As reported by TechCrunch, Magecart hackers have struck again, this time targeting the NutriBullet website. Hackers broke into the blender maker’s website several times over the past two months, injected malicious credit card-skimming malware on its payment pages and siphoned off the credit card numbers and other personal data — like names, billing addresses, expiry dates and card verification values — of unsuspecting blender buyers.
ISBuzz Team
WordPress plugins pose one of the biggest threats to website security, if they are not updated and many site owners usually install themes and plugins and then forget to update them. The WordPress development team is already working on adding an auto-update mechanism to themes and plugins, a common source of website hacks.
Researchers at DomainTools recently discovered a malicious android app that claims to track COVID 19 statistics actually locks users’ phones and demands a ransom in order to restore access. The new “CovidLock” ransomware also threatens to erase victim’s contacts, photos, videos and memory, as well as leak the victim’s social media accounts if a $100 BitCoin ransom is not paid with 48 hours. Responding to the news, the security expert commented below.
In response to the latest report from the Department for Digital, Culture, Media & Sport that states 48% of UK businesses struggle to find employees with basic cyber skills, cybersecurity experts commented below.
The U.S. Health and Human Services Department suffered a cyber-attack on its computer system, aimed at undermining the response to the coronavirus pandemic.
As reported by Sky News, experts from the National Cyber Security Centre (NCSC) – a part of GCHQ – have said that a range of attacks are being conducted by cyber criminals to make money out of exploiting people’s fears over COVID-19. Bogus emails posing as communications from health authorities are being sent with links claiming to provide important updates, which when clicked instead lead to devices being infected with malware. The NCSC stated: “Individuals in the UK have been targeted by these coronavirus-themed phishing emails, with infected attachments containing fictitious ‘safety measures’.”
The not-for-profit accreditation and certification body for the technical security industry, has developed a new maturity assessment tool for Cyber Threat Intelligence (CTI) programmes. The licence-free tool will help organisations to predict, prepare for, detect and respond to potential attacks through more effective CTI programmes. The new Cyber Threat Intelligence Maturity Assessment Tool provides continuous and effective analysis of a CTI programme in terms of people, processes and technology and supports the adoption of a systematic, structured approach to intelligence gathering. Development of the CREST tool was led by the CTIPs (CREST Threat Intelligence Professionals) group with support of its…
The EU plans to become the most attractive, secure and dynamic data-agile economy in the world. The Commission’s new digital strategy includes an ambition for the EU to seize new opportunities in digitised industry and business-to-business artificial intelligence (AI) applications. However, the vital question of whether GDPR is an obstacle to the EU’s plans to become an AI hub has been scrupulously avoided by the Commission. The European Commission announced its new EU data strategy with the publication of two papers in February 2020, a white paper on AI and a communication setting out a “European strategy for data”. The…
It has been reported that Princess Cruises, the cruise liner forced to halt its global operations after two of its ships confirmed on-board outbreaks of Coronavirus, has now confirmed a data breach. The notice posted on its website, believed to have been posted in early March, said the company detected unauthorised access to a number of its email accounts over a four month period between April and July 2019, some of which contained personal information on its employees, crew, and guests. Princess said names, addresses, Social Security numbers, and government IDs — such as passport numbers and driver’s license numbers — may have been accessed,…
As research today shows the Coronavirus can survive on paper-based surfaces for up to 24hrs, fear of handling cash is tangible amongst consumers due to Coronavirus, and until the Federal Reserve and Treasury Department issue an official statement about the safety of paper currency, many consumers are moving towards mobile payment platforms. But attackers are catching on and will be looking to exploit security vulnerabilities of this potential increased adoption of mobile payment apps.