Phishing scam: Italian football club tricked into sending out €2m to crooks

By Waqas
Another day, another phishing scam – This time apparently the
This is a post from HackRead.com Read the original post: Phishing scam: Italian football club tricked into sending out €2m to crooks
Continue reading Phishing scam: Italian football club tricked into sending out €2m to crooks

Cloud Security This Week – January 19, 2018

New from Evident.io WEBINAR – 1/25: From Obstacle to Advantage: Compliance in the Cloud 2018 Join us on Thursday, January 25th, 2018 for our webinar where they will discuss the steps that you, your CSP, and your SecOps and DevOps teams will need … Continue reading Cloud Security This Week – January 19, 2018

Everyday is Super Bowl Sunday for Cloud Security Teams

We’re approaching Super Bowl Sunday and the lead up to the main event has been a helluva lot of fun. Stefon Diggs’ 61-yard walk-off touchdown that sent the Vikings to the NFC Championship game will go down as one of the most memorable momen… Continue reading Everyday is Super Bowl Sunday for Cloud Security Teams

Cyber Security Roundup for August 2017

TalkTalk yet again made all the wrong cyber security headlines in the UK this month, after it was handed a £100,000 fine by the Information Commissioner’s Office (ICO) for not adequately protecting customer records from misuse by its staff. The ICO investigated the Internet Service Provider after receiving complaints from customers, who said they received cold calls from scammers who knew their TalkTalk account information.

Second-hand goods firm CeX disclosed a compromise of up to 2 million online customer accounts due to a hack, however, CeX has yet to disclose any details about the cyber attack. My blog post and advice about this is here http://blog.itsecurityexpert.co.uk/2017/08/up-to-2-million-cex-customer-account.html

Hackers had a field day taking over social media accounts, from Real Madrid and FC Barcelona to Game of Thrones, much embarrassment could have been avoided if they had adopted multi-factor authentication on the accounts, aside from the spate of Instagram hacks which were caused by the exploitation of a software vulnerability, namely within Instagram’s API.

In what looks like a follow on from the UK’s Parliament’s email brute force email account attack in June, the Scottish Parliament was hit by a very similar cyber attack, it was reported, as per the Westminister attack, many SMPs were found to be using weak passwords. Let’s hope the Welsh Assembly have taken note and have learned the password security lessons.

A massive ‘spambot’ holding 711 million email addresses was found to be spreading malware by a security researcher. It was said to have been put together using stolen data from previous LinkedIn and Badoo data breaches. Using legitimate email addresses helps in the avoidance of anti-phishing and spam filters.

On the ransomware front, LG reported WannaCry caused a two-day shutdown of its business in South Korea. TNT customers were said to be furious after NotPeyta badly affected its ability to deliver hundreds of thousands of items, particularly within in the Ukraine. And Digital Shadows reported a trend in cyber criminals dropping Exploit kits for Ransomware, as there is simply a lot more money to be made out of ransomware attacks.

On the critical security patching, Microsoft released 25, Adobe released 43, and Drupal patched a critical bug. And there was an interesting article posted by Microsoft on Cyber Resilience worth reading.

NEWS

AWARENESS, EDUCATION AND THREAT INTELLIGENCE

REPORTS

Continue reading Cyber Security Roundup for August 2017