• Facebook Bug Turns on iPhone Cameras

    Facebook Bug Turns on iPhone Cameras Users of the Facebook app have complained after discovering a bug that causes their iPhone cameras to activate in the background when they use the app. Multiple people have taken to Twitter to report that using the Facebook app on their iPhone has caused the device's rear camera to switch on and run in the background.Eagle-eyed users noted that the problem seemed to occur as they looked at photos and watched videos that appeared on their newsfeed.It
  • Islamist extremism remains dominant UK terror threat, say experts

    Islamist extremism remains dominant UK terror threat, say experts
    London Bridge attack shows huge challenge remains after focus on far-right in past yearThe attack on London Bridge shows the Islamist threat remains strong in the UK, counter-terrorism and counter-extremism experts have said, warning against complacency.The murder of Jack Merritt and Saskia Jones on 29 November by Usman Khan was the first fatal Islamist terror incident in two years. Continue reading...
  • Advertisement

  • Data Leak Exposes 750K Birth Certificate Applications

    Data Leak Exposes 750K Birth Certificate ApplicationsOver 750,000 applications for US birth certificates have been found exposed online thanks to a misconfigured cloud server.UK security firm Fidus Information Security found the trove, which was left unsecured in an Amazon Web Services (AWS) bucket with no password protection.The company in question hasn’t been named because it has yet to respond to attempts by the research team to notify it of the privacy snafu. It provides a service
  • UK Government Laptop Losses Soar 400%

    UK Government Laptop Losses Soar 400%The UK’s Ministry of Justice (MoJ) has seen laptop losses soar by 400% over the past three years, according to new Freedom of Information (FOI) data.Security vendor Apricorn sent FOI requests to five government departments to better understand the extend of their risk exposure through lost or stolen devices.Of the three that responded, the MoJ appeared to show the largest increase in losses: with the number of laptops going missing rising from just 45 i
  • Advertisement

  • Pensacola Under Attack as Suspected Ransomware Strikes

    Pensacola Under Attack as Suspected Ransomware StrikesThe US city of Pensacola has become the latest municipality to suffer a suspected ransomware attack taking out local services.The north-west Florida city came under attack early on Saturday morning local time, according to local reports.“The City of Pensacola has experienced a cyber incident, and we have disconnected much of our city network until the issue can be resolved. Our IT Department is working diligently to resolve the issue,&r
  • Wipro Launches Cyber Defense Center Down Under

    Wipro Launches Cyber Defense Center Down UnderAn Indian information technology, consulting, and business process services company has opened its first of what could eventually be many cybersecurity centers in Australia.Wipro Limited announced the launch of the NextGen Cyber Defense Center on Thursday. The new state-of-the-art facility, which is located in the coastal city of Melbourne, is expected to create over 100 jobs. A Wipro spokesperson said: "With the launch of this center,
  • British Cybersecurity Firm Goes Under Owing Millions

    British Cybersecurity Firm Goes Under Owing Millions An award-winning British cybersecurity firm has gone into administration owing £3.5m to unsecured creditors.XQ Digital Resilience Limited, which traded as XQ Cyber, brought in administrators David Rubin & Partners after declaring bankruptcy in October by placing a notice in the London Gazette. The company was best known for developing CyberScore, a security testing and rating service that converts raw vulnerability data int
  • Ransomware Attack on Minnesota Health Facility

    Ransomware Attack on Minnesota Health Facility A Minnesota healthcare facility specializing in treatments for the face, teeth, mouth, and jaw has been hit by a ransomware attack.Southeastern Minnesota Oral & Maxillofacial Surgery (SEMOMS) announced the data security incident on Thursday via their website.On September 23, 2019, threat actors struck a server used by the organization. IT staff were able to intervene immediately to restore the impacted data. No mention was made as to the am
  • Vietnamese Hackers Compromised BMW and Hyundai: Report

    Vietnamese Hackers Compromised BMW and Hyundai: ReportA Vietnamese state-backed threat group has been blamed for cyber-attacks that compromised the networks of BMW and Hyundai over recent months.APT32, also known as “Ocean Lotus,” has been operational for the past few years. This spring it managed to infiltrate the network of the German car giant, installing a pen testing tool known as Cobalt Strike to remotely spy on machines, according to local reports.However, BMW’s cybersec
  • FTC: Cambridge Analytica Deceived Facebook Users

    FTC: Cambridge Analytica Deceived Facebook UsersCambridge Analytica deceived tens of millions of Facebook users by working to harvest their personal data for use in political targeting, the FTC has ruled.The regulator voted 5-0 in favor of issuing the Opinion and Final Order to the notorious consulting firm, which worked with developer Aleksandr Kogan to obtain data on as many as 87 million Facebook users.That data, harvested via an innocuous-looking app, was subsequently used to target swing vo
  • Reddit: US-UK NHS ‘Sale’ Docs Leaked by Russia

    Reddit: US-UK NHS ‘Sale’ Docs Leaked by RussiaDocuments allegedly revealing a secret post-Brexit US-UK trade deal were leaked online as part of a Russian influence campaign, Reddit has claimed.The social site said it has banned 61 accounts and one subreddit following an investigation into the origin of the documents, which had been seized on by the opposition Labour Party as proof of a deal to ‘sell’ the NHS to US companies.Those it found guilty of posting and sharing the
  • Father of London Bridge attack victim calls Johnson a fraud

    Father of London Bridge attack victim calls Johnson a fraud
    David Merritt says prime minister made political capital out of his son Jack’s deathGeneral election: Russia link to NHS documents ‘nonsense’, says Corbyn – live newsThe father of a man killed in the London Bridge attack has accused Boris Johnson of lying and making “political capital” from his son’s death during the BBC leaders’ debate.David Merritt – whose son Jack was stabbed to death by convicted terrorist Usman Khan – called the pr
  • Bernie Sanders Pledges High-Speed Internet for All

    Bernie Sanders Pledges High-Speed Internet for AllUS presidential candidate Bernie Sanders today released a plan to introduce high-speed internet to every American household if he wins the 2020 election. The High-Speed Internet for All proposal suggests giving local and state governments $150bn in grants and aid to create publicly owned broadband networks. Of this funding, $7.5bn would be ring-fenced to "expand high-speed broadband in Indian Country and fully resource the FCC
  • Real Life Director of Evil Corp Indicted for 10-Year Cybercrime Spree

    Real Life Director of Evil Corp Indicted for 10-Year Cybercrime Spree US and UK authorities have indicted the leader of a notorious cybercrime gang that stole $70m from bank accounts around the world using malware.Ukrainian-born Russian national Maksim V. Yakubets allegedly headed up an organized crime syndicate that used Bugat malware—also known as Cridex and Dridex—to drain money from the customers of just under 300 organizations in 40 different countries. He is further a
  • Thirty Britons believed to be among Isis fighters held in Syria

    Thirty Britons believed to be among Isis fighters held in Syria
    Britons among 2,000 foreign fighters being held by Kurdish forces according to Whitehall analysisThirty British men are among an estimated 2,000 foreign Isis fighters being held by Kurdish forces in jails in north-east Syria, according to the latest Whitehall analysis of the threat posed by the terror group following the death of its leader, Abu Bakr al-Baghdadi.The foreign fighters are considered the most dangerous group of all Isis fighters held in jails - totalling around 20,000, when Iraqis
  • Six Customers Affected by Ransomware Attack on CyrusOne

    Six Customers Affected by Ransomware Attack on CyrusOne One of the largest data center providers in America has become the victim of a ransomware attack.Texas company CyrusOne confirmed yesterday that an attack involving REvil (Sodinokibi) ransomware had taken place on Wednesday. Customers of the company's New York data center, located in Wappingers Falls, suffered a loss of service as a result of the incident. A CyrusOne spokesperson said: "Six of our managed service custome
  • Banking Trojans Are Top Financial Services Threat

    Banking Trojans Are Top Financial Services ThreatBanking Trojans represent the biggest potential threat to financial institutions and their customers, and are on the rise, according to new research from Blueliv.The Spanish threat intelligence firm released data from a recent Twitter poll of over 11,000 users and its newly launched report for the banking sector, Follow the Money.Nearly a third (31%) of respondents claimed banking Trojans were the biggest threat to financial services firms, follow
  • Microsoft: 44 Million User Passwords Have Been Breached

    Microsoft: 44 Million User Passwords Have Been BreachedTens of millions of Microsoft customers are using log-ins that have previously been breached, putting themselves and their organization at risk of account takeover, the computing giant has revealed.In a study running from January to March 2019, Microsoft’s threat research team checked over three billion credentials known to have been stolen by hackers, using third-party sources such as law enforcement and public databases.It found a ma
  • UK Card Fraud Losses Now Accounts for Half of Europe

    UK Card Fraud Losses Now Accounts for Half of EuropeUK card fraud now accounts for half of all losses across Europe, driven by data breaches and online scams, according to new findings from FICO.The predictive analytics firm’s newly launched interactive European Fraud Map reveals that UK card fraud losses hit a record £671 in 2018, up 19% from the previous year.The figure amounts to almost half the total €1.6 billion (£1.4bn) recorded across the 19 countries included in th
  • Corbyn criticises Johnson for politicising London Bridge attack

    Corbyn criticises Johnson for politicising London Bridge attack
    It was wrong of PM to rapidly call for tougher sentencing for terrorists, says Labour leaderJeremy Corbyn has accused the prime minister of politicising the death of London Bridge terror attack victim Jack Merritt by talking too soon about tougher sentencing for terrorists.The Labour leader, who revealed he spoke to Merritt’s father, Dave, in the days after the student was killed, criticised Johnson for making a glut of statements about strengthening the law in the immediate aftermath of t
  • US Family Loses Life Savings in Money Mule Email Scam

    US Family Loses Life Savings in Money Mule Email Scam The Federal Bureau of Investigation has issued a warning after a family from Oregon lost their life savings in a business email compromise scam involving money mules.Aaron Cole and his wife decided to move into a bigger house after welcoming two children into their family. The couple sold their existing home, and the title company told them they would be in touch soon with instructions for making the down payment on their new house.
  • Data Breach at Nebraska Medicine an Inside Job

    Data Breach at Nebraska Medicine an Inside JobNebraska Medicine has suffered a data breach after an employee accessed patients' medical records for almost three months without authorization or even the thinnest sliver of a legitimate reason. A routine audit of the medical record system conducted in October of this year revealed the gross violation of patient privacy, which occurred over the summer of 2019. The employee took their first digital stroll through patients' records on July 1
  • Vulnerabilities Discovered in VPN Used by NASA

    Vulnerabilities Discovered in VPN Used by NASAA virtual private network (VPN) used by NASA, Shell, and BT has been found to have multiple vulnerabilities. Weaknesses in the Aviatrix VPN were detected by Immersive Labs researcher and content engineer Alex Seymour on October 7, 2019. The multiple local privilege escalation vulnerabilities Seymour discovered would have allowed an attacker who already had access to a machine to escalate privileges and achieve anything they wanted
  • Lib Dems, Labour and SNP 'Ahead' on Election Security

    Lib Dems, Labour and SNP 'Ahead' on Election SecuritySecurity researchers are warning UK voters to be on their guard after revealing that most of the country’s political parties still don’t have best practice email security measures in place to mitigate fraud risks.RedSift analyzed the UK’s main 13 political parties ahead of a tense General Election on December 12, in which the direction of the country could finally be decided after three years of Brexit-related uncertainty.It
  • China’s Great Cannon Fires on Hong Kong Protesters

    China’s Great Cannon Fires on Hong Kong ProtestersA Chinese government-backed DDoS operation has been resurrected to disrupt pro-democracy supporters in Hong Kong, according to AT&T Cybersecurity.The firm revealed in a new blog post yesterday that it spotted activity from the so-called “Great Cannon” starting on August 31, with the most recent DDoS attempts coming on November 25.Specifically, it was observed trying to take offline the LIHKG website, which is used by Hong Ko
  • #BHEU: Mental Health and Depression Websites Share Details in Plain Text

    #BHEU: Mental Health and Depression Websites Share Details in Plain TextRevealing research around web and cookie security at Black Hat Europe in London, Eliot Bendinelli, technologist at Privacy International and Frederike Kaltheuner, formerly of Privacy International and now tech policy fellow at Mozilla, described how a number of websites offering “tests” on mental health and depression shared results with third parties.Kaltheuner said that this sort of tracking is &
  • UK Fashion Store Sweaty Betty Suffers Magecart Heist

    UK Fashion Store Sweaty Betty Suffers Magecart HeistBritish e-commerce store Sweaty Betty has become the latest victim of a digital skimming attack after customers unwittingly had their card data stolen over the period of a week.In an email sent to customers, the women’s fashion retailer confirmed that “a third party gained unauthorized access to part of our website and inserted malicious code designed to capture information entered during the checkout process.”Customers placin
  • We must continue Jack and Saskia’s progressive work with prisoners | Letters

    We must continue Jack and Saskia’s progressive work with prisoners | Letters
    Guardian readers respond to Dave Merritt’s tribute to his son Jack, who, along with Saskia Jones, died on Friday at London BridgeI am in awe of the courage that it must have taken for Jack Merritt’s father to write his tribute to his brave, intelligent, beautiful son (Jack would be livid his death has been used to further an agenda of hate, 3 December). I agree with every word and suspect that the same themes could be applied to Saskia.We must all do everything we can to stop our cou
  • Festive Virtual Hacker Conference Returns

    Festive Virtual Hacker Conference Returns A free holiday-themed cybersecurity conference set in a virtual North Pole is scheduled to take place for the second year running. KringleCon 2019 invites hackers and cybersecurity professionals from across the globe to hear expert speakers, watch educational demos, share tips, and test their skills in a cyber-battle. The conference, which will begin next week, was created by global cybersecurity training and certification provider SANS In
  • Jamaica to Create a National Cybersecurity Policy in 2020

    Jamaica to Create a National Cybersecurity Policy in 2020Jamaica has announced plans to develop a national cybersecurity policy in 2020.According to the Jamaica Observer, the plan to create a strategy to protect the island country's citizens from cybercrime was announced by Jamaica's minister of national security, Dr. Horace Chang, yesterday. Speaking at a Cybersecurity and Cybercrime Workshop for Latin America and the Caribbean at the Hilton Resort and Spa in St. James, Chang said tha

Follow @Security_UKnws on Twitter!