0 Comments
Privacy and data security concerns have been raised over a plan to link South African phone users’ biometric data to their SIM cards. The proposal by the Independent Communications Authority of South Africa (ICASA) was among a list of draft regulations published by the watchdog for public commentary in March. If approved, it would give
0 Comments
A former executive of eBay has pleaded guilty to taking part in a disturbing cyber stalking campaign waged against a married couple from Massachusetts. The couple’s terrifying experience began after they wrote about eBay in an online newsletter aimed at eBay sellers, which they edited and published.  Under the campaign, parcels with horrifying contents were anonymously sent
0 Comments
Organizations need to get better at mitigating threats from unknown vulnerabilities, especially as both state-backed operatives and financially-motivated cybercriminals are increasing their activity Zero-day vulnerabilities have always had something of a special reputation in the cybersecurity space. These software bugs are exploited for attacks before the flaw is known to the software vendor and so
0 Comments
Spyware has been detected on the cell phones of Spain’s prime minister, Pedro Sánchez, and the country’s defense minister, Margarita Robles. In a press conference given Monday morning, the Spanish government said that the phones had been infected with Pegasus spyware and extracted data from both devices.  The minister for the presidency, Félix Bolaños, said that the
0 Comments
A Texas school district employee has tendered their resignation after being caught secretly mining cryptocurrency on school premises.  Pings picked up by Galveston Independent School District’s firewall a couple of weeks ago aroused the suspicion of the district’s IT department. An investigation into the activity determined that multiple cryptocurrency mining machines were operating on the
0 Comments
India’s computer and emergency response team, CERT-In, on Thursday published new guidelines that require service providers, intermediaries, data centers, and government entities to compulsorily report cybersecurity incidents, including data breaches, within six hours. “Any service provider, intermediary, data center, body corporate and Government organization shall mandatorily report cyber incidents […] to CERT-In within six hours
0 Comments
The Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) and New York Metro InfraGard Members Alliance (NYM-IMA) are coming together to tackle cyber threats facing the bioeconomy.  The partnership, which aims to protect economic activity in the United States involving the use of biotechnology and biomass in the production of goods, services or energy, was announced on Thursday. 
0 Comments
Microsoft on Thursday disclosed that it addressed a pair of issues with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. “By exploiting an elevated permissions bug in the Flexible Server authentication process for a replication user, a malicious user could leverage an improperly anchored regular
0 Comments
A cyber-attack on a hotel reservation system has exposed the personal data of thousands of guests who stayed at upscale Finnish hotels. News of the security incident, which has impacted at least five hotels, was first reported by Finnish news agency MTV on Tuesday.  Between February 10 and 14, cyber-attackers exploited a vulnerability to hack
0 Comments
At least six different Russia-aligned actors launched no less than 237 cyberattacks against Ukraine from February 23 to April 8, including 38 discrete destructive attacks that irrevocably destroyed files in hundreds of systems across dozens of organizations in the country. “Collectively, the cyber and kinetic actions work to disrupt or degrade Ukrainian government and military
0 Comments
A woman from Los Angeles, who coughed on an Uber driver in a video that went viral last spring, has been accused of stealing the identity of her former neighbor.  Arna Kimiai, known on social media as ‘Cough Girl,’ was charged over the March 7 2021 incident involving San Francisco Uber driver, Subhakar Khadka. A video shared
0 Comments
ESET researchers reveal a detailed profile of TA410: we believe this cyberespionage umbrella group consists of three different teams using different toolsets, including a new version of the FlowCloud espionage backdoor discovered by ESET. ESET researchers have documented and analyzed TA410 activity going back to 2019. TA410 is a cyberespionage umbrella group loosely linked to
0 Comments
A cyberespionage threat actor known for targeting a variety of critical infrastructure sectors in Africa, the Middle East, and the U.S. has been observed using an upgraded version of a remote access trojan with information stealing capabilities. Calling TA410 an umbrella group comprised of three teams dubbed FlowingFrog, LookingFrog and JollyFrog, Slovak cybersecurity firm ESET
0 Comments
An Israeli private investigator could spend the next 27 years in prison after pleading guilty to taking part in an international fraud and hacking conspiracy. Aviram Azari was arrested in Manhattan, New York, in 2019 and charged with conspiracy to commit computer hacking, aggravated identity theft, and wire fraud.  The 50-year-old private detective, who served in a
0 Comments
Bad actors continuously evolve their tactics and are becoming more sophisticated. Within the past couple of years, we’ve seen supply chain attacks that quickly create widespread damage throughout entire industries. But the attackers aren’t just focusing their efforts on supply chains. For example, businesses are becoming increasingly more reliant on SaaS apps and the cloud
0 Comments
The British Army’s online recruitment portal has been offline for more than a month following a data breach.  Officials shut the computerized enrollment system down in the middle of March as a precaution after the personal data of more than 100 army recruits was found being offered for sale on the dark web. An investigation
0 Comments
Email accounts at a Kansas hospital were compromised for nearly a year in a prolonged data breach affecting more than 52,000 individuals. Emporia-based Newman Regional Health was breached by an unauthorized threat actor last year. In a data security notice on its website, the healthcare provider disclosed that the actor was able to access a limited number of email