In response to reports prolific phishing campaign Shop16 has expanded its operation with new attacks that target PayPal accounts, an expert from KnowBe4 offers perspective.
ISBuzz Team
Hanna Anderson, a company that offers children’s clothes online, has been the target of a Magecart attack wherein their customers’ credit card information was stolen as they were making purchases. The attack was discovered after the credit cards were found for sale on the dark web.
In a blog post, security researchers said that many mobile operators aren’t asking the difficult security questions to ensure the caller is the legitimate mobile phone user. Researchers pointed to a particular Princeton study, where researchers made around 50 attempts across five North American prepaid telecom companies to see if they could successfully port a stolen number (their own) to a SIM card. The research showed that in most cases a threat actor only needs to answer one question right when questioned by their customer service representative reset the password on the account and port the number over.
Mitsubishi Electric released a statement today confirming that the company was hit by a data breach dating back to late June last year. It’s speculated that the cyberattack is linked to a Chinese cyber-espionage group, Tick (or Bronze Butler), that is well-known for targeting Japan over the past few years. The unauthorized access was tracked to a compromised employee account. Hackers were also able swipe 200 MB of files by accessing Mitsubishi Electric’s internal systems and networks. https://twitter.com/campuscodi/status/1219205107004452866
Job performance details about more than 900 employees of a major office-space provider have been published online by accident after a staff review. Sales staff at Regus had been recorded showing researchers posing as clients around office space available to rent. Information about the employees was later published on Trello, a task-management website, and a spreadsheet with names, address and job performance data was found via Google by the Telegraph newspaper.
Over 160,000 data-breach notifications have been made to authorities in the 18 months since Europe’s new digital privacy regulation, GDPR, came into force. The number of breaches and other security incidents being reported each day continues to rise and the number of significant fines is soon to follow. https://twitter.com/Computing_News/status/1219295916471017477
In a change of policy, state elections officials will be notified by the FBI of possible cyber threats to election infrastructure. Homeland Security has also provided election officials with best practices for securing election systems.
Betting companies were inappropriately provided access to information sourced from a government database containing the records of 28 million children, reports suggest. The UK’s Department for Education (DfE) is responsible for the database, which contains the details of minors aged 14 and above at schools — both state and private — as well as colleges across the United Kingdom. The database is intended for training and educational use and the government requires users of the system that have a direct relationship with learners to make sure it is fully understood how their information may be used. According to an investigation conducted by…
In response to reports the European Commission is considering a temporary facial recognition ban in a new AI white paper, security experts commented below on this temporary ban if approved.
The number of Council devices reported lost or stolen over the three most recent Financial years has more than doubled from 304 in 2016-17, to 635 in 2018-19, according to research collated by the Parliament Street Think Tank. The data, obtained via the Freedom of Information (FOI) act, analysed results across 23 London Councils and found that 1,293 devices were lost over the three financial years. The device reported lost or stolen most often was mobile phones at 951 in total; rising from 215 in FY 2016-17 to 478 in FY 2018-19, a percentage increase of 122 per cent. Additionally,…