• Shamima Begum still a national security threat, supreme court told

    Shamima Begum still a national security threat, supreme court told
    MI5 assessments read out at start of appeal over revoking of Isis recruit’s citizenship
    Shamima Begum, who left Britain as a schoolgirl to join Islamic State in Syria, remains a serious threat to national security and should be deprived of her UK citizenship, the supreme court has been told.Extracts of MI5 assessments of the dangers posed by the return of those who joined Isis were read out at the start of a two-day hearing challenging the decision to revoke Begum’s citizenship and r
  • Irish dissident republican urges armed groups to forgo violence

    Irish dissident republican urges armed groups to forgo violence
    Killings turn people away from cause, says former hardline leader Des DaltonA leading political voice in Irish dissident republicanism has urged all the armed paramilitary groups in Northern Ireland to call ceasefires and end their violence.Des Dalton, the former president of the ideologically hardline Republican Sinn Féin, has become the first figure to emerge from dissident republican groups to advise those like him opposed to the Good Friday agreement that “armed struggle”
  • MI5 involvement in drone project revealed in paperwork slip-up

    MI5 involvement in drone project revealed in paperwork slip-up
    Exclusive: Document produced by university cited agency as secret funder of researchFor an agency devoted to secrecy and surveillance, it is an embarrassing slip-up. An inadvertent disclosure on a university document has revealed that MI5 is partly behind what was meant to be a covert bug and drone research project.Ostensibly, Imperial College’s research was to create a quadcopter system for charging remote agricultural sensors – but MI5’s participation has emerged because some
  • Hackers Target Russian Cybercrime Forums

    Hackers Target Russian Cybercrime Forums Elite cybercrime forum Maza aka MFclub has been taken over by hackers, according to new research by risk intelligence company Flashpoint.The Russian-language forum, which was originally known as Mazafaka, has served thousands of cyber-criminals since its launch in 2003. "Little is known at this time about the attackers who successfully compromised Maza," wrote Flashpoint researchers. But thanks to the data allegedly leaked in the attack, qu
  • Advertisement

  • US Warns of Fake Unemployment Benefit Websites

    US Warns of Fake Unemployment Benefit WebsitesThe United States Justice Department has warned that cyber-criminals are impersonating state workforce agencies (SWAs) to steal Americans' personal data.In a press release issued March 5, the department said it had received reports that bad actors are creating fake websites that mimic sites genuinely belonging to SWAs. "The fake websites are designed to trick consumers into thinking they are applying for unemployment benefits and discl
  • Failure to Report Breach Costs Mortgage Lender $1.5m

    Failure to Report Breach Costs Mortgage Lender $1.5mAn American mortgage lender has shelled out $1.5m to resolve allegations that it violated the New York Department of Financial Services (NYDFS) Cybersecurity Regulation. Residential Mortgage Services, Inc. (RMS), which is headquartered in South Portland, Maine, was accused of failing to report a data breach that occurred in 2019. The breach was uncovered during an investigation of RMS carried out in July 2020 by the NYDFS. T
  • 'There is no bomb': what I learned taking a polygraph test

    'There is no bomb': what I learned taking a polygraph test
    As the government plans to extend the use of lie detectors to terrorism and domestic abuse, our science editor puts himself in the hot seat“Did you plant the bomb?” It’s not a question I’ve been asked before but I’m comfortable enough denying it. Truth is – I didn’t plant a bomb. I planted a pretend bomb – a shoebox filled with webcams and wires – and I’m relying on my physiology to share the pedantic, but surely relevant, distinction.
  • Docker Hub and Bitbucket Resources Hijacked for Crypto-Mining

    Docker Hub and Bitbucket Resources Hijacked for Crypto-MiningSecurity researchers are warning of a resurgent campaign to hijack developer resources for cryptocurrency mining.A team from Aqua Security explained that over the period of just four days, attackers set up 92 malicious Docker Hub registries and 92 Bitbucket repositories to abuse these resources.“The adversaries create a continuous integration process that every hour initiates multiple auto-build processes, and on each build, a Mo
  • Advertisement

  • Fraudsters Circumvent 3D Secure with Social Engineering

    Fraudsters Circumvent 3D Secure with Social EngineeringCyber-criminals are actively sharing tips and advice on how to bypass the 3D Secure (3DS) protocol to commit payment fraud, according to researchers.A team at threat intelligence firm Gemini Advisory found the discussions on multiple dark web forums, claiming that phishing and social engineering tactics stood a good chance of success in certain situations.Although version two of the protocol, designed for smartphone users, allows individuals
  • SITA Supply Chain Breach Hits Multiple Airlines

    SITA Supply Chain Breach Hits Multiple AirlinesA major aviation IT company has been breached in what appears to be a coordinated supply chain attack affecting multiple airlines and hundreds of thousands of passengers.SITA provides IT and telecoms services to around 400 members in the industry, claiming to serve around 90% of the global airline business.It revealed yesterday that attackers had compromised passenger data stored on its SITA Passenger Service System servers in the US. It said these
  • Cryptocurrency Fraudster Steals $16m

    Cryptocurrency Fraudster Steals $16m A Swedish businessman has admitted conning thousands of victims out of millions of dollars with a reversed pension cryptocurrency investment scam. Roger Nils-Jonas Karlsson pleaded guilty today to securities fraud, wire fraud, and money laundering charges that he defrauded 3,575 victims of more than $16m.Karlsson and his now defunct company, Eastern Metal Securities (EMS), were charged in a criminal complaint filed on March 4, 2019. The 47
  • Two-Thirds of Irish Women Harassed Online

    Two-Thirds of Irish Women Harassed Online A survey by a global humanitarian NGO has found that two-thirds of Ireland's young women and girls have been harassed while using the internet. The research, conducted by Plan International, found 67% of young female users had been subjected to virtual violence while online. In the majority of cases, the abuse was perpetrated via the social media platforms Snapchat and Instagram.Among the harassing behaviors experienced by victims was cybe
  • Ransomware Attack on Arizona Optometrist

    Ransomware Attack on Arizona OptometristA cyber-attack on an optometrist located in Sierra Vista, Arizona, has affected up to 100,000 patients. Cyber-criminals successfully hit Cochise Eye and Laser with ransomware in January, encrypting the office's patient scheduling and billing software. Patient data stored in the billing software included names, dates of birth, addresses, phone numbers, and in some cases Social Security numbers.While the attack prevented staff from access
  • Experts Discuss How to Achieve Greater Gender Equality in the Tech Industry

    Experts Discuss How to Achieve Greater Gender Equality in the Tech IndustryThere has been significant progress in the area of gender diversity in the technology industry, but much more work is required, according to a panel speaking on a webinar during Women’s History Month.The discussion came on the back of Kaspersky’s recent Women in tech report, in partnership with Ada’s List, a global community for women in tech. This study highlighted that a lot of progress is being made i
  • Three terror plots foiled in Britain during pandemic say police

    Three terror plots foiled in Britain during pandemic say police
    More than 800 live investigations during Covid pandemic but terrorism arrests fell by 34% in 2020, the lowest level in nine years Three terror plots have been foiled during the coronavirus pandemic in the UK, counter-terror chiefs revealed, despite a drop in arrests during the period.Two Islamist plots and one right-wing terror plot were thwarted during the pandemic, bringing the total number of foiled attacks since March 2017 to 28, said the counter terrorism policing network. Continue reading.
  • Financial Crime Surges in 2020 Following Shift to Digital Banking and Commerce

    Financial Crime Surges in 2020 Following Shift to Digital Banking and CommerceA huge rise in financial crime was recorded last year, driven by the rapid shift to digital banking and commerce following COVID-19 lockdowns. This is according to Feedzai’s Financial Crime Report Q1 - 2021, which compared the volume of financial fraud and crime in Q4 and Q1 2020, with the latter quarter mainly unaffected by the pandemic.The study found there was a 650% surge in account takeover (ATO) in Q4 compa
  • #COVID19 Vaccine Phishing Scams Surge 26% in Three Months

    #COVID19 Vaccine Phishing Scams Surge 26% in Three MonthsVaccine-related phishing and Business Email Compromise (BEC) attempts jumped 26% in a recent three-month period, as scammers ramped up their efforts against organizations, according Barracuda Networks.The security vendor’s Threat Spotlight, analyzed phishing emails between October 2020 and January 2021.It revealed that, while the volume of vaccine-related spear-phishing attacks increased by 12% following announcements from Pfizer and
  • Ransomware Attacks Soared 150% in 2020

    Ransomware Attacks Soared 150% in 2020Ransomware surged by 150% in 2020 with the average extortion amount doubling, according to a new report from Group-IB.The Singapore-based security firm analyzed over 500 attacks last year to compile its Ransomware Uncovered 2020-2021 report, which maps for the first time the most common tactics, techniques and procedures (TTPs) to the MITRE ATT&CK framework.The average ransom demand stood at $170,000 last year, but groups like Maze, DoppelPaymer, and Rag
  • Women in Cyber: Workplace Equality Will Take a Decade

    Women in Cyber: Workplace Equality Will Take a DecadeMost women believe it will take a decade before they’re treated as equals in the cybersecurity sector, according to new research from the Chartered Institute of Information Security (CIISec).Released ahead of International Women’s Day on Monday, the study revealed the challenges facing female cyber professionals today. According to the latest data, only around a quarter (24%) of the global workforce are women.Not only do 57% b
  • Kremlin agents targeting Russians in UK, MI5 warns

    Kremlin agents targeting Russians in UK, MI5 warns
    Britain is alert to interest being shown in certain individuals, agent tells Sky NewsMI5 has quietly stepped up the security protection offered to potential Kremlin targets living in the UK in the aftermath of the poisoning of Sergei and Yulia Skripal in Salisbury in 2018.The security agency warned that the Russian state continues to take “quite an active interest” in a handful of individuals in the UK, prompting the need to take more active measures involving the police and other ag
  • Missing Teens Used School Laptops to Chat with Alleged Abductors

    Missing Teens Used School Laptops to Chat with Alleged Abductors Two teenage girls who went missing from the same North Carolina county used school-issued laptops to communicate with their alleged abductors. Savannah Grace Childress vanished on February 11 from her home on Canaan Church Road in Denton. The 14-year-old was found alive ten days later in Arkansas. Law enforcement officers investigating Childress' disappearance discovered that the teen had been using a compu
  • I want to hear the case for and against Prevent | Letter

    I want to hear the case for and against Prevent | Letter
    I approach this review in a spirit of collaboration, writes William ShawcrossAs Sadakat Kadri’s article showed (Why is the government trying to undermine its anti-terror programme?, 1 March), Prevent arouses strong views. This is not surprising. The stakes are very high.As a writer and journalist, I have seen that terrorism comes from many sources, and inflicts terrible wounds on souls as well as bodies. I have attempted to deal head-on with the thorny moral and legal issues that emerged a
  • Canadian Cyber-Agency Workers Threaten Strike

    Canadian Cyber-Agency Workers Threaten StrikeA dispute over wages could see workers at Canada's equivalent of the United States' National Security Agency stage a strike. The Public Service Alliance of Canada (PSAC), which represents 2,400 employees working in cryptography, applied mathematics, advanced language analysis, and cybersecurity at the Communications Security Establishment (CSE), voted last week to authorize a strike following a disagreement about changes to a wage supplement.&nbs
  • US Cybersecurity Firm Opens New Belfast Office

    US Cybersecurity Firm Opens New Belfast OfficeAmerican cybersecurity firm Rapid7 has opened a new office in the heart of Northern Ireland's capital city.The company, which is headquartered in Boston, Massachusetts, serves over 9,100 customers through 14 different offices around the world.  Rapid7's newest digs, located in Belfast's Chichester House, can accommodate up to 400 employees. The company said the major expansion will create up to 150 new jobs and internships in cust
  • Microsoft: SolarWinds Attack Highlights Growing Sophistication of Nation State Actors

    Microsoft: SolarWinds Attack Highlights Growing Sophistication of Nation State ActorsMicrosoft has highlighted the increasingly sophisticated cyber-threat landscape, particularly as a result of the rise in nation state attacks.During a session at the Microsoft Ignite event, the company outlined some of the trends it is seeing and actions it is taking to help mitigate them.There has been marked rise in cyber-attacks detected by Microsoft over recent years, both from cyber-criminals and natio
  • One dead in rocket attack on Iraq base hosting US troops

    One dead in rocket attack on Iraq base hosting US troops
    DefenceTalkAt least 10 rockets slammed into a military base in western Iraq hosting US-led coalition troops on Wednesday, security sources said, leaving one civilian contractor dead. The attack on...
  • Telemarketing Biz Exposes 114,000 in Cloud Config Error

    Telemarketing Biz Exposes 114,000 in Cloud Config ErrorA US telemarketing company has leaked the personal details of potentially tens of thousands of consumers after misconfiguring a cloud storage bucket, Infosecurity can reveal.A team at vpnMentor led by Noam Rotem found the unsecured AWS S3 bucket on December 24 last year. It was traced to Californian business CallX, whose analytics services are apparently used by clients to improve their media buying and inbound marketing.According to its web
  • State-sponsored hackers in China targeting email services: Microsoft

    State-sponsored hackers in China targeting email services: Microsoft
    DefenceTalkMicrosoft has said a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange email services to steal data from business users....
  • US lagging in critical artificial intelligence: panel

    US lagging in critical artificial intelligence: panel
    DefenceTalkThe United States is dangerously behind in artificial intelligence critical to its future including national security, according to a commission that includes a former head of Google and...
  • Password Reuse at 60% as 1.5 Billion Combos Discovered Online

    Password Reuse at 60% as 1.5 Billion Combos Discovered OnlineA security vendor discovered nearly 1.5 billion breached log-in combos circulating online last year and billions more pieces of personal information (PII), with password reuse and weak hashing algorithms commonplace.SpyCloud’s 2021 Credential Exposure Report was compiled from the vendor’s human intelligence efforts to recover stolen data from criminal networks early in the breach lifecycle.Some 854 breach incident

Follow @Security_UKnws on Twitter!