BACKGROUND: Recently it was reported that ransomware Task Force proposes technical regulatory measures to disrupt ecosystem. A new task force consisting of technical experts, policy makers, officials from the FBI and United States Secret Service, and international law enforcement agencies has developed a broad set of recommendations to help address the ransomware epidemic, including technical and legal means for disrupting these operations and the payment infrastructure that underpins them.
ISBuzz Team
BACKGROUND: Brian Krebs’ report that Experian API Exposed Credit Scores of Most Americans says: “Experian just fixed a weakness with a partner website that let anyone look up the credit score of tens of millions of Americans just by supplying their name and mailing address… Experian says it has plugged the data leak, but the researcher who reported the finding says he fears the same weakness may be present at countless other lending websites that work with the credit bureau.”
BACKGROUND: With today marketing the anniversary of the World Wide Web (WWW) being launched into the public domain, cybersecurity experts commented below.
BACKGROUND: Yesterday, the FT broke the news that Goldman Sachs believe quantum computing is 5 years away from use in markets. However, while quantum computing holds immense potential for tasks like pricing derivatives, those in the cybersecurity space are calling for an abundance of caution. Without immense efforts to create cryptographic encryptions that can withstand the power of quantum computing, the basic security that governs every aspect of our modern infrastructure may be rendered useless overnight.
Quick-response (QR) codes used by a COVID-19 contact-tracing program were hijacked by a man who simply slapped up scam QR codes on top to redirect users to an anti-vaccination website, according to local police in South Australia. The perpetrator, who has been arrested, now faces two counts of “obstructing operations carried out relative to COVID-19 under the Emergency Management Act”. However, some reports of similar activity suggest that this arrest may just be a drop in the bucket. While no personal data was breached in this particular incident, it highlights the ease of QR code scams: all an attacker needs…
BACKGROUND: Elekta, a Swedish service provider of advanced radiation treatment software, has confirmed a security breach of their software for linear accelerators used in radiation therapy. The breach is reported to have resulted in service outages 42 US hospitals and care centers. A cybersecurity expert with Byos offers comments in response.
BACKGROUND: Members of the public are being warned to be vigilant of scammers targeting online shoppers. The Chartered Trading Standards Institute (CTSI) said it has received evidence of a text scam involving supermarket delivery messages. The messages claim “your Asda order is out for delivery” and links to a webpage supposedly allowing the recipient “to track your order and view your delivery note”. The reports also involve Morrisons, although the CTSI warned other retailers are also being targeted.
Illegal football streaming sites are absolutely riddled with dangerous malware. In fact, analysis of illegal websites used by hundreds of thousands to stream football matches worldwide has revealed fans are putting themselves at considerable risk. According to a report from cybersecurity firm Webroot, almost all (92%) illegal football streaming websites contain some form of malicious content, from malware and phishing lures to social engineering scams.
Government officials and private sector stakeholders are proposing bitcoin regulation that hampers the ability of cybercriminals to receive cryptocurrency payment for ransomware attacks.
Last night, Microsoft disclosed more than 25 critical memory allocation vulnerabilities in OT and IoT devices that could enable an attacker to bypass security controls and execute malicious code or cause a system to crash in industrial, medical, and enterprise networks.