A global table of major cyber attacks has revealed that the UK is second in the world for significant cyber attacks, having faced 47 incidents from May 2006 to June 2020. The USA is first with 156 incidents since May, India is third and Germany is fourth.
ISBuzz Team
203 senior security and risk professionals reveal a missed opportunity to leverage DNS throughout the threat analysis and response cycle Infoblox Inc., the leader in Secure Cloud-Managed Network Services, commissioned Forrester Consulting, to investigate how security and risk (S&R) teams are using their DNS investments. The 203 respondents to the Accelerate Threat Resolution with DNS study reveal they most often use DNS to detect and block threats early in the kill chain, identify compromised devices, and investigate and respond to malware. The top findings as detailed in this infographic underscore DNS is an effective but under-utilised tool for threat hunting and resolution even…
Every year, cybercriminals steal approximately $40 billion from older adults (senior citizens aged 60 and over) in the United States. Cybercrime can be defined as “any criminal activity in which a computer (or networked device) is targeted and/or used.” Cybercriminals with access to an older adult person’s information via a computer, smartphone, or other networked device, can easily exploit it for nefarious intent, defined as “an act of forcing, compelling, or exerting undue influence over a vulnerable adult causing the vulnerable adult to act in a way that is inconsistent with relevant past behavior or causing the vulnerable adult to…
Derek Lee Boire, Senior member of Technical Staff at VMware Pivotal Labs, highlights how pair programming can combat decision fatigue Coding for at least eight hours a day, programmers are constantly faced with the need to make decisions. This can become exhausting. Today’s full-stack engineer could be dealing with different aspects of technology simultaneously. This could include using DevOps skills to orchestrate a continuous integration (CI) and continuous delivery (CD) pipeline, or programming in different languages, depending on the client and server technologies being used. Some may also be working in programming languages, such as object-oriented or functional programming, which…
A new email phishing scam, falsely purporting to be from leading UK supermarket Tesco, is being used to steal confidential data and payment details from consumers. The scam, which uses a fake Facebook page as well as SMS and email communication to trick UK consumers into handing over their details was uncovered by Griffin Law, a leading litigation practice. The fraud began with a fake Facebook page, entitled ‘Tesco UK’, using official branding. The page shared images purporting to be from a Tesco warehouse, displaying packed boxes of Samsung 55” Ultra High Definition televisions, which can be worth up to…
Orange, a French telecommunications company and the fourth-largest mobile operator in Europe, has confirmed it suffered a ransomware attack on July 4-5. The attack exposed the data of 20 of their enterprise customers, and it has since been leaked online via Nefilm Ransomware’s site. Specific details around how this attack occurred have not been released, but Orange has issued a statement confirming the success of the attack.
A new Android malware strain, based on the Xerxes banking Trojan, has been discovered by analysts at ThreatFabric, the mobile security firm. Dubbed BlackRock, this new threat emerged in May 2020 and works like most Android banking trojans, with the exception of targeting more apps than most of its predecessors. The trojan will steal both login credentials (username and passwords), where available, but also prompt the victim to enter payment card details if the apps support financial transactions. It comes equipped with a wide range of data theft capabilities, which allows it to target a huge 337 Android applications. ThreatFabric found…
Following the news that Russian state-sponsored hackers (a group known as “APT29” or “Cozy Bear”) targeted Covid-19 vaccine research, cybersecurity experts commented below.
An advisory published by the UK National Cyber Security Centre (NCSC) warns of activity by Russian hacking group APT29 and explicitly calls out efforts to target the US, UK, and Canadian vaccine research, according to CNN. Cyber actors from the Russian hacking group, which also goes by the name “the Dukes” or “Cozy Bear”, are targeting organisations involved in coronavirus vaccine development, according to the new warning issued today. APT29 uses a variety of tools and techniques, including spear-phishing and custom malware known as “WellMess” and “WellMail”, according to the NCSC, who have also assessed that the hacking group “almost…
It was announced today that a popular website MyCastingFile.com used to cast US talent in movies and television shows exposed the data of roughly 260,000 individuals online. Researchers discovered an open Elasticsearch server, hosted by Google Cloud, in the United States. The database was not secured via any form of authentication and in total, close to 10 million records were exposed. https://twitter.com/ZDNet/status/1283880340231278593