Following a month of cyberattacks involving Iran and Israel, experts are reluctant to predict all-out digital warfare between the nation states, despite the obvious recent tit for tat that underscores age-old, religion-based tensions. The latest possible salvo came May 21, when approximately 1,000 corporate and manufacturing targets within Israel were afflicted with defacements and denial…
The Silent Night Zbot, a new variant of the infamous banking trojan ZeuS that wreaked havoc in mid-2009 may be impressive in its design but it’s “not any game changer,” according to a deep-dive report from Malwarebytes and HYAS. Calling Silent Night “yet another banking Trojan based on ZeuS,” the 186-page report praised the malware’s…
Adding COVID-19 exploitation to its nefarious arsenal targeting governments, the Nigerian Scattered Canary criminal gang most recently attempted to exploit the CARES Act on May 17, filing two fraudulent unemployment claims through Hawaii’s Department of Labor and Industrial Relations website. The bogus claims were part of a larger criminal effort in the past month that…
A new malware called “WolfRAT is targeting messaging apps, such as WhatsApp, Facebook Messenger and Line on Thai Android devices. WolfRAT, according to the Cisco Talos intelligence team, is based on a leak of the previously leaked DenDroid malware family. Talos said in a blog post it highly believes that this modified version of the malware…
An attack against British airline easyJet by “a highly sophisticated source” accessed the email addresses and travel details of approximately nine million customers, including credit card details of 2,208 customers. The company did not reveal when it learned of the attack or what a forensic investigation revealed, nor did it specify the breach date. Although the…
After Facebook was stopped from launching a dating service in Europe on Feb. 13, infosec experts are left wondering if the social media network had learned anything from the Cambridge Analytica debacle in 2018 or the platform’s other data privacy transgressions. The EU found Facebook committed data protection violations within the forthcoming service, such as…
The U.S. government expanded its year-old lawsuit against Chinese tech firm Huawei, alleging the company conducted cyber espionage on six American competitors in an attempt to steal trade secrets to gain an unfair advantage. Filed in the federal court’s Southern District in Brooklyn, the indictment charges that Huawei’s activities violated racketeering laws by illegally gaining…
The before and after photos of thousands of plastic surgery patients in Europe were recently left vulnerable but since rectified, researchers at vpnMentor wrote in a blog post. The researchers, led by Noam Rotem and Ran Locar, discovered on Jan. 24 that NextMotion did not secure or encrypt the body images and PII of people…
The controversy over usage of facial recognition technology took center stage last week in Washington, D.C., as the House of Representatives’ Homeland Security Committee held a two-hour hearing, as opponents in the debate decry its racial bias and federal government’s quick rollout at U.S. airports without fully testing or acknowledging proven shortcomings. In his opening…
Five years after a high-profile data breach of an infidelity website where users could meet to start an extramarital affair, users of Ashley Madison are now increasingly finding themselves victimized by extortion plots to pay about $1,000 in bitcoins to save them further embarrassment. The current scheme, uncovered by Vade Secure threat analyst Damien Alexandre,…
