Compliance Challenges With New NY And CO Cybersecurity Laws

Complicating the challenges of complying with GDPR and the new CA data privacy law, two additional state cybersecurity laws in NY and CO went into effect over Labor Day weekend.  In particular, the NY State 23 NYCRR 500 Law now requires companies to encrypt non-public info at both rest and in transit. What does this mean […]

Parental Control Spyware App Family Orbit Hacked, Thousands Of Child Photos Exposed

It has been reported that the company that sells the parental control spyware app Family Orbit has been hacked, and the pictures of hundreds of monitored children were left online only protected by a password. According to Motherboard that first reported the news, the Family Orbit spyware left exposed nearly 281 GB of data online. The hacker discovered the […]

Brian Krebs Reports Mobile Spyware Maker mSpy Leaks Millions Of Sensitive Records

information-leak

Brian Krebs reported today that mSpy, the maker of a software-as-a-service product that helps customers spy on the mobile devices of their kids and partners, left an open database on the web that provided access to millions of sensitive records without any authentication required. Pravin Kothari, CEO at CipherCloud: BACKGROUND “mSpy, the provider of a leading […]

Camubot Malware Camouflaged As Bank Security App To Steal Credentials

Cybersecurity Pros Face Increased Pressures

It has been reported that a new banking malware has been discovered that is targeting bank customers in Brazil. Dubbed CamuBot, it is said to be a unique malware because it is disguised as a necessary security module of the bank. The malware can also bypass the biometric authentication feature, which is a disturbing sign. According to IBM X-Force researchers who discovered […]

Have We Reached The Tipping-Point?

I sat down today, relaxed and called my Cell-Phone Network provider Vodaphone to make my monthly payment – and again, as in previous months, after two attempts their Payment System was not working – thus pushing the call onto their over-stretched support desk with a long time wait to be attended to. And this, common Inconvenience got […]

New “Cronix” Crytpo Mining Campaign

F5 Labs just detected a new Monero crypto mining campaign that exploits the latest Apache Struts 2 critical RCE vulnerability. Responsibly disclosed just two weeks ago by Semmle, known threat actors weaponized a PoC exploit published on GitHub and are currently exploiting the vulnerability to deploy “xmrigCC” crypto-miner. Of note, just a year and a […]

Data Breach Reports To The ICO Increase By 75%

It has been revealed that data breaches are up 75% in two years, finds a report from the Information Commissioner (ICO). The report, which used data gathered under the Freedom of Information Act, found most data breach cases to be applicable to human error in some way. Offering insight are the following security experts: Bob Egner, VP […]

New Banking Trojan CamuBot Attempts To Hack Biometric Authentication

Biometric

IBM X-Force researchers have warned of a new malicious financial malware currently targeting Brazilian banks. The banking trojan, dubbed CamuBot, can in some cases hijack one-time passwords used for biometric authentication. Please find a comment below in response to this from OneSpan. Will LaSala, Director Security Solutions, Security Evangelist at OneSpan: “CamuBot is a unique and sophisticated overlay attack […]

Brits Are Happy To Share Health Data With NHS For Artificial Intelligence

In response to news that over half of Brits are happy to share health data with the NHS for artificial intelligence, David Emm, Principal Security Researcher at Kaspersky Lab commented below.  David Emm, Principal Security Researcher at Kaspersky Lab: “The use of technology brings great benefits – especially in the time- and budget-strapped healthcare industry – […]