cybersecurity

Twitter Hack Was the Result of Social Engineering

By Dave McKay in cybersecurity

July 31, 2020

Social Engineering Attack Vector Twitter have declared that the route taken by the threat actors who pulled off this month’s Twitter hack and Bitcoin scam was social engineering. They made convincing but bogus phone calls to Twitter employees and managed to convince them to reveal their credentials. According to Twitter, the social engineering attack gave the threat actors the credentials of a limited set of employees, making it possible for the bad guys to access Twitter’s internal network and support tools.

Continue reading

386 Million User Records Offered for Free

By Dave McKay in cybersecurity

July 29, 2020

Personal Data from 18 Data Breaches Offered to Hackers - At no cost! A threat actor has offered the databases from 18 breaches to other hackers without cost. The figures are mind-boggling—386 million personal records. Usually the data is sold to other cybercriminals. They buy it to perpetrate identity and fraud based crimes, and to use it in phishing campaigns and other email-based scams. The databases came from breaches at these companies:

Continue reading

Blackbaud Breach Affects 20 UK Universities

By Dave McKay in cybersecurity

July 25, 2020

Why Choosing Data Processors Needs Due Care and Attention Blackbaud, the world’s largest supplier of “education administration, fundraising, and financial management software” has suffered a breach in May, 2020. There are over 20 UK Universities and other organizations affected by the breach. And, because under the General Data Protection Regulations (GDPR) regulations you are jointly responsible for breaches that occur at your data processors, those customers are now facing fines from the Information Commissioner’s Office.

Continue reading

143 ATMs Emptied by Jackpotting

By Dave McKay in cybersecurity

July 15, 2020

Antwerp-Based Bank Turns Off All ATMs It’s reported that Antwerp-based bank Argenta had to rapidly close down all 143 Automated Teller Machines (ATMs). That’s cashpoints to the British. Jackpot! They suffered several recent jackpotting attacks. This is where the attackers compromise the machine either physically, or remotely. Once they have control of the ATM they simply instruct it to dispense all of the money it has inside it. Like hitting the jackpot at Las Vegas.

Continue reading

MGM Data Breach Might be as Large As 142 Million

By Dave McKay in cybersecurity

July 14, 2020

MGM Data Breach Might Be Much Larger Than Thought The MGM Resorts data breach of 2019 was reported at the time to be in the order of 10.6 million personal records. That’s impressive, for all the wrong reasons. It is now believed to have included personal data of more than 142 million MGM hotel guests. That’s staggering—and still not in a good way. The new figures are based on the amount of breached data that is being sold on the Dark Web.

Continue reading

Cybercriminals Are Exploiting Covid-19

By Dave McKay in cybersecurity

July 11, 2020

Cybercriminals Are Opportunistic, Heartless, And Nimble They can re-skin existing cyberthreats in not time at all. They’ll take any newsworthy event and re-decorate their old scams with the topic of the moment. Cybercriminals Love Major News Stories Any news item that is going to top the search rankings or have official emails sent out about, is a perfect cover story for refreshed cyberattacks. The cybercriminals quickly change the look and feel of their existing threats and send them out once again.

Continue reading

Criminals' Secure Phone Network Smashed

By Dave McKay in cybersecurity

July 11, 2020

Criminal “Secure Phone” Network Hacked by Law Agencies A joint operation by the NCA, the Metropolitan Police, and Europol—described as the most significant operation the Metropolitan Police Service has ever launched against serious and organised crime—has allowed officers to disrupt murder plots, arrest some of London’s most dangerous criminals, and seize millions in illegal money. Over £54 million in illegal cash 77 firearms, assault rifles, submachine guns, handguns, grenades, and over 1,800 rounds of ammunition More than two tonnes of Class A and B drugs Over 28 million Etizolam pills (known as street Valium) 55 high-value cars, and 73 luxury watches “The infiltration of this command and control communication platform for the UK’s criminal marketplace is like having an inside person in every top organised crime group in the country.

Continue reading

What Is Cyber Essentials?

By Dave McKay in cybersecurity

July 11, 2020

Demonstrate Your Commitment to Data Protection CyberEssentials is a government-backed and industry-recognised scheme. It helps businesses protect themselves against the most common cyber attacks and threats. Compliance to the standard ensures that a set of basic technical and organisational controls—that’s policies and procedures—are in place, providing a common sense and valuable level of protection. The National Cyber Security Centre manage the scheme on behalf of the government. What Is Involved?

Continue reading

15 Billion Passwords on Dark Web

By Dave McKay in cybersecurity

July 10, 2020

15 Billion Stolen Credentials on the Dark Web A new study suggests that the number of stolen credentials for sale on the Dark Web could be more than 15 billion, with usernames, passwords and other login information for everything from online bank accounts to music and video streaming services are available. The data comes from hundreds of thousands of data breaches. As you’d expect, the most expensive credentials for sale were those for bank and financial services like PayPal, with an average price of £59.

Continue reading

Worst Hacks and Breaches of 2020, So Far

By Dave McKay in cybersecurity

July 10, 2020

Usual Suspects, Usual Dirty Tricks The World Health Organization was subjected to a phishing attack in March by unknown attackers who tried to access its digital systems. In April, Iran-linked hackers launched phishing attacks against Gilead Sciences, which has been working to develop treatments for Covid-19. In the US, many states have rushed to address rampant unemployment fraud—coming from overseas. The Chinese government increased the country’s invasive digital surveillance and hacking against the Uighur ethnic minority.

Continue reading

Categories

Tags