13 May 2019

Savvy Hacker Exploit Analytics Code Used By Thousands of Websites To Capture Data

Hackers have breached analytics service Picreel and open-source project Alpaca Forms and have modified JavaScript files on the infrastructure of these two companies to embed malicious code on over 4,600 websites, security researchers have told ZDNet. The attack is ongoing, and the malicious scripts are still live, at the time of

Read More
13 May 2019

Security Pros Struggling With Heavier Workloads Due To Skills Gap

For the third year the Enterprise Strategy Group (ESG) and Information Systems Security Association (ISSA) International  have produced a report on the state of cybersecurity professionals. The report underscores that nearly three-quarters of organizations are dealing with the fallout of the industry’s skills gap. In the past two years, nearly half

Read More
13 May 2019

Wired and CodaStory Provide A Deeper Dive Into China’s Massive Surveillance Operation

For the last few years there have been indications that China has been conducting mass incarcerations of its Muslim minorities. Investigative reporting is beginning to shed more light on what is going on. There appears to be abuses of human rights on a shocking scale. The personal stories behind abuses

Read More
13 May 2019

Extensive Flaws In All Major Building Control Systems

Building management or automation systems (BMS) or (BAS) are computer based systems installed in buildings to control and monitor mechanical and electrical equipment such as heating, ventilation, cooling, power, fire alarms, fire suppression, lighting, security, and access control. Over the years the major vendors have built systems that follow a

Read More
12 May 2019

Cybercriminals Favor Targeting Top Executives, Small Businesses, Money

According the Verizon Data Breach Report, C-level executives are 12 times more likely to be the target of security incidents and 9 times more likely to be the target of data breaches than in last year’s report while the growth of financial social engineering attacks targeting these business executives rose from single digits to

Read More
12 May 2019

What China’s Cybersecurity Law says about the Future

“As a contrast to Europe’s General Data Protection Regulation, which seeks to protect individual rights and rein in the actions of large corporates, China’s Cybersecurity Law provides an alternative vision about how nations may choose to apply the law toward cyberspace in the future. China’s Law requires network operators to

Read More
09 May 2019

Websites Continue to Collect PII Data Insecurely

A new report by RiskIQ found that over a year after the European Union’s General Data Protection Regulation (GDPR) went into effect, 11.5% of websites still fail to properly secure the way they collect personally identifiable information (PII) from users. Progress is being made however, since the number was 27%

Read More
09 May 2019

Justice Department charges Chinese hacker for 2015 Anthem breach

The US Department of Justice has indicted Fujie Wang, a Chinese national, over conspiracy to commit fraud, identity theft and computer hacking as part of hacking campaigns targeting Anthem and three other firms. The charges also apply to other unnamed members of the Chinese hacking group Fujie Wang is suspected

Read More
09 May 2019

This ransomware sneakily infects victims by disguising itself with anti-virus software

Researchers at Trend Micro have uncovered a sneaky new campaign involving the notorious Dharma ransomware that has been targeting companies around the globe since at least 2016. In order to increase the success rate of their attacks, the threat actors behind Dharma have now integrated it into a phony anti-virus

Read More
09 May 2019

Amazon Hit by Extensive Fraud With Hackers Siphoning Merchant Funds

Last year, threat actors obtained unauthorized access to around 100 Amazon seller accounts, which enabled them to change the bank details for the accounts and subsequently transfer funds from loans and sales to bank accounts under their control. The e-commerce giant has investigated the extensive fraud operation, which was active

Read More