Malware Infecting Docker Containers With Monero Miners

Juniper Threat Labs has just posted new findings on malware that hunts and infects Docker services: Container malware: Miners go Docker hunting in the cloud. The in-the-wild malware hunts for misconfigured publicly exposed Docker services in the cloud and infects them with containers that run Monero miners. Mounir Hahad, Head of Juniper Threat Labs at Juniper Networks: “The advent of […]

Russian Central Bank Targeted By Phishing Attack

Banks in Russia today were the target of a massive phishing campaign that aimed to deliver a tool used by the Silence group of hackers. The group is believed to have a background in legitimate infosec activities and access to documentation specific to the financial sector. The fraudulent emails purported to come from the Central Bank of Russia (CBR) and contained […]

More NHS Cyber Attacks Are ‘Inevitable’

Following the news that some experts have warned that further cyber-attacks on the NHS are ‘inevitable’. Jake Moore, Cyber Security Specialist at ESET UK: “For an organisation like the NHS, keeping your entire systems safe and secure is not an easy task. For most companies it’s a simple case of funds & resource, but sadly in this case […]

Card Fraud On The Rise, Despite National EMV Adoption

A recent report by Gemini Advisory has revealed, three years after the US EMV migration deadline passed, card fraud has continued to rise. Of more than 60 million payment cards stolen in the past 12 months, chip-enabled cards represented a staggering 93%. These results directly reflect the lack of US merchant compliance with the EMV implementation. Simon Armstrong, VP Products at Entersekt: “In the payments space […]

Companies Faltering On Managing 3rd Party Risk

Chris Olson

A new report* by the Opus and the Ponemon Institute reveals that 61 percent of US companies surveyed said they have experienced a data breach caused by one of their vendors or third parties. What is even more alarming is that 22 percent of respondents admitted they didn’t know if they’d had a third-party data breach […]

Voxox Database Misconfiguration Exposes 26M SMS Messages

The news broke yesterday that Voxox, a San Diego, California-based communications provider, left a database containing at least 26 million text messages, including password reset links, 2FA codes, shipping notifications and more exposed without a password. The exposure to personal information, phone numbers and 2FA codes in near-real-time could have put countless accounts at risk of hijack. […]