BACKGROUND: The Wall Street Journal reports that Alibaba’s Taobao shopping website was hit by a web crawler that collected users’ ID and mobile phone data for eight months, according to a Chinese court filing, and more than 1.1 billion pieces of user data were captured. Clement Chen, an assistant professor of law at the University of Hong Kong, noted that Chinese consumers predominantly use their mobile phones to sign up for most Internet services, thus cell phone data helps a bad actor identify their social media accounts and other PII. Taobao.com is ranked by web traffic statistics and analytics site…
ISBuzz Team
More than a third of experts perceive ransomware guidance from government and official bodies to be insufficient Despite theDirector of the FBI, the US Attorney General and the White House warning firms against paying cyber-related ransoms, 60percent of organisations have admitted they would shell out funds in the event of an attack, according to new research from the Neustar International Security Council (NISC). When asked how much money they would consider handing over, one in five respondents said they would consider paying 20 percent or more of their company’s annual revenue. The study, which was commissioned by Neustar and run…
In light of recent events, many industry leaders are warning that the entire internet has become dangerously geared to just a few players such as Amazon, Google, and Microsoft services. The web outage revealed functional risks of any cloud computing monopoly, particularly in an era of remote or hybrid working.
In yesterday’s Brussels Summit Communiqué – Issued by the Heads of State and Government participating in the meeting of the North Atlantic Council in Brussels 14 June 2021, NATO alerts that it will consider on a case by case basis treating cyberattacks similar to physical attacks against allies. The communique indicates NATO may launch a military response against perpetrators. Under Article 5 of the 1949 NATO treaty, any armed attack on a NATO ally is considered an attack on all alliance members, who may then defend the ally. At the North Atlantic Council meeting in Brussels yesterday, the alliance disclosed a Comprehensive Cyber…
Kaspersky has uncovered a long-standing cyberespionage campaign against Persian-speaking individuals in Iran. The group behind the malicious activity—dubbed Ferocious Kitten—has been active since at least 2015 and delivers a custom malware called “MarkiRAT” that steals data and can execute commands on the victim’s machine. The malware also has variants that can hijack the infected user’s Chrome browser and their Telegram app. In March of this year, a suspicious lure document was uploaded to VirusTotal and brought to the public’s knowledge through a post on Twitter. Upon noticing the Tweet, Kaspersky researchers decided to investigate further. What they found was a…
In recent months, an alarming number of cyber-attacks have taken place across a number of industries. Just this week, US based company Colonial Pipeline were victims of an attack that shut down their entire network for three days, which led to an emergency legislation being passed by the US government. With technology becoming increasingly advanced, it has become apparent that even the largest organizations can be vulnerable to cybercriminals and cyber-attacks. Therefore, it’s essential that protecting corporate and private customers’ data remains at the top of the priority list for organizations today. To minimise the risk of becoming victims of…
BACKGROUND: The pandemic was the perfect time to gain physical access to abandoned or minimally staffed locations. While the opportunities to tailgate and piggyback into facilities have lessened due to low foot traffic, it is still an easy way to gain access. With locations still being abandoned or minimally staffed, even today, it gives an attacker more time to locate poorly secured or unlocked ingress points.
84% of organisations that paid a ransom demand were hit again, 61% reported significant loss of revenue London, UK (June 16, 2021) – Cybereason, the leader in future-ready attack protection, today released research findings from a global ransomware study of nearly 1,300 security professionals that reveals more than half of organisations have been the victim of a ransomware attack. In the UK specifically, 305 companies were contacted and 84% of businesses that chose to pay a ransom demand suffered a second ransomware attack, often at the hands of the same threat actor group (53%). The report, titled Ransomware: The True Cost to Business, also…
BACKGROUND: Following the news that US nuclear weapons contractor Sol Oriens has suffered a cyberattack allegedly at the hands of the REvil ransomware gang, which claims to be auctioning data stolen during the attack, expert commented below.
BACKGROUND: The BBC report that the Irish Council for Civil Liberties issuing a branch of the Interactive Advertising Bureau (IAB) and others over what it describes as “the world’s largest data breach”.