ISBuzz Team

Some well-known websites could stop functioning properly on Wednesday, 4 March, after a bug was found in the digital certificates used to secure them, the BBC reported last night.The organisation that issues the certificates revealed that three million need to be immediately revoked. Visitors to affected sites will be greeted with an alert warning them the site is insecure. One expert said the issue could result in a “loss of trust”. In a notification email to its clients, the organisation said: “We recently discovered a bug in the Let’s Encrypt certificate authority code. “Unfortunately, this means we need to revoke the certificates that…

In response to reports that indicate more than half of attacks last year leveraged fileless or “malware-free” techniques, as hackers turn to stolen credentials in their efforts to breach corporate networks, experts from two cybersecurity firms offer perspective. Full report for more details: https://www.zdnet.com/article/malware-free-attacks-now-most-popular-tactic-amongst-cybercriminals/

Forbes published an article earlier today regarding an app called CleanMaster, a security tool promising anti-virus and private browsing. It had more than 1 billion installs before it was evicted and, despite Google’s ban, is one of Android’s most downloaded apps ever devices and is likely still running on millions of phones. Whilst Google hasn’t commented on what it knew about the app, created by China’s Cheetah Mobile, Forbes has learned a security company provided the tech giant with evidence the tool was collecting all manner of private web use data. https://twitter.com/drmuhammadmalik/status/1235080533287157760

Mass scanning activity of Apache Tomcat servers that have not been patched from the Ghostcat vulnerability has been detected.

In response to the news from Law Sites that disclosed legal services giant Epiq Global has gone offline after a ransomware attack affected all of its office locations, a cybersecurity expert offers perspective. https://twitter.com/CrossKeycybers1/status/1234882042921472001

It has been reported that the UK Home Office has breached European data protection regulations at least 100 times in its handling of the EU Settlement Scheme (EUSS). IDs have been lost, documents misplaced, passports have gone missing, and applicant information has been disclosed to third parties without permission in some of the cases, according to a new report.

According to MoneySavingExpert, customers of credit history-building tool Loqbox have had personal and financial data compromised after the firm was hit by a “sophisticated and complex” cyber attack.  Loqbox has announced that it’s been hit by a cyber attack, in which hackers accessed both customers’ personal data – such as addresses and phone numbers – and, in some cases, their payment information. It insists that all funds that customers have paid in are secure and have not been affected by the hack. It says customers can carry on logging into their Loqbox accounts in the usual way. Loqbox says it discovered…

It has been reported that an American manufacturer which works with SpaceX and Tesla is being extorted by cyber criminals who are leaking documents relating to these companies. The cyber crime group known as DoppelPaymer has already leaked non-disclosure agreements signed between Visser Precision and the Elon Musk-led companies SpaceX and Tesla. More documents stolen from Visser’s network will be released unless the Denver-based firm pays a ransom, the criminals have claimed.

The National Cyber Security Centre is advising people to tweak default settings of connected devices to protect users against hackers.

Walgreens disclosed a data leak in its mobile app, specifically in the messaging service, that consequently revealed users’ personal information such as first and last names, prescription names and numbers and shipping addresses. Given that the Walgreens Android app has over 10 million downloads and the pharmacy refilled nearly 1.2 billion prescriptions in 2019, this is a considerable security issue. https://twitter.com/GovernanceGuru/status/1234596596987416576