Cyber Attack News, Articles and Updates

Ikea's TaskRabbit investigating cybersecurity incident

Ikea's freelance labor marketplace task rabbit temporarily shut down its app and website amid the investigation of a "cyber-security incident"

URL file attacks spread Quant Loader

A recent spate of attacks using phishing, social engineering, exploits, and obfuscation are being used to spread a Quant Loader trojan capable of distributing ransomware and password stealers

SirenJack flaw exposes problems in emergency alert system

Security researchers have found a flaw in the emergency alert warning siren system used by many local authorities - could be sounded by hackers, research finds.

Pranksters deface 'Despacito,' other popular YouTube videos

A group of cyber pranksters defaced an array of some of the most popular YouTube music videos by changing titles and thumbnail images on the singer's VEVO accounts.

Researchers find weaknesses in 'Sloppy' LockCrypt ransomware

Malwarebytes researchers discovered a weakness in the LockCrypt ransomware which enabled them to recover victim's files.

Entry-level Rarog cryptominer flies under the radar

A relatively unknown cryptomining malware dubbed "Rarog" is giving cybercriminals a relatively affordable way for entry level exploitation.

Magento sites brute forced by cryptominers

Brute force attacks are being used to compromise Magento sites to scrape payment card data and deliver cryptomining malware.

Common-sense GoScanSSH author avoids infecting high-risk targets

Researchers at Cisco's Talos Intelligence Group have identified a new malware family, dubbed GoScanSSH, that compromises SSH servers. Well, those not attached to government, law enforcement or military domains anyway. Note: SC Media UK will not be publishing during UK Easter holidays, resuming 2nd April 2018.

Vanderbilt University researcher claims breaches linked to patient deaths

A Vanderbilt University researcher is claiming more than 2,100 patient deaths are linked to hospital data breaches each year.

Security industry reacts to UK police cyber-crime budget revelations

As UK police forces are revealed to have spent just £1.3 million on cyber-crime training in the last three years, security industry response is damning.

San Diego is suing Experian over data breach

The city San Diego is suing Experian over the data breach that compromised millions of records including those of 250,000 people in San Diego.

Government push for email authentication helps cut back on BEC scams, study

Despite major investments in cybersecurity, email fraud continues to rise as cybercriminals' tactics become more advanced.

New Fakebank malware variant intercepts calls on Android smartphones

Malware active in South Korea, redirects calls to scammers. Security researchers have discovered a new variant of the Fakebank malware.

Suspected Chinese cyberespionage group targets U.S. engineering, maritime Industries

The suspected Chinese cyberespionage group dubbed "TEMP.Periscope" is targeting U.S. engineering and maritime Industries in its latest campaign.

Bitcoin stealing malware distributed on download.com for nearly a year

Bitcoin stealing malware that swaps user accounts with that of the attacker was hosted on Download.com servers for nearly a year.

Gwent Police sat on data breach exposure for a year before informing ICO

Gwent Police failed to inform up to 450 people that hackers may have accessed their confidential information after it found that an online tool that allowed citizens to report incidents to the Police was exposed to hackers.

HenBox malware targets Chinese minority group

A new Android malware family dubbed HenBox is targeting a large online population based in China who have been the subject of numerous cyber-attacks in the past.

Cyber-attacks against Russia may follow attempted nerve agent killing in UK

Offensive cyber-attacks against Russia are reported to be among options under consideration by the UK if it is dissatisfied with Russia's explanation by midnight today of the use in this country of Russian nerve agent Novichok.

Sophisticated hacking tools now in the hands of petty cybercriminals

Sophisticated hacking tools and techniques like watering-hole attacks, once used only by nation states or proxies, now increasingly used by criminal hackers, fueling concerns that state-sponsored hackers may have gone rogue.

Windows 10 Cortana allows attackers to open malicious websites

A vulnerability in the Windows 10 voice assistant, Cortana, allows attackers to open malicious websites on a user's device even when a PC is locked.

FS-ISAC hit with phishing attacks

A Financial Services Information Sharing and Analysis Center (FS-ISAC) employee feel victim to a phishing attack that compromised their login credentials.

After 'isolated' hack, Germany says government computers are secure

The German government said on Wednesday that hackers had breached the network of government computers with an isolated attack that had been brought under control and which was being investigated by security officials.

Updated Avzhan DDoS bot spotted in Chinese drive-by attack

Malwarebytes researchers spotted an updated version of the Avzhan DDoS bot dropped by Chinese drive-by attack.

Double cryptominer delivered via Oracle server exploit

Trend Micro researchers spotted an Oracle server vulnerability exploited to deliver double Monero miner payloads.

Drive-by download campaign tests exploits on Chinese websites

A drive-by download campaign is targeting Chinese websites to experiment with different exploits to drop malware.

Nation state cyber-attacks on the rise - detect lateral movement quickly

Line between cyber-criminals and nation state hackers increasingly blurred. The volume and intensity of cyber-attacks hit a new high in 2017 alongside the increasing level of sophistication of hacks.