The UK’s Biggest Anti-fraud Operation: 70,000 Victims To Receive Text Messages The UK’s biggest ever anti-fraud operation has begun to contact the 70,000 victims of telephone scams in their country today. Fraudsters had created fake adverts and websites to trap victims into handing over personal information and money in order to fund Ponzi schemes and other types of scams. However, the authorities later located them and filed criminal charges against them. What is the UK’s biggest anti-fraud operation? Police are planning to sms up to 70,000 sufferers of telephone fraud with a text outlining what occurred and where they can…
ISBuzz Team
Our Information Security Experts reacted below on why gambling sites were particularly vulnerable or of interest to credential stuffing attacks.
According to Wales Online, More than 10 million Brits have fallen victim to online shopping scams, it has been revealed, as 19 million UK shoppers prepare to embark on the biggest bargain hunts of the year. Research from cybersecurity company NordVPN has shown that 20.7% of UK adults have been scammed while shopping online — equivalent to 10.6 million people. Millions of UK consumers are prepared to offer up a treasure trove of personal information in exchange for an extra reduction or freebie — and those who have already been scammed are at the front of the queue. Of those who…
CloudSEK has revealed that Algolia’s API keys have been leaked, putting millions of users data at risk. Algolia’s API is used by companies to incorporate search, discovery, and recommendations into their voice, mobile, and website applications. It is currently used by over 11,000 companies, including Lacoste, Stripe, Slack, Medium, and Zendesk to manage ~1.5 trillion search queries a year. CloudSEK’s BeVigil, the first security search engine for mobile apps in the world has identified 1550 apps that leaked Algolia API Keys. Out of which, 32 apps, with millions of downloads, have hardcoded keys that can be exploited by threat actors to…
High Severity Vulnerabilities Reported in F5 BIG-IP and BIG-IQ Devices https://twitter.com/cyberfeedio/status/1593153764197683201
Google Clamps Down on Cobalt Strike Abuses Google announced earlier this month that it had removed the ability to run JavaScript from inside. HTML tags on its advertisement platform, in an effort to clamp down on ad fraud. And abuse perpetrated by cryptomining malware like Cobalt Strike and Coinhive. But what does this change mean for legitimate advertisers? And how will it impact larger security issues surrounding Javascript execution? Security expert Paul Roberts weighs in below. Google’s response to Cobalt Strike abuses Earlier this year, Google made a critical update to its ethical sourcing policy for cobalt. Which is…
Air Asia Suffers Major Data Breach One of Asia’s most popular airlines. Air Asia, suffered from a massive data breach this past month, potentially exposing. The data of hundreds of thousands of users. The airlines have started contacting customers to let them know what options they have going forward.. Let’s take a look at what happened, and how you can protect yourself from experiencing the same thing next time. Details of the data breach On Tuesday, October 16th Air Asia announced a data breach that occurred on Monday morning. Use of an unapproved party led to the breach. USB…
As reported by The Register, phishing attempts targeting victims in the Middle East increased 100% last month in the lead up to the World Cup in Qatar, according to Trellix. There was a spike in these email-based attacks between September and October, when the volume of malicious emails doubled. Miscreants used FIFA and other football-related lures as the initial attack vector, and the security researchers detailed several email samples they found in the wild. In one, the email purported to be from the FIFA transfer matching system (TMS) helpdesk and included a fake alert that the user’s two-factor authentication had been…
It has been reported that six in 10 (60%) shoppers plan to spend more time researching and comparing prices ahead of Black Friday this year than they have previously, a survey has found. More than a third (37%) say they have regretted not being better prepared ahead of key sales, according to the survey of 2,000 people across the UK for Vodafone.
New Ransomware Encrypts Files, Steals Your Discord Account Ransomware has been evolving at an alarming rate, with more new strains appearing each year. One of the latest developments in this area is the ability to hack popular gaming apps and platforms, including Fortnite, Overwatch, and Discord. In fact, the risk is so severe that one 17-year-old was previously imprisoned as a result of his admission to stealing the usernames and passwords of 400 million users. Here’s what you need to know about this new kind of ransomware and how you can protect yourself and your account from the cybercriminals behind…