It has been announced that Nato is assessing the impact of a data breach of classified military documents being sold by a hacker group online.
ISBuzz Team
Microsoft-owned LinkedIn is being used by hackers to spread data stealing malware via sending connection requests in disguise of people working with reputed companies, a report showed on Tuesday. Researchers found that scammers are exploiting LinkedIn’s chat and job posting features to share links/files that are laced with stealer malware. Since most LinkedIn users accept any and all connection requests they receive, scammers can easily make connections and build credibility on the platform. After building credibility, the actors share malicious files and links, which are then opened by unsuspecting victims. Once opened, a stealer malware is deployed on the victim’s…
New findings from Venafi 64% of Businesses Suspect They’ve Been Targeted or Impacted by Nation-State Attacks. Among key findings: 82% believe geopolitics and cybersecurity are intrinsically linked77% believe we’re in a perpetual state of cyberwarMore than two-thirds (68%) have had more conversations with their board and senior management in response to the Russia/Ukraine conflict63% doubt they’d ever know if their organization was hacked by a nation-state66% of organizations have changed their cybersecurity strategy as a direct response to the conflict between Russia and Ukraine64% suspect their organization has been either directly targeted or impacted by a nation-state cyberattack. The survey…
According IT Pro, a new business email compromise (BEC) campaign has been targeting Microsoft 365 organizations in a bid to hack corporate executives’ accounts and maliciously divert business payments. Researchers from cyber security firm Mitiga found that the hackers are leveraging inherent weaknesses in 365’s multi-factor authentication (MFA), Microsoft Authenticator, as well as Microsoft 365 Identity Protection. The attacks combine spear-phishing tactics with man-in-the-middle methods to compromise email accounts. The attackers essentially hijack business transactions by sending an email from the account to its intended recipient with a request to change the receiving bank account, according to Mitiga research. These emails trick the recipient…
One of the world’s leading password managers with 25 million users, LastPass, has confirmed that it has been hacked. While it’s good news that customer data was not compromised in this latest incident, the fact that the intruder accessed source code and ‘proprietary technical information’ is worrying.
According to NottinghamshireLive, Jet2 has taken to social media to warn all UK customers about what appears to be a series of scams, one of which relates to Covid testing. Some destinations still require travellers from the UK to take PCR or lateral flow tests ahead of and/or after arrival. These usually have to be paid for separately, with a number of providers offering testing kits. However, Jet2 has said it does not “arrange PCR tests or Fit to Fly documents” and urged passengers: “please do not respond to requests for this”. Other warnings related to bank account details, telephone…
A Plex data breach has exposed usernames, email addresses, and encrypted passwords. As Troy Hunt, Microsoft Regional Director, said on Twitter “Aw crap, I’m pwned in a @plex data breach. Again. I can’t do anything to *not* be in a breach like this (short of not using the service)” The scale of the security failure is not yet known, but the company is requiring all users to change their passwords and to turn on two factor authentication. Plex is one of the largest media server apps available, used by around 20 million people to stream video, audio and photos they…
The cosmetics retailer Sephora agreed to pay $1.2 million in penalties to California for allegedly failing to comply with the state’s consumer privacy law. More on the story here: https://www.wsj.com/articles/sephora-agrees-to-1-2-million-settlement-of-data-privacy-charges-11661372755
Please see comment below by security experts and industry leaders, on the Quantum ransomware that hit the Dominican Republic’s Instituto Agrario Dominicano.
Facebook is reportedly down for users across the globe. Several users from across the world are complaining about the biggest social media platform showing weird posts from celebrities.