An updated version of the FakeSpy Android malware family is actively targeting Royal Mail app users, according to Computer Weekly. Evolving rapidly, this new version of FakeSpy is significantly more powerful than previous iterations. Researchers from Cybereason’s Nocturnus have found that the malware’s developers are coding in new evasion and obfuscation techniques, and releasing new versions on a weekly basis. Having initially targeted Android users in Japan and South Korea, the malware has now begun are exploiting the brands of postal services companies in many other countries, including France’s La Poste, Germany’s Deutsche Post, and the US Postal Service, as well as Royal…
ISBuzz Team
It is reported that a data breach broker is selling databases containing user records for 14 different companies he claimed were breached by hackers in 2020. When a company is breached, threat actors will typically download accessible databases, including account records. These databases are then sold directly to other threat actors, or the hackers utilize data breach brokers to sell them on their behalf. Over the past month, a known and reputable data breach broker has been selling numerous databases on hacker forums that they state were acquired in data breaches conducted in 2020.
BBC reported that Netwalker criminal gang have extorted $1.14m from the University of California, San Francisco. According to the BBC, it witnessed the covert negotiations over the ransom on a live chat taking place on the dark web.
In response to research findings that indicate the number of daily brute-force attacks against Windows remote desktop service has almost doubled during the pandemic lockdown, a cybersecurity expert offers perspective.
It was announced today that over one million North American students have had their data exposed after a popular online learning platform left it in a publicly accessible cloud database. Researchers claim that the Elasticsearch database belonging to provider OneClass was left completely unsecured. The trove contained over 27GB of data, amounting to 8.9 million records, including many students’ full names, email addresses, schools/universities, phone numbers, account details, and school enrollment details.
The University of California in San Francisco (UCSF) says it has paid cybercriminals $1.14 million (£1 million) to decrypt a “limited number of servers” in its School of Medicine, which were hit by ransomware this month.
According to Kaspersky ICS CERT data, a number of industrial companies are currently experiencing targeted attacks involving the Snake encryption ransomware. On June 8, 2020 issues were reported which affected the computer networks of Honda, a Japanese motorcycle and auto manufacturer, in Europe and Japan. Specifically, it was announced that Honda Customer Service and Honda Financial Services were experiencing technical difficulties. Information security experts believe that, in all likelihood, one of the company’s servers was infected with Snake (EKANS) ransomware. A sample of the Snake malware discovered by some researchers on VirusTotal checked for Honda’s domain name, “mds.honda.com” (which is probably used on the company’s internal…
Imagine this, if you will. You’ve just bought a new car, it’s the latest model with all the frills. All of these extras make parking a doddle, your emissions reduced and your journeys smoother. You use your car nearly every day from that point onwards. You ignore the engine light when it comes on and don’t get that rattling noise checked out. Now imagine that your organisation has adopted Artificial Intelligence (AI) tools but doesn’t adopt tools and procedures to care for the data. New cars and AI adoption may be miles apart, but for both to function optimally, correct…
According to researchers, eight cities across three states in the United States have fallen victim to a Magecart card skimming attack. The compromised sites appear to have been built using Click2Gov, a web-based platform used by local governments to provide services such as community engagement, issues reporting, and online payment for local governments. Residents can use the platform to pay for city services, such as utilities.