Security

0 Comments
American media company Sinclair Broadcast Group is in the grips of a ransomware attack. The Baltimore-based company, which operates and/or provides services to 185 television stations in 86 markets, became aware of a potential security incident on Saturday and launched an investigation.  In a statement released Monday, the group said: “On October 17, 2021, the Company [Sinclair Broadcast Group]
0 Comments
The personal data of thousands of individuals have been stolen from a non-profit professional membership organization located in Illinois. Cyber-thieves struck the American Osteopathic Association (AOA) in the summer of 2020, making off with information that included names, Social Security numbers, and financial account details. The AOA, which is headquartered in Chicago, represents around 151,000
0 Comments
Organizations around the world take on average more than two business days to respond to a cyber-attack, according to new research by American cybersecurity company Deep Instinct.  The finding was published in the company’s second bi-annual Voice of SecOps Report, which was based on a survey of 1,500 senior cybersecurity professionals in 11 countries who work for
0 Comments
Apple’s plans to implement new phone-scanning features have been heavily criticized by more than a dozen cybersecurity experts. The tech company announced in August its intention to start scanning iPhone users’ iCloud Photos libraries. Apple presented the move under the pretext that it would locate users’ caches of illicit content, including child sexual abuse material (CSAM). In
0 Comments
Dutch police have written to customers of an on-demand booter service to dissuade them from committing cybercrimes. Booter services, also known as booters, are on-demand DDoS (Distributed-Denial-of-Service) attack services that can be used to bring down websites and networks by overloading or “stressing” IP addresses with data traffic.  During an ongoing investigation into www.minesearch.rip, Dutch
0 Comments
by Paul Ducklin It’s the second week of Cybersecurity Awareness Month 2021, and this week’s theme is an alliterative reminder: Fight the Phish! Unfortunately, anti-phishing advice often seems to fall on deaf ears, because phishing is an old cybercrime trick, and lots of people seem to think it’s what computer scientists or mathematical analysts call
0 Comments
Antivirus and anti-malware brand STOPzilla has been acquired by California holding company RealDefense.  The deal was announced earlier today and marks RealDefense’s fourth acquisition in the security sector. Other brands in the RealDefense portfolio include IOLO, MyCleanID, MyCleanPC, USTechSupport, CyberDefender, VirusFix, and WarrantyStar. To complete the acquisition of STOPzilla, RealDefense partnered with Corbel Capital Partners, a $500m structured
0 Comments
by Paul Ducklin It’s been a wild few weeks for Apple, or perhaps an “in-the-wild” few weeks, with several zero-day bugs necessitating emergency updates. We were going to say “unexpected updates”, but all (or almost all) Apple security patches are, of course, unexpected by design. Apple deliberately announces security fixes only after they’ve been published,
0 Comments
Data belonging to patients of a hospital in New Mexico has been deleted by an unknown cyber-attacker.  The IT network of San Juan Regional Medical Center in Farmington was breached by an unauthorized individual in September last year. The attack was reported to the United States Department of Health and Human Services’ Office for Civil Rights on June 4
0 Comments
An authentication error left the personal data of hundreds of thousands of BrewDog customers and Equity for Punks shareholders exposed for a year and a half.  The gaffe involving an API bearer token was discovered by researchers at security consulting and testing company Pen Test Partners.  “Every mobile app user was given the same hard-coded API Bearer Token,
0 Comments
A student at East Carolina University has been charged with cyber-stalking after allegedly posing as a member of a rival fraternity to upload a racist post to social media. A police investigation was launched after an offensive message, purporting to be from the university’s Theta Chi chapter, was uploaded anonymously to Yik Yak in August. 
0 Comments
An international psychic mail fraud scheme that sold the promise of good fortune to tens of thousands of victims has been shut down by a United States court. Earlier today, the US District Court for the Southern District of Florida entered a permanent injunction against three residents of France and two corporate defendants who had been carrying
0 Comments
What is chaos engineering is and how to get started? What are the different types of tests and how does it compare to other options? These were questions that Holly Grace Williams, founder of Akimbo Core, aimed to tackle during a technical session at the Digital Transformation EXPO Europe 2021. The ‘A Chaos Podcast Presents: A Beginner’s
0 Comments
A working group appointed by the International Association of Scientific, Technical and Medical Publishers (STM) has published a new set of guidelines to tackle the issue of doctored images in scientific research papers.  The recommendations of the Standards and Technology Committee (STEC) include a three-tier classification system that editors can use to flag suspicious content, and detailed
0 Comments
A voucher scheme launched by the Northern Ireland Assembly to stimulate economic growth following Covid-19 lockdowns is having an identity crisis.  Under the £145m High Street Spend Local Scheme, the approximately 1.4 million residents of Northern Ireland who are aged 18 and over are eligible to apply for a £100 Spend Local voucher.  The voucher takes the form
0 Comments
by Paul Ducklin As you probably know (or, at least, as you know now!), October is Cybersecurity Awareness Month, which means it’s a great opportunity to do three things: Stop. Think. Connect. Those three words were chosen many years ago by the US public service as a short and simple motto for cybersecurity awareness. 5
0 Comments
A former Facebook employee is to appear before a US Senate subcommittee tomorrow after blowing the whistle on the company’s alleged prioritization of profit above user welfare.  Frances Haugen, a 37-year-old data scientist from Iowa, revealed yesterday that it was she who leaked internal research carried out by Facebook to the Wall Street Journal. This research formed the
0 Comments
The owner of two chains of American luxury department stores has warned 4.6 million Neiman Marcus customers that their personal data may have been exposed in a security incident that happened 17 months ago.  Neiman Marcus Group, which owns the Neiman Marcus and Bergdorf Goodman department stores, as well as the high-end home goods line
0 Comments
America’s head of state, Joe Biden, has announced plans to hold a meeting with representatives of 30 different countries later this month to discuss ransomware and other cybersecurity issues.  In a statement released to coincide with the first day of America’s annual Cybersecurity Awareness Month, President Biden said that the chief purpose of the confab would be to address
0 Comments
Today marks the start of the 18th Annual Cybersecurity Awareness Month in America, and this year’s theme is “Do Your Part. #BeCyberSmart.” The digital safety initiative was launched back in October 2004 by the National Cyber Security Alliance and the United States Department of Homeland Security to help the public stay safe and secure while