As reported by BBC News, the UK has confirmed plans for an app that will warn users if they have recently been in close proximity to someone suspected to be infected with the coronavirus. NHSX – the health service’s digital innovation unit – will test a pre-release version of the software with families at a secure location in the North of England next week. At present, the idea is that people who have self-diagnosed as having coronavirus will be able to declare their status in the app. The software will then send the equivalent of a yellow alert to any other…
ISBuzz Team
Check Point’s researchers highlight Yahoo! as most imitated brand for email-based phishing, and Netflix as the most imitated for mobile-based phishing attempts Check Point Research has published its new Brand Phishing Report for Q1 2020, highlighting the brands which were most frequently imitated by criminals in attempts to steal individuals’ personal information or payment credentials during Q1. Apple was the brand most frequently imitated brand used by cybercriminals, up from seventh place in Q4 2019. 10% of all brand phishing attempts related to Apple (up from 2% in Q4 2019), as bad actors sought to capitalize on its powerful brand…
It has been reported that security researchers have uncovered multiple XSS vulnerabilities in TAO, an open source assessment platform. Researchers discovered the ‘medium’ severity vulnerabilities after examining the community edition of TAO, an employee training and assessment tool.
According to reports, phishing scammers have started to impersonate President Trump and Vice President Mike Pence in emails that distribute malware or perform extortion scams. In phishing emails discovered by email security firm Inky, threat actors try to impersonate the White House who is sending out Coronavirus guidelines on behalf of President Trump. These emails state they are the latest “Coronavirus Guidelines for America” and prompt the recipient to click on a link to download a document. When the user clicks on the link they will be brought to a web page that impersonates the White house and contains a…
In response to a recent vpnMentor report that revealed RigUp experienced a data breach compromising more than 70,000 private files belonging to its US energy sector clients, a cybersecurity expert offers perspective.
Phishing scammers have started to impersonate President Trump and Vice President Mike Pence in emails that distribute malware or perform extortion scams. In phishing emails discovered by an email security firm called Inky, threat actors try to impersonate the White House who is sending out Coronavirus guidelines on behalf of President Trump. These emails state they are the latest “Coronavirus Guidelines for America” and prompt the recipient to click on a link to download a document. https://twitter.com/IT_securitynews/status/1248311633518133251
To avoid exposing their stores to Magecart attacks and to remain PCI compliant, Visa is urging merchants to migrate their online stores to Magento 2.x before the Magento 1.x e-commerce platform reaches end-of-life (EoL) in June 2020. https://twitter.com/johnmorganFL/status/1248300162935644160
It has been reported that, led by Noam Rotem and Ran Locar, vpnMentor’s research team recently discovered a breached database belonging to American software company RigUp, containing more than 70,000 private files belonging to its US energy sector clients. RigUp, founded in 2014, is a labor marketplace and services provider built for the US energy sector, with clients across the country. According to the report, since 2014, RigUp has grown to provide additional services covering many aspects of energy company operations and is now considered the largest online marketplace and labor provider in the US energy sector, and in 2019…
Dark Reading recently wrote about cybercriminals increasingly relying on SSL certificates to lull people into a false sense of security when clicking malicious links. The assumption that HTTPS links and the accompanying lock icon protect employees from an attack can threaten businesses without sufficient SSL inspection. Nearly 52% of the top 1 million websites were available over HTTPS in 2019, Menlo Security researchers report. Nearly all (96.7%) user-initiated online visits are served over HTTPS; however, only 57.7% of URLs in emails are HTTPS links. This means a web proxy or next-gen firewall — which many businesses have long relied on…
The BBC and Twitter moved quickly yesterday to remove a fake account impersonating the corporation’s Breaking News Twitter page, but not before it had managed to spread an untrue story about the health of UK Prime Minister Boris Johnson. The fake post was picked up by a prominent TV channel in Pakistan, which is aired for a short while as a news flash. It subsequently aired an apology after realizing its error.