• Scottish judges rule Lockerbie documents will remain secret

    Scottish judges rule Lockerbie documents will remain secret
    Foreign secretary’s decision to withhold documents that could absolve Libyan Abdelbaset al-Megrahi of 1989 terror attack backed by courtScotland’s most senior judges have upheld a secrecy order signed by the foreign secretary, Dominic Raab, to withhold intelligence documents believed to implicate a Palestinian terror group in the Lockerbie bombing.Lawyers acting for the family of Abdelbaset al-Megrahi, the Libyan convicted of the bombing, believe the documents are central to a fresh
  • Florida Man Cyberstalked Survivor of Murder Attempt

    Florida Man Cyberstalked Survivor of Murder Attempt
    Florida Man Cyberstalked Survivor of Murder AttemptA man from Florida has admitted cyberstalking a woman who survived a violent attack in her childhood that left another young girl dead. Alvin Willie George of Cross City pleaded guilty to two counts of cyberstalking related to the online harassment of the survivor and her sisters. According to court records, the victim was in a Texas bedroom with another girl in December 1999 when an assailant entered and attacked the two fri
  • Women in Cybersecurity Mid-Atlantic Partners with CMMC COE

    Women in Cybersecurity Mid-Atlantic Partners with CMMC COEThe Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE) yesterday announced a Memorandum of Understanding with the Women in Cybersecurity (WiCyS) Mid-Atlantic affiliate.The executed MOU creates a cooperative agreement between the two parties to partner in the furthering of their missions and objectives around the adoption, use, and expansion of CMMC-based cybersecurity practices for the US Department of De
  • UK Accidentally Deletes 150k Arrest Records

    UK Accidentally Deletes 150k Arrest RecordsThe UK government is investigating a technical issue that led to 150,000 arrest records' being accidentally wiped from nationwide police databases. The unintentional erasure, reported initially by The Times, is believed to have been caused by human error and defective code that earmarked the wrong files for deletion.Over 150,000 fingerprint records, DNA records, and arrest history records were lost as a result of the glitch. One
  • Advertisement

  • NCSC Reveals New Solution to Protect Remote Public Sector Workers

    NCSC Reveals New Solution to Protect Remote Public Sector WorkersThe UK’s National Cyber Security Center (NCSC) has outlined the creation of a new protective domain name service (PDNS) solution in partnership with Nominet, the official registry for UK domain names.The service, named PDNS Digital Roaming, is designed to enhance the security of public sector staff working from home as a result of the COVID-19 pandemic. The free at the point of use app will extend the protection offered
  • #CES2021: AI and Quantum Technologies Set to Disrupt Cybersecurity Industry

    #CES2021: AI and Quantum Technologies Set to Disrupt Cybersecurity IndustryArtificial intelligence (AI) and quantum are set to be the next major technology disruptors and will have a profound impact on the cybersecurity sector, according to speakers in a session at the Consumer Electronics Show (CES) 2021.Advancements in these areas are likely to lead to new opportunities for cyber-criminals to leverage attacks, but conversely, can also enable the development of stronger cybersecurity defen
  • NSA: DNS over HTTPS Provides “False Sense of Security”

    NSA: DNS over HTTPS Provides “False Sense of Security”The US National Security Agency (NSA) has warned enterprises that adoption of encrypted DNS services can lead to a false sense of security and even disrupt their own DNS-monitoring tools.DNS over HTTPS (DoH) has become an increasingly popular way to improve privacy and integrity by protecting DNS traffic between a client and a DNS resolver from unauthorized access. This can help to prevent eavesdropping and manipulation of DNS tra
  • Facebook Sues Devs of Alleged Data-Scraping Chrome Extensions

    Facebook Sues Devs of Alleged Data-Scraping Chrome ExtensionsFacebook is suing two European developers for allegedly violating its terms of service by scraping user data.Legal action has been filed in Portugal by Facebook and Facebook Ireland against two individuals working for application/extension development company Oink and Stuff.The firm claims its software products, available for Chrome, Firefox, Edge, Opera and Android, have over one million active users.However, the two misled users into
  • Advertisement

  • Automated “Classiscam” Operation Made $6.5m in 2020

    Automated “Classiscam” Operation Made $6.5m in 2020An e-commerce “scam-as-a-service” operation tried-and-tested in Russia has expanded to multiple European countries in 2020, making cybercrime groups over $6.5m in the process, Group-IB has warned.The Singapore-based cybersecurity company claimed in a new report that “Classiscam” first appeared in Russia in the summer of 2019, but soon migrated west and hit a peak of activity over 2020 as remote workers su
  • Fujitsu: High Risk of #COVID19 Vaccine Disinformation Campaigns

    Fujitsu: High Risk of #COVID19 Vaccine Disinformation CampaignsThere is a high risk of disinformation campaigns designed to spread panic and fear about the COVID-19 crisis, according to IT firm Fujitsu. In particular, it expects social engineering attacks to focus on fuelling uncertainty and doubt surrounding the effectiveness of COVID-19 vaccines as they begin to be rolled out across the world.The company said that both criminal gangs and nation state actors will focus on controversial aspects
  • Convicted Hacker Allegedly Commits Fraud While Awaiting Release

    Convicted Hacker Allegedly Commits Fraud While Awaiting ReleaseA Kosovan hacker, granted compassionate release after being convicted of providing personally identifiable information of over 1,000 US government personnel to ISIS, has been charged with committing further crimes while in federal prison.The US sentenced Ardit Ferizi to 20 years in prison in September 2016 after the hacker admitted accessing a protected computer without authorization and providing material support to a
  • 2020 Saw 6% Rise in Number of CVEs Reported

    2020 Saw 6% Rise in Number of CVEs ReportedNew analysis of the 2020 vulnerability and threat landscape has found that the total number of Common Vulnerabilities and Exposures (CVEs) reported last year was 6% higher than the total reported in 2019.A year-in-review report from Tenable’s Security Response Team found that 18,358 CVEs were reported in 2020, while only 17,305 were reported the previous year. While the increase between 2019 and 2020 may seem slight, the team found
  • Hy-Vee Data Breach Settlement Proposed

    Hy-Vee Data Breach Settlement Proposed
    Hy-Vee Data Breach Settlement ProposedA preliminary settlement agreement regarding a data breach that impacted customers of Iowa-based grocery store chain Hy-Vee has been proposed. Hy-Vee launched an investigation after detecting unauthorized activity on some of its payment processing systems on July 29, 2019.The investigation found that malware designed to access and steal payment card data from cards used on point-of-sale (POS) devices had been installed at certain Hy-Vee fuel p
  • NTT DATA and Conferma Pay Partner to Deliver Secure, Virtual Payment Comms to Hotels

    NTT DATA and Conferma Pay Partner to Deliver Secure, Virtual Payment Comms to Hotels
    NTT DATA and Conferma Pay Partner to Deliver Secure, Virtual Payment Comms to HotelsGlobal IT innovator NTT DATA and payments technology provider Conferma Pay have announced a partnership to bring secure, digital virtual payment communications to hotels.The news comes at a time when more and more companies are seeking to implement contact-free payment processes to help reduce the spread of COVID-19 whilst also bolstering payment security and safety.NTT DATA and Conferma Pay said they have combin
  • Ring Rolls-Out End-to-End Encryption to Bolster Privacy

    Ring Rolls-Out End-to-End Encryption to Bolster Privacy
    Ring Rolls-Out End-to-End Encryption to Bolster PrivacyControversial connected device company Ring has added video end-to-end encryption (E2EE) to some of its products in a bid to boost user privacy and security.The Amazon-owned maker of smart doorbells first flagged the move last autumn, but will begin the roll-out this week as part of a “technical preview.“By default, Ring already encrypts videos when they are uploaded to the cloud (in transit) and stored on Ring’s servers (a
  • #CES2021: Microsoft President Calls for Collaboration to Counter Growing Cyber-Threats

    #CES2021: Microsoft President Calls for Collaboration to Counter Growing Cyber-Threats Brad Smith, president of Microsoft, warned of the increasing cyber-threats to society as technology plays a more powerful role in our lives during his keynote address at the Consumer Electronics Show (CES) 2021.While he outlined the potentially enormous benefits advancements in technologies offer, including in areas like sustainability, the cyber-threats being faced are correspondingly becoming increasing
  • CISA Warns of Cloud Attacks Exploiting Poor Cyber-Hygiene

    CISA Warns of Cloud Attacks Exploiting Poor Cyber-HygieneA US cybersecurity agency is urging organizations to improve their cyber-hygiene after warning of multiple successful attacks targeting cloud services used by remote workers.The Cybersecurity and Infrastructure Security Agency (CISA) revealed in a report yesterday that attackers are increasingly targeting corporate and personal laptops with phishing, brute force login attempts and possibly a “pass-the-cookie” attack t
  • European Regulator: #COVID19 Vaccine Data Leaked Online

    European Regulator: #COVID19 Vaccine Data Leaked Online
    European Regulator: #COVID19 Vaccine Data Leaked OnlineThe European Medicines Agency (EMA) has confirmed that cyber-criminals who raided the organization in December have leaked some of those documents online.In a brief statement on Tuesday, it noted that the docs “related to COVID-19 medicines and vaccines belonging to third parties.“The agency continues to fully support the criminal investigation into the data breach and to notify any additional entities and individuals whose docum
  • Former Florida Official Charged with Cyberstalking

    Former Florida Official Charged with Cyberstalking The first independent ethics officer to be appointed by the Florida city of Tallahassee has been arrested on cyber-stalking charges. Julie Meadows-Keefe is accused of stalking former city auditor Bert Fletcher, with whom she had an on-off romantic relationship both during and after the time when they both worked for Tallahassee.The State Attorney's Office charged 51-year-old Meadows-Keefe with the first-degree misdemeanor on Janua
  • Bitcoin Exchange Owner Jailed for Money Laundering

    Bitcoin Exchange Owner Jailed for Money Laundering The owner of a Bulgarian bitcoin exchange has been sentenced to prison in the United States for his involvement in a transnational multimillion-dollar online auction fraud scheme that conned over 900 Americans out of more than $7m.After a two-week trial in September 2020, a federal jury in Kentucky found Rossen G. Iossifov guilty of one count of conspiracy to commit racketeering and one count of conspiracy to commit money laundering. O
  • Capcom Data Breach May Have Impacted Extra 40k Customers

    Capcom Data Breach May Have Impacted Extra 40k Customers
    Capcom Data Breach May Have Impacted Extra 40k Customers Gaming company Capcom has discovered that the number of customers whose data may have been compromised following a recent cyber-attack is much higher than previously thought. The Osaka-headquartered company became the victim of a ransomware attack in the beginning of November last year. On November 16, Capcom announced that it had verified that the personal information of 9 people had been compromised in this attack. A
  • Capcom Data Breach May Have Impacted Extra 40,000 Customers

    Capcom Data Breach May Have Impacted Extra 40,000 Customers
    Capcom Data Breach May Have Impacted Extra 40,000 Customers Gaming company Capcom has discovered that the number of customers whose data may have been compromised following a recent cyber-attack is much higher than previously thought. The Osaka-headquartered company became the victim of a ransomware attack in the beginning of November last year. On November 16, Capcom announced that it had verified that the personal information of 9 people had been compromised in this attack.
  • NORAD Air Defense Exercise Planned for National Capital Region

    NORAD Air Defense Exercise Planned for National Capital Region
    DefenceTalkDefenceTalkThe North American Aerospace Defense Command will conduct Falcon Virgo, a routine air defense exercise, on Thursday, January 14, through Friday, January 15, and again on Monday,...
  • Mimecast Cert Abused to Target Inboxes in “Sophisticated” Attack

    Mimecast Cert Abused to Target Inboxes in “Sophisticated” AttackMimecast has disclosed that some of its customers have been targeted by an advanced attack designed to compromise their Microsoft 365 (M365) environments.The security vendor said in a brief statement yesterday that a “sophisticated threat actor” obtained one of its certificates used to authenticate Mimecast Sync and Recover, Continuity Monitor and IEP products to Microsoft 365 Exchange Web Services.Altho
  • #COVID19 Led to Surge in Malware Attacks Last Year

    #COVID19 Led to Surge in Malware Attacks Last YearMalware authors continued to successfully leverage the COVID-19 pandemic last year to launch a wide variety of attacks, according to the 2020 Avira Report on Cybersecurity.The cybersecurity firm detected that cyber-attacks went up by 15% last year compared to 2019, observing that the rate of scams rose and fell at the same rate and time as the virus appeared across the world. The peak rate of blocked attempts was in April, during the first wave o
  • #CES2021: Raising the Bar on Privacy and Trust Online in 2021

    #CES2021: Raising the Bar on Privacy and Trust Online in 2021 Big tech companies need to “raise the bar” on enhancing privacy and trust in their services in 2021. This was the message from a panel discussion at the Consumer Electronics Show (CES) 2021, which included representatives from Google, Twitter and Amazon.This need for greater transparency has emerged as a result of the growing reliance on digital technology to conduct everyday life since the start of the COVID-19 crisis las
  • Microsoft Fixes Windows Defender Zero-Day Bug

    Microsoft Fixes Windows Defender Zero-Day Bug
    Microsoft Fixes Windows Defender Zero-Day BugMicrosoft has patched a zero-day bug in Windows Defender being actively exploited in the wild, as part of its monthly update round.The first Patch Tuesday of 2021 featured fixes for 83 vulnerabilities in Windows OS, Edge, Office, Visual Studio, .Net Core, .Net Repository, ASP .Net, Azure, Malware Protection Engine and SQL Server.Remote code execution bug CVE-2021-1647 is the most urgent, according to Chris Goettl, director of product management f
  • Healthcare Hit by 187 Million Monthly Web App Attacks in 2020

    Healthcare Hit by 187 Million Monthly Web App Attacks in 2020
    Healthcare Hit by 187 Million Monthly Web App Attacks in 2020Web application attacks in the healthcare sector surged in December as distribution of the first COVID-19 vaccines began, according to new data from Imperva.The security vendor claimed that attacks jumped 51% last month from detected volumes in November in a vertical that has been bombarded by cyber-criminals over the past year.Four specific attack types saw the largest increases: cross-site scripting (XSS) detections jumped 43%; SQL i
  • Cybereason to Adopt Intel’s PC Hardware Ransomware Solution

    Cybereason to Adopt Intel’s PC Hardware Ransomware SolutionCybereason has announced a new partnership with Intel to add new ransomware protections to its multi-layered defense platform.Under the agreement, Cybereason will adopt Intel’s Hardware Shield protections for ransomware that are available on the 11th Gen Intel Core vPro mobile platforms. As a result, it can leverage Intel’s threat detection technology, enabling CPU-based behavioral prevention of ransomware. This solutio
  • World's Largest Illegal Dark Web Marketplace Taken Down

    World's Largest Illegal Dark Web Marketplace Taken DownWhat could be the world's largest illegal marketplace on the dark web has been taken offline in an international operation involving law enforcement agencies in Australia, Denmark, Germany, Moldova, Switzerland, Ukraine, the United Kingdom, and the USA. At the time of its closure, DarkMarket had almost half a million users and more than 2,400 vendors selling a broad range of illicit merchandise. Among the goods advertised for sale were

Follow @Security_UKnws on Twitter!