Trustwave researchers have discovered massive databases with detailed information about U.S. voters and consumers offered for sale on several hacker forums, which include their political affiliation. The sellers of the U.S. voter database claim that it includes 186 million records, and if that is correct, that means it includes information about nearly all voters in the U.S. The information found in the voter database can be used to conduct effective social engineering scams and spread disinformation to potentially impact the elections, particularly in swing states. Trustwave Report: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/massive-us-voters-and-consumers-databases-circulate-among-hackers/
ISBuzz Team
Nando’s customers say they’ve been left hundreds of pounds out of pocket after falling victim to a cyber-attack. Fans of the popular restaurant chain say their accounts – including usernames and passwords – have been compromised and used to place incredibly high orders. Single mum-of-three Sandy Warden said her daughter, Mia, lost £114.50 after her account was accessed by criminals. The 18-year-old from Hertfordshire said she used her bank details a week before to place an order online via a QR code in her local branch. Mia was at home on September 21 when she received an email from Nando’s…
In response to statements by John Ratcliffe, the Director of National Intelligence, and Christopher A. Wray, the F.B.I. Director, that Iran and Russia have both obtained American voter registration data and are attempting to influence the presidential election, an expert with cybersecurity strategy offers perspective.
The Trump administration on Friday sanctioned a Russian government research institution it said was responsible for cyberattacks on the critical infrastructure of U.S. allies in the Middle East, the latest in a flurry of warnings this week about threats posed by Russian hackers. The Treasury Department blamed Russia for deploying a powerful malware known as Triton against industrial control systems that plants and factories use to initiate emergency shutdown procedures.
Internet service providers are seeing a spike in Voice-over Internet Protocol (VoIP) usage driven by the increased adoption of working from home during the COVID-19 pandemic. This has been reported by many companies in the space including Comcast, which has said that VoIP and video conferencing usage is up 210-285 percent since the start of the pandemic. With this in mind, it’s important to remember that whether VoIP systems are maintained internally or outsourced to a third-party vendor, they remain an extension of organizations’ attack surface that can fall victim to attackers. VoIP systems are vulnerable to many threats including denial-of-service,…
It has been reported that Global pharmaceutical giant Pfizer Inc. has suffered a data breach with patient information found exposed on unsecured cloud storage. Discovered and publicised yesterday, the exposed data was found on a misconfigured Google Cloud storage bucket. The data included hundreds of conversations between Pfizer’s automated customer support software and people using its prescription pharmaceutical drugs including Lyrica, Chantix, Viagra and cancer treatments Ibrance and Aromasin. Along with confidential medical information, the transcripts included full names, home addresses and email addresses, all of which could be used by hackers to target patients with highly effective phishing campaigns.
Global pharmaceutical company Pfizer exposed the personal information of hundreds of prescription drug users in the US by failing to secure a Google Cloud Storage bucket, according to teiss. This misconfigured bucket, discovered by security researchers at vpnMentor, stored conversations between Pfizer’s automated customer support software and its customers. According to the researchers, most likely belonged to Pfizer’s US Drug Safety Unit (DSU) and contained transcripts between users of various Pfizer drugs and the company’s interactive voice response (IVR) customer support software.
The US National Security Agency has published today an in-depth report detailing the top 25 vulnerabilities that are currently being consistently scanned, targeted, and exploited by Chinese state-sponsored hacking groups.
On Tuesday, an unknown number of Democratic voters in four states were targeted with a threatening email urging them to “vote for Trump or else!”, stating that “we will come after you” if they didn’t. While these emails appeared to have come from a violent, neo-fascist group known as the Proud Boys, the group said they had nothing to do with the matter. Based on a U.S. government statement, Iran is responsible for the activity and group impersonation.
As reported by , the US Army said Wednesday that the official Twitter account of its Fort Bragg base had been hacked, after the account posted several lewd messages. The now-removed replies were responses to a lewd message and naked picture posted by another Twitter account featuring pornographic content. “This afternoon the Fort Bragg Twitter account was hacked and a string of inappropriate tweets were posted to the account,” one of the Army units housed at Fort Bragg tweeted. Fort Bragg, North Carolina, is one of the Army’s largest bases, housing more than 50,000 military personnel. “When made aware, the Fort Bragg…