Weekly #cybersecurity digest to your inbox

Hackers Using APTs To Exploit Covid-19 Fears

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency and the U.K. National Cyber Security Centre recently released a rare joint statement warning of the rise of APT groups using phishing campaigns exploiting the world’s fears about COVID-19. “Their goals and targets are consistent with long-standing priorities such as espionage and ‘hack-and-leak’ operations,”.. The post Hackers Using APTs To Exploit Covid-19 Fears appeared first on Security Boulevard.

Go to article at

15.5.2020

Malware

Netflix warned to step up after dormant credentials were hijacked by hackers

NETFLIX cordcutter-cutters are demanding answers after it emerged that some former users' accounts were being reactivated by criminals. An investigation by Auntie Beeb's You and Yours programme found that if someone finds a dormant Netflix account and is able to get into it, the provided bank details from the subscription are still listed, meaning that all the hacker has to do is start watching, whilst the original customer pays. Plus, of course, if the criminal then changes the password, then that's it, the account is locked out for the legitimate account holder. In order to give leavers an easy way of rejoining the service, accounts that are deactivated have all their details, including bank account info, stored for ten months from the date of leaving, unless the customer specifically asks Netflix to delete them sooner. For its part, Netflix has made a number of appropriate purring noises and advises anyone who notices unusual or unauthorised use of their account, or erroneous charges, to contact customer service immediately.

Go to article at

15.5.2020

Password Attacks

Cloud-based collaboration tools are a major driver of data exfiltration

Cloud-based collaboration technologies and workforce turnover have become major drivers of data exfiltration as insider threat programs fail to keep pace with today’s digital workplace, a Code42 survey reveals. Nearly 5,000 knowledge workers at companies with more than 1,000 employees in the U.S., U.K. and Germany were surveyed. “When it comes to data loss, leak and theft, for too many companies, the inside is their blindside,” said Joe Payne, Code42’s president and CEO. “Insider threat … More → The post Cloud-based collaboration tools are a major driver of data exfiltration appeared first on Help Net Security.

Go to article at

15.5.2020

Insider Attacks

Faking fingerprints — doable, but hard

Researchers found a way to create fake fingerprints to fool many devices, although it took a lot of effort.

Go to article at

15.5.2020

Outdated Access Rights

MITRE ATT&CK: Endpoint denial of service

Introduction Denial-of-Service (DoS) attacks have been around since the 1970s, and they can be downright paralyzing to an organization. Not only does it shut down the ability to use a targeted... Go on to the site to read the full article The post MITRE ATT&CK: Endpoint denial of service appeared first on Security Boulevard.

Go to article at

15.5.2020

Denial-of-Service Attacks

Travelex Being Held To Ransom By Hackers

Go to article at

15.5.2020

Ransomware

Microsoft Edge is now 2nd most popular desktop browser, beats Firefox

The Microsoft Edge browser is now being used by more people than Mozilla Firefox making it the 2nd most popular desktop browser. [...]

Go to article at

15.5.2020

CyberNow

Ransomware Attacks Are Causing Cyber Insurance Rates to Go Through the Roof; Premiums up as Much as 25 Percent

Ransomware attacks are causing a spike in cyber insurance rates as insurers need to cover ransom amount and recovery costs if hackers fail to make good on unlocking the compromised systems.

Go to article at

15.5.2020

Ransomware

1 in 6 Massachusetts Communities Hit by ‘Ransomware’ Attacks

Ryan Kath and Jim Haddadin report: Inside the Bay State, a handful of attacks against cities and towns have garnered...

Go to article at

15.5.2020

Ransomware