• Holiday Shopping on Company Devices a Worry for Executives

    Holiday Shopping on Company Devices a Worry for ExecutivesNew research published today by Zix-AppRiver has revealed that 61% of US executives feel powerless to stop employees holiday shopping on company devices, despite knowing that the practice poses a cybersecurity threat to the business.Researchers asked 1,049 cybersecurity decision-makers within American SMBs across a diverse range of industry sectors about the holiday shopping habits of their employees. According to
  • Father of London Bridge attack victim calls Johnson a fraud

    Father of London Bridge attack victim calls Johnson a fraud
    David Merritt says prime minister made political capital out of his son Jack’s deathGeneral election: Russia link to NHS documents ‘nonsense’, says Corbyn – live newsThe father of a man killed in the London Bridge attack has accused Boris Johnson of lying and making “political capital” from his son’s death during the BBC leaders’ debate.David Merritt – whose son Jack was stabbed to death by convicted terrorist Usman Khan – called the pr
  • Bernie Sanders Pledges High-Speed Internet for All

    Bernie Sanders Pledges High-Speed Internet for AllUS presidential candidate Bernie Sanders today released a plan to introduce high-speed internet to every American household if he wins the 2020 election. The High-Speed Internet for All proposal suggests giving local and state governments $150bn in grants and aid to create publicly owned broadband networks. Of this funding, $7.5bn would be ring-fenced to "expand high-speed broadband in Indian Country and fully resource the FCC
  • Real Life Director of Evil Corp Indicted for 10-Year Cybercrime Spree

    Real Life Director of Evil Corp Indicted for 10-Year Cybercrime Spree US and UK authorities have indicted the leader of a notorious cybercrime gang that stole $70m from bank accounts around the world using malware.Ukrainian-born Russian national Maksim V. Yakubets allegedly headed up an organized crime syndicate that used Bugat malware—also known as Cridex and Dridex—to drain money from the customers of just under 300 organizations in 40 different countries. He is further a
  • Advertisement

  • Thirty Britons believed to be among Isis fighters held in Syria

    Thirty Britons believed to be among Isis fighters held in Syria
    Britons among 2,000 foreign fighters being held by Kurdish forces according to Whitehall analysisThirty British men are among an estimated 2,000 foreign Isis fighters being held by Kurdish forces in jails in north-east Syria, according to the latest Whitehall analysis of the threat posed by the terror group following the death of its leader, Abu Bakr al-Baghdadi.The foreign fighters are considered the most dangerous group of all Isis fighters held in jails - totalling around 20,000, when Iraqis
  • Six Customers Affected by Ransomware Attack on CyrusOne

    Six Customers Affected by Ransomware Attack on CyrusOne One of the largest data center providers in America has become the victim of a ransomware attack.Texas company CyrusOne confirmed yesterday that an attack involving REvil (Sodinokibi) ransomware had taken place on Wednesday. Customers of the company's New York data center, located in Wappingers Falls, suffered a loss of service as a result of the incident. A CyrusOne spokesperson said: "Six of our managed service custome
  • Banking Trojans Are Top Financial Services Threat

    Banking Trojans Are Top Financial Services ThreatBanking Trojans represent the biggest potential threat to financial institutions and their customers, and are on the rise, according to new research from Blueliv.The Spanish threat intelligence firm released data from a recent Twitter poll of over 11,000 users and its newly launched report for the banking sector, Follow the Money.Nearly a third (31%) of respondents claimed banking Trojans were the biggest threat to financial services firms, follow
  • Microsoft: 44 Million User Passwords Have Been Breached

    Microsoft: 44 Million User Passwords Have Been BreachedTens of millions of Microsoft customers are using log-ins that have previously been breached, putting themselves and their organization at risk of account takeover, the computing giant has revealed.In a study running from January to March 2019, Microsoft’s threat research team checked over three billion credentials known to have been stolen by hackers, using third-party sources such as law enforcement and public databases.It found a ma
  • Advertisement

  • UK Card Fraud Losses Now Accounts for Half of Europe

    UK Card Fraud Losses Now Accounts for Half of EuropeUK card fraud now accounts for half of all losses across Europe, driven by data breaches and online scams, according to new findings from FICO.The predictive analytics firm’s newly launched interactive European Fraud Map reveals that UK card fraud losses hit a record £671 in 2018, up 19% from the previous year.The figure amounts to almost half the total €1.6 billion (£1.4bn) recorded across the 19 countries included in th
  • Corbyn criticises Johnson for politicising London Bridge attack

    Corbyn criticises Johnson for politicising London Bridge attack
    It was wrong of PM to rapidly call for tougher sentencing for terrorists, says Labour leaderJeremy Corbyn has accused the prime minister of politicising the death of London Bridge terror attack victim Jack Merritt by talking too soon about tougher sentencing for terrorists.The Labour leader, who revealed he spoke to Merritt’s father, Dave, in the days after the student was killed, criticised Johnson for making a glut of statements about strengthening the law in the immediate aftermath of t
  • US Family Loses Life Savings in Money Mule Email Scam

    US Family Loses Life Savings in Money Mule Email Scam The Federal Bureau of Investigation has issued a warning after a family from Oregon lost their life savings in a business email compromise scam involving money mules.Aaron Cole and his wife decided to move into a bigger house after welcoming two children into their family. The couple sold their existing home, and the title company told them they would be in touch soon with instructions for making the down payment on their new house.
  • Data Breach at Nebraska Medicine an Inside Job

    Data Breach at Nebraska Medicine an Inside JobNebraska Medicine has suffered a data breach after an employee accessed patients' medical records for almost three months without authorization or even the thinnest sliver of a legitimate reason. A routine audit of the medical record system conducted in October of this year revealed the gross violation of patient privacy, which occurred over the summer of 2019. The employee took their first digital stroll through patients' records on July 1
  • Vulnerabilities Discovered in VPN Used by NASA

    Vulnerabilities Discovered in VPN Used by NASAA virtual private network (VPN) used by NASA, Shell, and BT has been found to have multiple vulnerabilities. Weaknesses in the Aviatrix VPN were detected by Immersive Labs researcher and content engineer Alex Seymour on October 7, 2019. The multiple local privilege escalation vulnerabilities Seymour discovered would have allowed an attacker who already had access to a machine to escalate privileges and achieve anything they wanted
  • Lib Dems, Labour and SNP 'Ahead' on Election Security

    Lib Dems, Labour and SNP 'Ahead' on Election SecuritySecurity researchers are warning UK voters to be on their guard after revealing that most of the country’s political parties still don’t have best practice email security measures in place to mitigate fraud risks.RedSift analyzed the UK’s main 13 political parties ahead of a tense General Election on December 12, in which the direction of the country could finally be decided after three years of Brexit-related uncertainty.It
  • China’s Great Cannon Fires on Hong Kong Protesters

    China’s Great Cannon Fires on Hong Kong ProtestersA Chinese government-backed DDoS operation has been resurrected to disrupt pro-democracy supporters in Hong Kong, according to AT&T Cybersecurity.The firm revealed in a new blog post yesterday that it spotted activity from the so-called “Great Cannon” starting on August 31, with the most recent DDoS attempts coming on November 25.Specifically, it was observed trying to take offline the LIHKG website, which is used by Hong Ko
  • #BHEU: Mental Health and Depression Websites Share Details in Plain Text

    #BHEU: Mental Health and Depression Websites Share Details in Plain TextRevealing research around web and cookie security at Black Hat Europe in London, Eliot Bendinelli, technologist at Privacy International and Frederike Kaltheuner, formerly of Privacy International and now tech policy fellow at Mozilla, described how a number of websites offering “tests” on mental health and depression shared results with third parties.Kaltheuner said that this sort of tracking is &
  • UK Fashion Store Sweaty Betty Suffers Magecart Heist

    UK Fashion Store Sweaty Betty Suffers Magecart HeistBritish e-commerce store Sweaty Betty has become the latest victim of a digital skimming attack after customers unwittingly had their card data stolen over the period of a week.In an email sent to customers, the women’s fashion retailer confirmed that “a third party gained unauthorized access to part of our website and inserted malicious code designed to capture information entered during the checkout process.”Customers placin
  • We must continue Jack and Saskia’s progressive work with prisoners | Letters

    We must continue Jack and Saskia’s progressive work with prisoners | Letters
    Guardian readers respond to Dave Merritt’s tribute to his son Jack, who, along with Saskia Jones, died on Friday at London BridgeI am in awe of the courage that it must have taken for Jack Merritt’s father to write his tribute to his brave, intelligent, beautiful son (Jack would be livid his death has been used to further an agenda of hate, 3 December). I agree with every word and suspect that the same themes could be applied to Saskia.We must all do everything we can to stop our cou
  • Festive Virtual Hacker Conference Returns

    Festive Virtual Hacker Conference Returns A free holiday-themed cybersecurity conference set in a virtual North Pole is scheduled to take place for the second year running. KringleCon 2019 invites hackers and cybersecurity professionals from across the globe to hear expert speakers, watch educational demos, share tips, and test their skills in a cyber-battle. The conference, which will begin next week, was created by global cybersecurity training and certification provider SANS In
  • Jamaica to Create a National Cybersecurity Policy in 2020

    Jamaica to Create a National Cybersecurity Policy in 2020Jamaica has announced plans to develop a national cybersecurity policy in 2020.According to the Jamaica Observer, the plan to create a strategy to protect the island country's citizens from cybercrime was announced by Jamaica's minister of national security, Dr. Horace Chang, yesterday. Speaking at a Cybersecurity and Cybercrime Workshop for Latin America and the Caribbean at the Hilton Resort and Spa in St. James, Chang said tha
  • London Bridge attack victims died after being stabbed in chest – inquest

    London Bridge attack victims died after being stabbed in chest – inquest
    Jack Merritt and Saskia Jones suffered shock and haemorrhaging, Old Bailey toldThe two victims of the London Bridge attack both died as a result of being stabbed in the chest, the inquests into their deaths have heard.The inquests into the deaths of Jack Merritt, 25, and Saskia Jones, 23, both Cambridge graduates, opened at the Old Bailey in central London on Wednesday before being adjourned to a date to be determined. Continue reading...
  • Artificial Fingerprint Ring Could Combat Biometric Data Theft

    Artificial Fingerprint Ring Could Combat Biometric Data Theft A cybersecurity company has teamed up with a 3D accessory designer to produce a ring that could tackle the issue of what to do if your biometric data is stolen. The attractive and wearable piece of jewelry features a synthetic fingerprint that can be used to unlock phones, make payments, or even access a home or office. Unlike the actual fingerprint of a living human, which can never be replaced if lost, the artificial biome
  • #BHEU: Consider Adversarial Thinking, Ask If the Tool Works

    #BHEU: Consider Adversarial Thinking, Ask If the Tool WorksDelivering the opening keynote at Black Hat Europe, offensive security engineer Amanda Rousseau talked about the move from a defensive to offensive role, and how narrow that has made our thinking.In the first part of her talk, she said that we have become too immersed in using tools, and do not look underneath them to understand how they work.She said that security is “filled with tools” and we are told that it is best practi
  • #BHEU: Foster the Right Skills, Culture and Share Knowledge

    #BHEU: Foster the Right Skills, Culture and Share KnowledgeOpening the 19th Black Hat Europe in London, founder Jeff Moss said that over the years the diversity of the security community has grown as well has the expansion of skills to include both hard and soft skills. He also said that the culture is maturing, and on the tech side “I see a slow move to a demonstration of skill” and instead of showing certifications, it is much more about “demonstrating the skills yo
  • FTC: Fraudsters Go Low-Tech to Trick the Elderly

    FTC: Fraudsters Go Low-Tech to Trick the ElderlyFraudsters are increasingly going back to basics in a bid to trick particularly elderly victims into handing over money, according to the Federal Trade Commission (FTC).The regulator posted two warnings on Tuesday highlighting the lengths scammers are prepared to go today in order to collect.It revealed that a Pennsylvania man reported being sent a threatening letter using fake FTC branding.“The letter said his online and financial activities
  • Latest Cyber-Defenders Unveiled at 10th CyLon Demo Day

    Latest Cyber-Defenders Unveiled at 10th CyLon Demo DayToday, nine of the most exceptional new cybersecurity businesses will pitch their latest products and innovations aimed at securing the digital economy at CyLon’s 10th London Demo Day.The nine companies will showcase their products to over 150 prospective customers, investors and partners through quick-fire pitches. The companies joined the program in September 2019, and over the last three months have received an intensive program of w
  • Dutch Politician Accused of Targeting Women’s iCloud Accounts

    Dutch Politician Accused of Targeting Women’s iCloud AccountsA Dutch politician could face several years behind bars after being accused by prosecutors of hacking the iCloud accounts of hundreds of women and posting explicit photos and videos online.Named only on the official Netherlands Public Prosecution Service website as “a 35-year-old man from Almere,” he is identified elsewhere as Mitchel van der K who sat on the local council there for the VVD party.According t
  • FBI: FaceApp Potential Spy Risk

    FBI: FaceApp Potential Spy RiskThe FBI has confirmed to a US senator that the popular mobile application FaceApp could be a counter-intelligence risk because of its Russian developers.The app — which uses AI to transform the faces of users to make them look older, change gender and so on — leapt to fame earlier this year when the #FaceAppChallenge started trending.It was said that the title, which was created by St Petersburg-based Wireless Labs in 2017, has access to the facial
  • Police cuts pose greatest risk to countering terrorism, says ex-chief

    Police cuts pose greatest risk to countering terrorism, says ex-chief
    Robert Quick rejects Johnson’s ‘cliches’ about sentencing laws after London Bridge attack
    A former head of counter-terrorism has said cuts to police numbers, not the length of sentences, have played the greater role in jeopardising public safety.Robert Quick, who led Scotland Yard’s counter-terrorism command from 2008-9, rejected claims made by Boris Johnson after last Friday’s attack at London Bridge in which a terrorist killed two people before being shot dead by
  • Labour's Ben Bradshaw claims he was targeted in Russian cyber-attack

    Labour's Ben Bradshaw claims he was targeted in Russian cyber-attack
    MP, who is a critic of Kremlin influence in the west, was sent suspicious email from MoscowThe Labour MP Ben Bradshaw has said he has been the victim of a suspected Russian cyber-attack after he received an email from Moscow with attachments containing sophisticated malware.Bradshaw – who has repeatedly raised the subject of Kremlin interference in British politics, including in the EU referendum – received the email at his election gmail address. The sender – “Andrei&rdq

Follow @Security_UKnws on Twitter!