The Financial Conduct Authority (FCA) was targeted by nearly a quarter of a million (238,711) malicious and unsolicited emails over the final three months of 2020, averaging around 80,000 email attacks per month. This is according to official figures obtained by the Freedom of Information (FOI) act and analysed by Griffin Law, a leading litigation firm. In the FCA’s response to an FOI request, they provided a breakdown of all email’s blocked by their system from the October to December 2020. A whopping 99 per cent of all blocked emails were defined as ‘spam’, which includes everything from unsolicited marketing…
ISBuzz Team
Instagram has disabled number of accounts which were stolen as part of online hacking operations designed to sell rare and coveted usernames. The cybersecurity expert and journalist Brian Krebs also reported that both Tiktok and Twitter also took action in relation to these accounts. The main technique used for hacking these accounts is SIM swapping, which is when a user gains control of someone’s phone number and uses it to reset passwords of victim’s social media accounts.
It has been reported that major vulnerabilities have been discovered in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take complete control of a device’s wireless communications. The six flaws were reported by researchers from Israeli IoT security firm Vdoo. The Realtek RTL8195A module is a standalone, low-power-consumption Wi-Fi hardware module targeted at embedded devices used in several industries such as agriculture, smart home, healthcare, gaming, and automotive sectors. It also makes use of an “Ameba” API, allowing developers to communicate with the device via Wi-Fi, HTTP, and MQTT, a lightweight messaging protocol for…
French cyber-security firm Stormshield, a major provider of security services and network security devices to the French government is breached by a threat actor who believed to stole information on some of its clients as reported by the company. In addition, the company also reported that the attacker stole the parts of the source code of its firewall Stormshield Network Security (SNS) used in sensitive networks within the French government. The company is now investigating the incident with French cyber-security agency ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information), which is currently assessing the breach’s impact on government systems.…
A recently discovered heap-based buffer overflow vulnerability in Linux SUDO also impacts the latest version of Apple macOS Big Sur, with no patch available yet. This bug will allow the standard users to execute applications with root privileges. This vulnerability is patched on Linux platform but no fix is yet available for macOS.
The Florida Healthy Kids Corporation (FHKC), a US provider of children’s health insurance, data breach which exposed the addresses of several thousands of who applied for or renewed insurance coverage online via FHKC between November 2013 and December 2020.
Marking the first large scale ransomware operation of 2021, Babyk, the group behind Babyk Ransom Locker software, recently launched a data leak site—an online forum where hackers post and publicize data stolen from their victims. Please find the comments from Denis Legazo, senior security researcher at Kaspersky, below. In it he discusses why Babyk may seek to utilise an online leak site and why they may refer to a “Hackers Code”.
VMware Carbon Black released their new research, “The State of Healthcare Cybersecurity”, that paints a holistic view of the threats healthcare organisations face and should be prepared for in 2021. Of note, researchers found that there were 239.4 million attempted attacks targeting its healthcare customers alone in 2020. This unprecedented rate in attacks speaks to the value of information these organizations are harbouring and how cyber criminals will not stop at anything to acquire it. VMware Carbon Black was also able to identify the top five ransomware families plaguing the healthcare industry including: Cerber: 58% — Cerber ransomware is a type of…
It was recently reported that the National Finance Center, a federal payroll agency inside the U.S. Department of Agriculture, was among organisations affected by the SolarWinds bug, fearing the date of government employees may have leaked. This exploitation is believed to be from Chinese group which is separate to the incident where United States balmed Russia for SolarWinds compromised
Thursday 4th February 2021 marks 30 years since the Michelangelo computer virus was discovered. It was a significant event in cybersecurity history because no virus before it had prompted the public to think about security like Michelangelo did. Michelangelo was a variant of a ‘boot sector’ virus, malware that modified the bootup process of computers at that time. It spread via floppy disk and was aptly named Michelangelo because the virus lay dormant on infected machines until March 6th, 1992, which happened to be the famous painter Michelangelo’s birthday when it could damage systems and data.