0
Concern as Attacker “Breakout” Time Halves in 2020

Concern as Attacker “Breakout” Time Halves in 2020

The average time it took for attackers to move from initial infection to lateral movement and beyond halved lasted a year, in a sign that organizations are failing in detection and response, according to CrowdStrike. The security vendor’s 2021 CrowdStrike Global Threat Report is compiled from its threat intelligence, managed threat hunting, and cloud graph database technology […]

Read More »
Scammers Selling Fake #COVID19 Vaccination Cards for Just $20

Scammers Selling Fake #COVID19 Vaccination Cards for Just $20

Fraudsters are setting up Shopify-backed online stores to sell fake COVID-19 vaccination cards to anti-vaxxers, according to DomainTools. Due to the decentralized nature of the US healthcare system, the cards, which carry the logo of the US Centers for Disease Control and Prevention (CDC), were judged to be the simplest way the authorities can keep […]

Read More »
Romance Fraud Surges in Lockdown Following Shift to Online Dating

Romance Fraud Surges in Lockdown Following Shift to Online Dating

Bank transfer romance fraud rose 20% year-on-year between January and November 2020, according to new figures from UK Finance. Published shortly before this year’s Valentine’s Day, the trade association revealed that the total value of this type of scam – in which victims are duped into sending money to criminals who have convinced them they […]

Read More »
Credential Theft Attacks Doubled Between 2016 and 2020

Credential Theft Attacks Doubled Between 2016 and 2020

The number of attacks resulting in large-scale credential theft has almost doubled over the past four years, although the volume of breached login pairs declined, according to F5. The security vendor’s 2021 Credential Stuffing Report warned that although average breach volumes declined from 63 million records in 2016 to 17 million in 2020, poor security […]

Read More »
Cyber-Attacker Tries to Remotely Poison Florida City

Cyber-Attacker Tries to Remotely Poison Florida City

The cyber-risks associated with connected operational technology (OT) systems were laid bare on Monday after an unknown online assailant tried to remotely poison the water supply of a Florida city. The attacker accessed the water treatment system for Oldsmar city in Pinellas County and tried to increase the amount of sodium hydroxide (lye) in the […]

Read More »
Experts Warn of “Beg Bounty” Extortion Attempts

Experts Warn of “Beg Bounty” Extortion Attempts

Sophos has warned businesses to be on the lookout for unsolicited and often generic emails attempting to extract a bug bounty from them with borderline extortion tactics. So-called “beg bounty” messages typically involve automated scanning for basic misconfigurations or vulnerabilities, followed by a cut-and-paste of the results into a pre-defined email template, explained Sophos principal […]

Read More »
Emsisoft Suffers System Breach

Emsisoft Suffers System Breach

The founder of New Zealand cybersecurity company Emsisoft has issued an apology over a configuration error that led to a system data breach. News that one of the company’s test systems had been compromised was shared on February 3 by Emsisoft founder and managing director Christian Mairoll. In a security incident that Mairoll wrote “should not have happened,” a […]

Read More »
Law Firm Data Breach Impacts UPMC Patients

Law Firm Data Breach Impacts UPMC Patients

A cyber-attack on a Pennsylvania law firm has potentially exposed the personal health information (PHI) of more than 36,000 patients of the University of Pittsburgh Medical Center (UPMC). Law firm Charles J. Hilton & Associates P.C. (CJH), which provides legal services to UPMC, discovered suspicious activity in its employee email system in June 2020. An […]

Read More »