Today, UK Finance revealed £32m of fraud prevented by bank branch staff and police in the first half of 2021, showcasing the bank’s commitment towards mitigating fraud. However, technology still has a huge role to play, and more often than not, it’s hard to spot a scam even for experienced professionals.
ISBuzz Team
As reported by BBC News, the UK’s information commissioner is to ask some of the most powerful countries in the world to join forces against cookie pop-ups online. Elizabeth Denham will meet with her counterparts in the G7 (Group of Seven) nations on Tuesday. Each country will raise a technology problem they believe can be solved with closer co-operation, with Ms. Denham taking aim at cookie banners.
According to new research by Opengear spanning the UK, the U.S., France, and Germany, more than four out of ten (41%) of network managers, network engineers, and network architects say their organizations use NetOps or network automation to enhance network security, the top use for NetOps overall. Moreover, 44% of respondents whose organizations use an independent secure management plane (e.g. an Out-of-Band Network) that is separate from the production network believe enhanced security is one of the top two benefits of doing so. However, questions remain around access rights and permissions. While just half of the respondents say network engineers can access…
It has been reported that the fear of security was raised after the Central Bank mistakenly exposed the names and home addresses of credit union bosses. The data breach has forced the bank to issue a groveling apology after it blundered by releasing the personal information to third parties. Names and addresses of around 50 credit union chairpersons and chief executives, many of whom hold keys to credit union premises, were given out in error.
BACKGROUND: FireEye’s Mandiant researchers have discovered a malware family using the Common Log File System (CLFS) to hide their second-stage payload in registry transaction files. In their blog post Too Log; Didn’t Read they detail how PRIVATE LOG and its installer STASHLOG use what they say is a novel and especially interesting technique(s) to obfuscate their presence. An expert with Gurucul offers comment.
BACKGROUND: In response to reports that Washington D.C’s Howard University has canceled classes on Tuesday after being hit by a ransomware attack, cybersecurity experts offer their following comments.
BACKGROUND: ITPro Microsoft Outlook shows real contact details in some phishing emails. Microsoft Outlook is susceptible to phishing attacks using internationalized domain names (IDNs), according to reports from two separate security researchers. The email client will display legitimate contact details alongside spoof emails sent from these domains. Phishing attacks sent from IDNs are also known as homograph attacks. They use Unicode characters from non-Latin character sets, such as Cyrillic or Greek, that look like regular Latin characters. An attacker might register the domain tωitter.com, which uses an international alternative to a regular ‘w’. Browsers have long recognized and flagged IDNs,…
Indonesia is investigating a suspected security flaw in a COVID-19 test-and-trace app that left exposed personal information and the health status of 1.3 million people, a health ministry official said on Tuesday, according to Reuters.
BACKGROUND: It has been reported that nine cyber-attacks affecting the British transport sector were missed by the UK’s mandatory reporting laws and were only disclosed to the government on a voluntary basis, Sky News has learned. A law introduced three years ago was intended to boost Britain’s ability to defend itself from the foreign states and criminal hackers by obliging critical infrastructure organisations to report incidents.
BACKGROUND: Please see below for comment by Cybersecurity experts on the news that Bangkok Airways suffered a data breach and refused to pay the ransom which resulted in the data being dumped online.