rights show Watchdog Live has revealed that UK telco Talk Talk botched the breach notification that followed a 2015 cybersecurity incident by failing to inform 4545 impacted customers. The company acknowledged the mistake, describing it as “a genuine error.” The firm says it has

Read More
23 May 2019

All iPhones And Some Android Phones Are Vulnerable To A New Device Fingerprinting Attack

Cambridge University researchers have discovered a new kind of “fingerprinting attack” that could enable websites to keep track of individual users as they visit other websites using the same browser. Fingerprinting is a nightmare for people who care about their privacy. It can be used to target people with customized

Read More
23 May 2019

Fraud Attacks from Mobile Spiked 300% in Q

Cybercriminals are increasingly using rogue mobile applications to carry out fraud attacks, a new RSA report shows. In the first three months of this year, fraud associated with such apps surged by 300%. Rogue apps are malicious copies of legitimate applications. Fraud campaigns involving financial malware also increased in Q1

Read More
23 May 2019

Bestmixer seized by police for washing $200 million in tainted cryptocurrency clean

Europol together with Dutch and Luxembourg authorities seized Bestmixer.io on Wednesday because they believe the “world’s leading cryptocurrency mixing service” has laundered over $200 million in cryptocurrency linked to criminal activities. Bestmixer.io had been operating for about one year when it was shut down. By “mixing” cryptocurrencies from multiple sources

Read More
23 May 2019

Volume of Signed Malware Increases, CAs Need Better Vetting

New figures from Chronicle show that threat actors increasingly manage to abuse digital certificates in order to sign malware. As a result, operating systems can no longer reliably use such certificates to distinguish legitimate software from malicious programs. The study, which looked only at highly malicious programs targeting Windows operating

Read More
23 May 2019

Data privacy: A hot-button issue for Americans one year after GDPR

This Sunday will mark one year since the EU’s General Data Protection Regulation (GDPR) went into effect. A new nCipher survey shows that awareness of privacy issues has increased in the US. A small majority of Americans (52%) care about keeping their data private and 41% even consider data privacy

Read More
23 May 2019

Two More Zero-Day Vulnerabilities Released for Windows

Just one day after notorious Windows exploit developer “SandboxEscaper” released a Windows zero-day exploit, she posted two additional zero-days on her GitHub account. One is a sandbox escape impacting Internet Explorer 11 and the other is a local privilege escalation flaw affecting Windows Error Reporting. The latter is very difficult

Read More
23 May 2019

Baltimore Email, Other Systems Still Offline from May 7 Ransomware Attack

More than two weeks after the City of Baltimore, Maryland suffered a ransomware attack, the city’s email system and various other systems have still not been restored. The City was targeted by a ransomware strain dubbed Robbinhood. The threat actors behind the file-encrypting malware demanded a ransom of 13 Bitcoin

Read More
23 May 2019

Over 90% of data transactions on IoT devices are unencrypted

New research by Zscaler highlights how companies are putting themselves at risk through the use of poorly secured IoT devices. The report found that a staggering 91.5% of IoT data transactions on enterprise networks are not encrypted. If a threat actor manages to intercept that traffic, they can therefore access

Read More
22 May 2019

Facebook found hosting masses of far right EU disinformation networks

Campaign group Avaaz has uncovered a vast far disinformation campaign spreading fake news stories on Facebook in order to promote far right political positions to European voters ahead of the European Parliament election that will be held between 23 and 26 May. After being notified of the results of the

Read More