It has been reported that the U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. According to the MAR AR19-100A advisory published on the US-CERT website, the new Trojan was detected while tracking the malicious cyber activity of the North Korean-backed hacking group HIDDEN COBRA (also known as Lazarus, Guardians of Peace, ZINC, and NICKEL ACADEMY). https://twitter.com/Stormshield_/status/1116312451174293504 Experts Comments: Satnam Narang, Senior Research Engineer at Tenable: “This is the 16th report compiled by the Department of Homeland Security (DHS) and…
ISBuzz Team
The Home Office has apologised for another data breach caused by an “administrative error” – accidentally sending an email that contained personal data of EU citizens seeking settled status in the UK. It’s reported that the sender failed to use the “blind CC” box on the email. This is the second breach reported by the Home Office this week after it apologised for wrongly sharing the email addresses of people interested in the Windrush compensation scheme. Tim Sadler, CEO at Tessian: “When using email to send communications containing personal or sensitive information, there has to be a safety net in place to protect against data breaches caused…
Legislation to restore the Federal Communications Commission’s net neutrality rules passed a big hurdle Wednesday as the House of Representatives approved the bill in a 232 to 190 vote. No Democrats voted against the bill. Representative Bill Posey of Florida was the only Republican to vote in favor of it. However, it’s far from becoming law, and faces long odds. If it fails to do so, the UK is likely to feel the results – whether they be a more competitive broadband market or a diminished internet. https://twitter.com/thehill/status/1116008964767080450 Paul Bischoff, Privacy Advocate with Comparitech.com: “The House of Representatives’ endorsement of net neutrality is an encouraging step in…
Symantec issued a report yesterday that two thirds of hotels inadvertently leak guests’ booking details and personal data to third-party sites, including advertisers and analytics companies. The study, which looked at more than 1,500 hotel websites in 54 countries that ranged from two-star to five-star properties, comes several months after Marriott International disclosed one of the worst data breaches in history. Symantec said Marriott was not included in the study. The research showed compromises usually occur when a hotel site sends confirmation emails with a link that has direct booking information. The reference code attached to the link could be shared with more than 30 different service providers,…
Flame, the nation-state-developed malware kit that targeted computers in Iran, has reemerged after going quiet when researchers exposed it back in 2012. The attackers tried to hide their tracks by scrubbing servers used to talk to infected computers. Some thought they had seen the last of the potent malware platform. Tracing early components of Flame, researchers found a new version of it that was likely used between 2014 and 2016. Flame 2.0 is “clearly built” from the original source code, but it has new measures aimed at eluding researchers. The discovery shows how good source code dies hard, and that tracking its evolution can be…
Reaching out to share 2018 breach trends research from F5 Networks which explores the relationship between business models and breach vectors. This research is part of the 2019 application protection report, which is being released in a series of short, focused research segments rather than the lengthier report of years’ past. Notable takeaways include: Phishing was the single greatest threat to applications, responsible for 21% of breaches with a known root cause. Injection for payment card skimming was responsible for about 12% of breaches, pointing to the two weakest links on the internet—people and PHP-based payment card forms. The industry profiles corresponded to…
According to new research by Comparitech.com, some websites have failed to fully secure their sign-up forms, which scammers are using as a gateway to smuggle malicious phishing links past email spam filters and into user inboxes. At present, there’s no effective method users can employ to stop these emails from bypassing email spam filter. Although spam filters do check the email content for suspicious words, phrases, and links, one of the primary triggers is the email address itself. If the email address is coming from a whitelisted site or appears fully legitimate, it’s unlikely to be stopped by a spam filter…
Yahoo has reached a revised $117.5 million (89.8 million pounds) settlement with millions of people whose email addresses and other personal information were stolen in the largest data breach in history. https://twitter.com/AmandaSueWalker/status/1115939966650126337 Expert Comments: Ilia Kolochenko, CEO at High-Tech Bridge: “On average that is 25 dollars per compromised account, an embarrassingly modest compensation for breach of your privacy and stolen personal data. However, it’s pretty widespread for class actions that usually enrich the attorneys, not the victims. Otherwise, the settlement conveys an illusory message of relatively modest penalties for negligent data protection. In 2019, even a less severe breach is capable of exposing your company…
Yesterday, the European Commission released its own guidelines calling for “trustworthy AI.” According to the EU, AI should adhere to the basic ethical principles of respect for human autonomy, prevention of harm, fairness and accountability. The guidelines include seven requirements — listed below — and call particular attention to protecting vulnerable groups, like children and people with disabilities. They also state that citizens should have full control over their data. The European Commission recommends using an assessment list when developing or deploying AI, but the guidelines aren’t meant to be — or interfere with — policy or regulation. Instead, they offer a…
It has been reported that Xiaomi browsers are still vulnerable after failed patches. Xiaomi has trouble permanently patching its browsers against a vulnerability that enables spoofing URLs in a way that is difficult to detect by users. The flaw affects the international versions of Mint Browser and Mi, the web browser that comes pre-installed on Xiaomi smartphones. It was patched and re-patched, and yet it still persists in the two products that are present on millions of devices. https://twitter.com/TheHackersNews/status/1114216403912019969 https://twitter.com/tresronours/status/1115601829486710784 Anjola Adeniyi, Technical Leader at Securonix: “This takes phishing to another level and bypasses the obvious things users rely on like URL and SSL. That…