dcsimg

Governments increasingly eye social media meltdown

These are trying times for social networks, with endless reports of harassment and abuse not being tackled and many users leaving platforms forever. The major sites such as Facebook and Twitter do what they can, but sheer userbase volume and erroneous automated feedback leave people cold. Bugs such as potentially sharing location data when users enable it alongside other accounts on the same phone … [Read more...]

Skimmer acts as payment service provider via rogue iframe

Criminals continue to target online stores to steal payment details from unaware customers at a rapid pace. There are many different ways to go about it, from hacking the shopping site itself, to compromising its supply-chain. A number of online merchants externalize the payment process to a payment service provider (PSP) for various reasons, including peace of mind that transactions will be … [Read more...]

Microsoft pushes patch to prevent ‘WannaCry’ level vulnerability

This month marks the two-year anniversary since the infamous WannaCry attack. As an anniversary present to the world, Microsoft has pushed out patches to secure a newly-identified Remote Desktop Protocol (RDP) vulnerability found in certain Windows operating systems. The potential damage of the newly-discovered RDP vulnerability matches the same dangers we experienced with the WannaCry … [Read more...]

WhatsApp fix goes live after targeted attack on human rights lawyer

If you use WhatsApp, you’ll want to update both app and device as soon as possible due to a freshly-discovered exploit. The vulnerability was found in Google Android, Apple iOS, and Microsoft Windows Phone builds of the app. Unlike many mobile attacks, potential victims aren’t required to install or click on anything—they may not even be aware something malicious has taken place. This attack came … [Read more...]

What is business continuity and why is it so important?

The ever-present threat of cyber crime and organisations’ increasing reliance on technology means that business disruptions are inevitable these days. Any day now, your systems could be breached or your physical premises disrupted by criminals, inattentive employees or damaged infrastructure.  When that day comes, you can’t afford to be caught … [Read more...]

Cryptojacking in the post-Coinhive era

September 2017 is widely recognized as the month in which the phenomenon that became cryptojacking began. The idea that website owners could monetize their traffic by having visitors mine for cryptocurrencies in their browser was not new, but this time around it became mainstream, thanks to an entity known as Coinhive. The mining service became a household name overnight, and quickly drew ire … [Read more...]

Mysterious database exposed personal information of 80 million US households

Word has broken of yet another massive data trove exposed for anyone to see. A research team from vpnMentor discovered an exposed 24GB database hosted on a Microsoft cloud server containing the addresses, income levels, and marital statuses of users within 80 million US households. As we’ve seen recently, many organisations aren’t taking steps to secure their customer data and every so often one … [Read more...]

Sophisticated threats plague ailing healthcare industry

The healthcare industry is no longer circling the drain, but it’s still in critical condition. While many organizations in healthcare have aimed at or made positive strides toward a more robust cybersecurity and privacy posture, they still have a long way to go. In 2018, healthcare had the highest number of breaches recorded compared to other industries. This is according to … [Read more...]

Electrum DDoS botnet reaches 152,000 infected hosts

By Jérôme Segura, Adam Thomas, and S!Ri We have been closely monitoring the situation involving the continued attacks against users of the popular Electrum Bitcoin wallet. Initially, victims were being tricked to download a fraudulent update that stole their cryptocurrencies. Later on, the threat actors launched a series of Distributed Denial of Service (DDoS) attacks in response to Electrum … [Read more...]

Wall Street Market reported to have exit scammed

Around April 20, many users reported that Wall Street Market, a broadly known dark net market, had executed an exit scam, and that any pending orders were unlikely to be completed. Scamming with enterprises involving Bitcoin is not unheard of, and dark net markets with centralized escrow are particularly vulnerable. As these markets grow in popularity and amass large amounts of transactions, … [Read more...]