Security
Do we need tougher breach notification rules?
The Travelex ransomware raises the question, once again, of whether organisations should be obliged to provide more information
Russian authorities arrest 25 for running stolen credit card marketplace
Websites trading in stolen debit and credit cards, as well as personal information, have gone dark following raids last week by the FSB
ICO approves use of British mobile phone tracking data to fight spread of coronavirus
Regulator okays the use of anonymised phone tracking data to help tackle the spread of COVID-19
Flaws in Diameter signalling protocol make all 4G networks prone to denial-of-service attacks
The protocol is used to authenticate message and information distribution in 4G networks
South Korean APT uses five zero-day flaws to turn the tables on North Korea
The group, linked to South Korea, used bugs in Internet Explorer, Google Chrome and the Windows Kernel to target North Koreans
Cyber security experts collaborate to block coronavirus-related cyber campaigns
The new group includes professionals from technology firms like Amazon and Microsoft
Tupperware accused of ignoring warnings over ecommerce website compromised by web-skimming JavaScript
Tupperware finally gets round to cleaning its ecommerce site days after being told that it had been compromised by a credit-card-stealing Magecart group
Half of all UK businesses hit by security breaches in the past 12 months, according to government Cyber Security Breaches Survey 2020
More businesses and charities than ever are being hit by cyber attacks, according to the latest survey – but organisation are also becoming more resilient
Surge in attacks from China-linked APT41 targeting unpatched Citrix servers and Cisco routers
APT41 attacks carried out between January and March targeted unsecured Citrix NetScaler servers and Cisco routers
More ransomware groups threaten to publish data stolen data from non-payers
More and more ransomware groups are starting to steal data before encryption in order to blackmail their victims into paying up
Easy availability of ICS hacking tools poses major threat to industrial sector, researchers warn
Most tools are 'vendor agnostic' and can target products from some of the largest ICS original equipment manufacturers, warns FireEye
Spanish hospitals targeted with coronavirus-themed phishing lures in Netwalker ransomware attacks
Groups behind Netwalker switched phishing baits to coronavirus last week - as other ransomware groups pledged to avoid medical facilities
Hackers tried to breach WHO systems amid coronavirus crisis
The attempt, however, was unsuccessful
Microsoft: Two zero-day vulnerabilities in Windows Adobe Type Manager Library are actively being exploited
All supported versions of Windows operating system are affected
Cisco fixes five vulnerabilities affecting SD-WAN solutions
These vulnerabilities impact Cisco products using SD-WAN software earlier than Release 19.2.2
Hackers start selling and distributing Sodinokibi data leaks on hacking forums
The data allegedly belongs to consultancy Brooks International, which refused to pay ransom to cyber criminals
Russia-linked APT28 is using stolen corporate email accounts to facilitate phishing attacks
Almost 40 per cent of the attacks launched by the group, also known as Pawn Storm, launched over the past year targeted defence companies
New Trickbot campaign using brute force attacks to target telecoms firms uncovered by researchers
Operators are using a new module to target Remote Desktop Protocols
Some commercial password managers can be fooled into disclosing user passwords, researchers warn
Such password managers use weak criteria to find out whether an app is genuine or not
Health secretary Matt Hancock: Coronavirus response work covered by exemptions from GDPR
'GDPR has a clause excepting work in the overwhelming public interest', says Secretary of State for Health Matt Hancock
Eighty-five per cent of Microsoft Exchange Servers vulnerable to remote-code execution security flaw patched last month
Organisations warned to patch protect against CVE-2020-0688 as state-backed APTs start targeting vulnerable Exchange Servers
Old laptop containing classified German military files bought for €90 on eBay
The researchers were able to unlock military files simply by entering 'guest' for the username and password
Pakistan-linked APT36 accused of using coronavirus to propagate Trojans
Malwarebytes claims Pakistan state-sponsored group is using a fake Indian government advisory to spread remote-access Trojan
Travelex owner Finablr 'on verge of collapse' two months after ransomware outage
Travelex systems went down for a month following a ransomware outage launched on New Year’s Eve
