fbpx

Download free GDPR compliance checklist!

Tag Archives for " malware "

Retailer fined half a million pounds for data breach of at least 14 million people

The Information Commissioner’s Office (ICO) has fined DSG Retail Limited (DSG) £500,000 after a ‘point of sale’ computer system was compromised as a result of a cyber-attack, affecting at least 14 million people.

An attacker installed malware on 5,390 tills at DSG’s Currys PC World and Dixons Travel stores between July 2017 and April 2018, collecting personal data during the nine month period before the attack was detected.

The company’s failure to secure the system allowed unauthorised access to 5.6 million payment card details used in transactions and the personal information of approximately 14 million people, including full names, postcodes, email addresses and failed credit checks from internal servers.

Source: National retailer fined half a million pounds for failing to secure information of at least 14 million people | ICO

Google teams up with security companies to catch bad apps before they hit the Play Store 

Google announced that it’s teaming up with three security companies to help identify malicious apps before they’re published on the Play Store and can potentially do harm to Android users. The company is calling this partnership the App Defense Alliance.

Android is on over 2.5 billion devices, according to Google, and the company says that makes the platform “an attractive target” for abuse.

Source: Google teams up with security companies to catch bad apps before they hit the Play Store – The Verge

Italy hit by a wave of musical ransomware attacks

The musical ransomware, FTCode, plays German rock music whilst encrypting victims’ files.

Researchers at AppRiver discovered FTCode within malicious email campaigns targeting Italian Officer 365 customers. Victims receive emails containing malicious content posing as invoices, documents scans and resumes.

Source: #Privacy: Italy hit by a wave of musical ransomware attacks

Mysterious iOS Attack Changes Everything We Know About iPhone Hacking

For two years, a handful of websites have indiscriminately hacked thousands of iPhones.

The rare and intricate chains of code took advantage of a total of 14 security flaws, targeting everything from the browser’s “sandbox” isolation mechanism to the core of the operating system known as the kernel, ultimately gaining complete control over the phone.

Source: Mysterious iOS Attack Changes Everything We Know About iPhone Hacking | WIRED

Malware that can record computer screens discovered

A new malware has been discovered that is able to record the screen of an infected machine and identify a user who is viewing porn.

Researchers at IT security company ESET, first observed the malware dubbed “Varenyky” in May 2019. A month later, researchers saw the first malicious document infecting a victim’s computer which had been attached to an email message.

Source: #privacy: Malware that can record computer screens discovered

Report reveals the dangers and trends of malware through 2018

Last year, the arrival of the EU’s General Data Protection Regulation sent shockwaves through the world of data protection. Big corporates registered record-breaking data breaches, while pre-GDPR transgressions such as those committed in the Facebook/Cambridge Analytica scandal fell under heightened scrutiny of a more privacy-conscious age.

Full article: Report reveals the dangers and trends of malware through 2018

NSA will open source a tool for malware disassembly and reverse engineering

Dubbed GHIDRA, the tool will allow folks au fait with cyber security to pick apart binaries for Windows, macOS, Android and iOS, and turn them into code that can then be perused to figure out what malware has been up to, or take a deep dive into seemingly legit software carrying out eyebrow-raising activity.

Full article: NSA will open source a tool for malware disassembly and reverse engineering

Cybersecurity in 2019

While you prepare your defenses against the next big thing, also pay attention to the longstanding threats that the industry still hasn’t put to rest.

Will 2019 be the year we see a nation-state take down a large-scale industrial installation? How much of the world’s cryptocurrency will be mined by hackers using unsuspecting endpoints? What kind of damage can we expect from well-intentioned but misguided vigilantes? And what does it all mean to you?

Full article: Cybersecurity in 2019: From IoT & Struts to Gray …

New malware pulls its instructions from code hidden in memes posted to Twitter

Security researchers said they’ve found a new kind of malware that takes its instructions from code hidden in memes posted to Twitter.

The malware itself is relatively underwhelming: like most primitive remote access trojans (RATs), the malware quietly infects a vulnerable computer, takes screenshots and pulls other data from the affected system and sends it back to the malware’s command and control server.

What’s interesting is how the malware uses Twitter as an unwilling conduit in communicating with its malicious mothership.

Full article: New malware pulls its instructions from code hidden in memes posted to Twitter | TechCrunch

Widely used open source software contained bitcoin-stealing backdoor

A hacker or hackers sneaked a backdoor into a widely used open source code library with the aim of surreptitiously stealing funds stored in bitcoin wallets. The malicious code was inserted in two stages into event-stream, a code library with 2 million downloads that’s used by Fortune 500 companies and small startups alike.

In stage one, version 3.3.6, published on September 8, included a benign module known as flatmap-stream. Stage two was implemented on October 5 when flatmap-steam was updated to include malicious code that attempted to steal bitcoin wallets and transfer their balances to a server located in Kuala Lumpur. The backdoor came to light last Tuesday with this report from Github user Ayrton Sparling.

Full article: Widely used open source software contained bitcoin-stealing backdoor | Ars Technica

1 2 3 5
>