Following the NSA’s warning that a Russian hacker group has been exploiting a known vulnerability in Exim, please find commentary from Industry leader.
ISBuzz Team
The Experiences Per Mile Advisory Council, which unifies experts from the car, automotive and tech industry, has recently published a forecast on vehicle connectivity and the surrounding customer experience. According to the report, today 48% of all new cars globally include built-in connectivity, but by 2030 that figure will rise to 96%. Similarly, by 2030, 79% of vehicles shipped around the world will have an L2 autonomy or higher. The report also says that customer expectations are shifting from just “smart technologies” to a connected experience, including vehicle maintenance. As such, 57% of European and 80% of North American respondents are interested…
The importance of securing business-critical IT infrastructure and educating employees on the perils of logging on to unsecure Wi-Fi networks for corporate purposes is certainly nothing new. Headlines will tell us that hackers can find ways to easily breach public Wi-Fi networks and that workers using unsecured networks to access corporate assets can lead to damaging data breaches. But the issue of secured connectivity has been thrown into a fresh spotlight as millions of people continue to work from home under the current lockdown. Many businesses who have rarely or never had a working from home policy have suddenly found…
A hacker has leaked the database of Daniel’s Hosting (DH), the largest free web hosting provider for dark web services, according to ZDNet. The leaked data includes 3,671 email addresses, 7,205 account passwords, and 8,580 private keys for .onion (dark web) domains, and was obtained after the hacker breached DH in March this year. Shortly after, DH owner Daniel Winzen revealed that the hacker had breached his portal, stolen its database, and then wiped all servers. Two weeks later, DH shut down its service for good, urging users to move their sites to new dark web hosting providers. Around 7,600 websites…
Amazon’s controversial facial recognition technology has incorrectly matched more than 100 photos of politicians in the UK and US to police mugshots, a new study by Comparitech.com has revealed. This isn’t the first time the software’s accuracy has been called into question. In July 2018, the American Civil Liberties Union (ACLU) found 28 false matches between US Congress members and pictures of people arrested for a crime.
In response to reports that Valak malware has now changed to an information stealer that target Microsoft Exchange servers to steal enterprise mailing information, passwords and enterprise certificates, a cybersecurity expert offers comments.
Michigan State University is being targeted with ransomware, and the attackers in this case made the announcement. The operators of the NetWalker (Mailto) ransomware said that they’ve infected the university’s network and have given MSU administrators a week to pay an undisclosed ransom demand to decrypt their files. If MSU officials refuse to pay or choose to restore from backups, the ransomware gang is prepared to leak documents stolen from the university’s network on a special website the group is operating on the dark web. NetWalker operators have already published five images on the site to support their claims. These include two images showing…
Another twisted tale from the research team at Check Point has been published on May 28, detailing its investigation to expose the real identity of an infamous super-hacker responsible for attacks on 5,000 websites, the theft of the private data for a least a million people, and the sale of stolen credit cards. Despite the thefts, the UGNazi-affiliated hacker pushed an anti-establishment message, but he was caught after making a stupidly simple mistake on Facebook.
It was reported yesterday that U.S. officials have arrested another alleged member of the FIN7 hacking group (also known as the Carbanak Group).
It appears that banking malware ZLoader has returned to the scene. As reported by Cyware, hackers have distributed the malware as part of a coronavirus-related phishing scam and has reportedly been spotted in over 100 email campaigns since the start of this year. According to Cyware, the malware is still under active development with new variants of the code continuing to pop up too. By borrowing select functions from Zeus, the ZLoader malware has successfully stolen data from banking customers across various continents. In the past, threat actors behind ZLoader malware have set their sights on Canadian organizations. This year, though, the group seems to have changed…