A global takedown operation has disrupted Emotet, a prolific form of malware active in 2020. Cybersecurity experts commented below on the takedown of Emotet and will it reappear in the future.
Author: ISBuzz Team
As you may have seen the debate about whether or not companies should pay ransoms to cyber criminals has taken a new turn after it was suggested insurers were “funding organised crime” by accepting ransomware claims. Ciaran Martin, who ran the National Cyber Security Centre until last August, stated “I see this as so avoidable. At the moment, companies have incentives to pay ransoms to make sure this all goes away. You have to look seriously about changing the law on insurance and banning these payments, or at the very least, having a major consultation with the industry”. The Association…
Apple released the statement at its security update pages for iOS and iPadOS 14.4 that the there bugs affecting iPhones and iPads “may have been actively exploited.” and the new iOS 14.4 is released to fix these bugs.Apple didn’t provide the details on these attacks and it is unknown who is actively exploiting these vulnerabilities. Apple granted anonymity to the individual who submitted the bug, the advisory said.
A database of phone numbers belonging to Facebook users is being sold on a cybercriminal forum, with customers looking up numbers using a Telegram bot. One person advertising the phone numbers says it contains data on nearly 500 million users, although the information is several years old. In 2019, a security researcher found 419 million records on an unsecured server, meaning no password was needed to access them. A total of 18 million were from users in the UK, while around 133 million were from American accounts.
Fraud has reached epidemic levels in the UK and should be seen as a national security issue, according to think tank the Royal United Services Institute (RUSI).
In response to the recent Google discovery of a state-backed hacking campaign by North Korea targeting security researchers engaging in vulnerability research, cyber security experts commented below.
It is being reported by the users on the Twitter that they have received phishing emails claiming to be from the UK’s National Health Services (NHS) offering them to sing-up to receive the COVID-19 vaccine. At the sign-up process, it will prompt the users to provide the sensitive information such as name, adddress, credit card and banking information. The cyber security experts commented below on the danger of phisphing emails especially when the threat actor is using sensitive issue such as COVID-19 to trick the recipients to provide the personal information.
The leading crane and lifting manufacturer Palfinger has been targeted in an ongoing cyberattack that disrupted IT systems and business operations. Palfinger is a leading maker of crane and lifting solutions with headoffice in Austria with over employees in over 35 locations generating €1.75 billion in revenue for 2019. At this time, the extent and consequence of the cyberattack are not known.
Coming off of gaming’s biggest year to date, cybercriminals have taken notice of the industry’s great success and are increasingly targeting gamers looking to make money by compromising user accounts and launching attacks. More users means more opportunities to steal information – and timely new data from Webroot’s Threat Research team uncovered a 250% jump in Steam mentions on phishing sites between November and December 2020. Furthermore, impacted by another wave of COVID lockdowns and holiday gift-giving, Steam-related phishing attacks are only increasing, with a nearly 400% jump in phishing sites mentioning Steam in January 2021, when compared to November…
Australia’s securities regulator said on Monday there was a cybersecurity breach at a server it used to transfer files including credit license applications where some information may have been viewed. The Australian Securities and Investment Commission (ASIC) acknowledged the incident and investigation is still going on. It is believed that only limited information is seen by the threat actor.
