As reported by TechRadar, a new phishing scam has been uncovered by litigation specialists Griffin Law, and begins with a text message sent to self-employed workers offering a tax rebate purporting to be from HMRC. The text message informs the victim they are eligible for a tax refund and directs them to a site called https://hmrefund.com, which then leads to an impressively realistic copy of the HMRC government site. A form on the site asks for the user’s email address, postcode and HMRC log-in details. The form calculates a fake refund amount, which in a test by Griffin Law experts totalled £217.17. A noticeable error…
ISBuzz Team
The news is filled with instances where companies inadvertently leave databases exposed on the web – even sometimes for just hours before they realise the mistake has been made. Comparitech set up a honeypot to do some research to see if it left a fake database exposed, what would happen. Researcher Bob Diachenko left the data exposed from May 11, 2020 to May 22, 2020. During that time, 175 unauthorised requests were made. He broadly refers to these requests as “attacks”. The honeypot averaged 18 attacks per day and the first attack came on May 12, just 8 hours and 35 minutes after…
Cyber criminals are tailoring coronavirus-related phishing and malware attacks to make them more effective at targeting victims in certain locations around the world, even as attackers continue to distribute millions of malicious spam emails every single day. Google Cloud has detailed how the past month has seen the emergence of regional hotspots for Covid-19 related cyber attacks, with the UK, India and Brazil all seeing a rise in malware, phishing and spam campaigns looking to exploit fears over the virus.
Researchers have observed a highly-sophisticated self-cleaning and self-destructing skimmer on the popular hardware tool website Greenworks. Since the pandemic lockdown there has been an increase in people taking on homeware and gardening improvements.
In response to an FBI alert issued today that warned mobile banking app users that they will be increasingly targeted by hackers trying to steal their credentials and take over their banking accounts, cybersecurity experts offer perspective.
Babylon Health has acknowledged that its GP video appointment app has suffered a data breach. The firm was alerted to the problem after one of its users discovered he had been given access to dozens of video recordings of other patients’ consultations. A follow-up check by Babylon revealed a small number of further UK users could also see others’ sessions. The firm said it had since fixed the issue and notified regulators. Babylon allows its members to speak to a doctor, therapist or other health specialist via a smartphone video call and, when appropriate, sends an electronic prescription to a nearby pharmacy. It has more…
It has been reported that a hackers-for-hire group dubbed “Dark Basin” has targeted thousands of individuals and hundreds of institutions around the world, including advocacy groups, journalists, elected officials, lawyers, hedge funds and companies, according to the internet watchdog Citizen Lab. Researchers discovered almost 28,000 web pages created by hackers for personalised “spear phishing” attacks designed to steal passwords, according to a report published yesterday.
A hack-for-hire group, called Dark Basin, has been outed after targeting thousands of individuals and organizations worldwide – including advocacy groups and journalists, elected and senior government officials, and hedge funds — over the course of seven years. Dark Basin conducted commercial espionage on behalf of their clients, against customers’ opponents involved in high-profile public events, criminal cases, financial transactions, news stories and advocacy, according to researchers at Citizen Lab. In all, more than 10,000 victim email accounts were targeted, according to Reuters, who broke the news.
As reported by TechAdvisor, WhatsApp says it has fixed an issue that meant some users’ phone numbers were showing up unintended in Google search results. Researcher Athul Jayaram posted about the flaw on 7 June, saying “his privacy issue in the WhatsApp web portal that leaked around 29000–300000 WhatsApp user’s mobile numbers in plaintext accessible to any internet user”. This was down to the behaviour of WhatsApp’s Click to Chat feature where users can start conversations with people using a phone number but without saving the phone number in their contacts. It creates a link via which you can open a…
Honda has confirmed it has been hit with a cyber attack which has impacted some of its operations, including production systems outside of Japan. “Honda can confirm that a cyber attack has taken place on the Honda network,” a spokesperson said. “We can also confirm that there is no information breach at this point in time”. The company added: “Work is being undertaken to minimize the impact and to restore full functionality of production, sales and development activities. At this point, we see minimal business impact”. The company said it had experienced difficulties accessing servers, email and internal systems and that there was also an…