The ICO has issued a fine to Tuckers Solicitors following a successful ransomware attack against them. The company was fined £98,000 after a data breach caused by ransomware, during which hackers accessed 24,000 court bundles containing sensitive data such as medical files and witness statements – which were then released on the dark web. The action notice shows the firm did not have MFA in place, and had unpatched software for six months leading up the breach. After gaining access to the network, the attackers were able to install tools, set up an account on the network, before deploying ransomware.
ISBuzz Team
It has been reported that firmware security company Binarly has discovered at least 13 serious vulnerabilities affecting BIOS firmware present on devices by HP and possibly other manufacturers, resulting in a total of 15 CVE identifiers. The vulnerabilities have been characterized as stack overflows, heap overflows, and corruption of memory. All of these security holes have been assigned “high severity” ratings. The flaws affect a wide range of enterprise products made by HP, including desktop, laptop, point-of-sale, and edge computing devices.
Symantec is reporting that two-thirds of the digital vaccine apps they analyzed exhibited risky behavior. Governments have been requiring people to carry so-called “digital passport apps” that store proof of a person’s COVID-19 vaccination status. The apps store a person’s full name, ID number, date of birth, and other (PII) either encoded in a QR code or displayed in the app. Symantec studied 40 vaccine passport and ten validation (scanner) apps and found that 27 of them suffered from the following security risks: Threat App count App percentage Accesses External Storage 17 43% Disables SSL CA Validation 2 …
It has been reported that cyber researchers have revealed a long-running hacking campaign that breached at least six US state governments over the past year. Chinese cyberespionage group APT41 used a vulnerability in web-based software USAHERDS to penetrate at least two of those targets. It may have hit many more, given that 18 states run USAHERDS on web servers” we also want to call out that there’s a Log4J tie here as well “when Apache Log4j was disclosed APT41 began exploiting the Log4j vulnerability almost immediately. No matter which vulnerability was being used, once inside the networks, APT41 tailored malware to…
It has been reported that a cybersecurity researcher released the details of a Linux vulnerability that allows an attacker to overwrite data in arbitrary read-only files. The vulnerability — CVE-2022-0847 — was discovered by Max Kellermann in April 2021, but it took another few months for him to figure out what was actually happening. Kellermann explained that the vulnerability affects Linux Kernel 5.8 and later versions but was fixed in Linux 5.16.11, 5.15.25 and 5.10.102.
Organisations’ current password usage and policies leaving businesses and employees vulnerable to cyberattacks Password-related attacks are on the rise. Stolen user credentials including name, email and password were the most common root cause of breaches in 2021 with several high-profile and disruptive attacks over the last two years. New data released today by Specops Software—the leading provider of password management and authentication solutions – shows that setting strong passwords might not be enough in an increasingly volatile cybersecurity landscape. In its first annual Weak Password Report, Specops analysed 800 million breached passwords, a subset of the more than 2 billion breached passwords in…
Following the news that the China-backed APT41 hacking group has compromised at least six US state governments by exploiting the Log4j vulnerability, cyber security experts commented below.
Samsung has suffered a data breach and the cybercriminals responsible are teasing the data they have stolen.
An attacker with high privileges can obtain all the ingredients for generating the password of any gMSA in the domain at any time with two steps: Retrieve several attributes from the KDS root key in the domainUse the GoldenGMSA tool to generate the password of any gMSA associated with the key, without a privileged account. Introducing the Golden GMSA Attack | Semperis Or Yair, Security Researcher at SafeBreach Labs (Breach and Attack Simulation Platforms | New Solutions (safebreach.com)) explains why GMSAs present such a threat.
A new study from cybersecurity specialists ESET reveals the UK areas that saw the highest rates of cybercrime in 2021. The study found that there has been a very small decrease in the number of cybercrimes reported in December 2021, compared to January 2021. ESET, a global leader in cybersecurity has conducted a study into the state of cybercrime in the United Kingdom, looking at which areas have seen the highest number of cybercrimes committed as well as the most common cybercrimes committed. The UK has seen a slight decrease of 2.97% in the number of cybercrimes committed in 2021.…