Latest Cyber Security News

llinois Valley Community College warns students about data breach

Description

Recently, Illinois Valley Community College has informed all its current and former students, faculty and applicants about a data breach that took place in April. More than 160,000 letters have been sent by the college to all the people who may get affected by the data breach.

ILLINOIS blog | IEMLabs

Cybercriminals Attack Vulnerable WordPress Sites

Description

WordPress is a free and open-source content management system (CMSes) with plugins architecture and a template system. It has schemes that allow professionals and novices alike to create amazing websites with ease. Because of great popularity and easily available development features WordPress is often a target of cybercriminals seeking ways to launch their malicious activities.

wordpress blog | IEMLabs

Specialty networking solutions provider Belden suffers data breach

Description

Recently, specialty networking solutions provider Belden disclosed a data breach resulting in the theft of employee and business information. The company reported that the hackers responsible for the incident got access to some current and former employee data, as well as limited and sensitive information of the company regarding some business partners.

belden blog | IEMLabs

Leakage of admin password through Symfony profiler fixed by Last.fm

Description

Over the last week, British music-streaming app Last.fm suffered the leakage of several admin password credentials. The bug has been fixed but it posed an immense threat to all the users of Last.fm of having their personal data exposed. 

The cause for this leakage, as discovered by security researchers Sebastien Kaul and Bob Diachenko, was a web app running in debug mode in the background.

SYNFONY blog | IEMLabs

Researcher earns nearly $4,000 from TikTok after discovering a couple of vulnerabilities

Description

TikTok is a China-made global phenomenon mobile phone app used to create short lip-synced comedy or talent video clips of between 3 and 15 seconds or looped up to 60 seconds. It is highly popular among the youth who use it for self-publicity or showing off.

TikTok blog | IEMLabs

WhiteHat Jr admits a bug made their data vulnerable

Description

WhiteHat Jr is an Indian startup and online education platform that offers Online coding classes and technical education. It is a highly popular online education platform with numerous users. However, security experts have detected vulnerability in this platform on 19th November. WhiteHat Jr had a bug in its system that made its data of over 2.8 lakh students vulnerable.

White Jr blog | IEMLabs

Russian Hacker group, REvil threatens Kenneth Copeland to release 1.2 terabytes of sensitive data

Description

The Russian ransomware group known by the name of REvil has attacked Kenneth Copeland Ministry. Kenneth Copeland Ministry is an organization with a net worth of at least $300 million owned by the American televangelist Kenneth Copeland who has been recognized preaching the prosperity gospel. As part of his evangelism, he calls for donations to his church, with the suggestion that parishioners will get a “hundredfold” return on their investment.

RUSSIAN

Manchester United football club suffered a data breach

Description

Of late, the extremely popular football club Manchester United has been hit by a cyber attack. The attack involved a breach of personal data of its fans. However, initially the club was not aware of any breach of personal data associated with its fans but later the club confirmed the security breach. As a result of the security breach the club had to shut down its systems to prevent the malware from spreading within.

manchester | IEMLabs

Hacker leaks the user data of Peatix app

Description

Peatix is one of the well-known online event management apps currently ranked among the Alexa Top 3,500 most popular sites on the internet with millions of users.  But, a hacker has leaked personal data of more than 4.2 million users registered on Peatix. The site’s user data was made available through ads posted via Instagram stories, on Telegram channels, and on several different hacking forums.

PEATX | IEMLabs

U.S tax payers targeted by Mount Locker ransomware

Description

Ransomware attacks have become very common in 2020. The ransomware group named Mount Locker first came into action in July and it is now preparing to take advantage of the tax season in the U.S. Mount Locker operators have been observed specifically targeting Turbo Tax returns. Turbo tax is a software used for the preparation of American income tax returns

Ransomeware-detected | IEMLabs

Spotify users targeted by attackers

Description

Spotify is one of the famous music streaming services with millions of users. However, users of the music streaming service were targeted by attackers using credential-stuffing approaches and due to this credential-stuffing operation, subscribers of Spotify streaming music service may have experienced some disruption

attack | IEMLabs

Pray.com exposed personal data of 10 million users

Description

Pray.com is a popular Christian faith app used for daily prayers and biblical audio content. It has been downloaded by several million users from the Play Store. Recently, Pray.com has exposed personal data of 10 million users dating back to 2016.

Researchers at vpnMentor discovered four misconfigured AWS S3 buckets belonging to the company. Although it had made private around 80,000 files, it failed to replicate these security measures on its Cloudfront CDN, which also had access to the files. This means a hacker could have released personal information of 10 million people, most of whom were not even Pray.com users.

pray.com | IEMLabs

More than 80% of the companies restructured their cybersecurity infrastructure

Description

Amid the pandemic situation of 2020, when everyone is getting accustomed to work from home, there has been a rapid increase in the rate of cyber attacks. The ongoing pandemic has increased the usage of the internet to a large extent in India. But at the same time the rate of Cyber crimes has also increased. Due to the increased rate of cyber attacks, over 80% of the companies have changed their approach to cyber security.

Over 40 percent of organizations sped up their cloud migration because of COVID-19. Some already used several cloud services, such as services to track employee productivity, cloud invoicing and accounting solutions, and videoconferencing programs.

Cyber Security Infrastructure Blogs | IEMLabs

American Bank Systems faces Ransomware attack

Description

American Bank Systems (ABS) is a company that provides services to U.S. financial institutions and banks. Recently, the company has been hit by a ransomware attack. On analysis, researchers discovered that a ransomware group named Avaddon was responsible for the attack. They had acquired over 50 GB of the company’s proprietary data but had leaked only 4 GB of it initially. But after ABS refused to cooperate with Avaddon’s ransom demands, the threat actors have published the entire 52.57 GB worth of stolen data.

Ransomware Attack Blogs | IEMLabs

Cybercrime will cost the world $6 trillion annually by 2021

Description

In recent times cybercrime has become one of the biggest problems with mankind and it is one the greatest threats in today’s world. According to Cybersecurity Ventures, cybercrimes had cost $3 trillion in 2015. But they predicted that Global Cybercrime Damages will reach $6 trillion annually by 2020. This prediction has been acknowledged by several major media outlets, senior government officials, tech-industry experts, world’s largest cybersecurity companies, and cyber fighters globally.

Cybercrime Blogs | IEMLabs

TroubleGrabber malware targets Discord users

Description

TroubleGrabber is a recently discovered malware that spreads via Discord attachments and uses Discord webhooks for data exfiltration. The security researchers at Netskope, the American cyber security firm have spotted this new credential stealer TroubleGrabber that uses Discord webhooks to transfer stolen data to its operators. Several threat actors use the new info stealer to target gamers on Discord servers and to steal their passwords and other sensitive information. The functionalities of this malware is very similar to the AnarchyGrabber, another info stealer.

TroubleGabber Blogs | IEMLabs

Pluto TV suffers a data breach affecting 3.2 million accounts

Description

Pluto TV is an American internet television service owned by Viacom CBS.  It is one of the leading free online TV service providers that offers several ad-supported channels corresponding to real-life networks (NBC, Nick, etc.) and various topics (old movies, gaming, etc.). Recently, Pluto TV has suffered a security breach and the hackers shared records of 3.2 millions of account details from 2018 for free. The well-known hacking group, ShinyHunters which has previously released customer data from over 17 companies and broke into microsoft’s private repository earlier this year, was responsible for the breach.

Pluto TV Blog | IEMLabs

Data breach incident involving covid-19 results

Description

On September 16, 2020, the Department of Health and Social Services (DHSS) discovered that a Division of Public Health temporary staff member mistakenly sent two unencrypted emails, one on August 13, 2020, and one on August 20, 2020, to an unauthorized user.

These unencrypted emails involved COVID-19 test results for approximately 10,000 individuals. The email of August 13, 2020  included test results for individuals tested between July 16, 2020, and August 10, 2020 while the August 20, 2020 email included test results for individuals tested on August 15, 2020.

Health Industry Blogs | IEMLabs

$2 million stolen from cryptocurrency service Akropolis

Description

Akropolis is a Defi (decentralized finance) lending and savings protocol which allows users to take loans and earn interest on crypto deposits. But recently, this cryptocurrency service faced a “flash loan” attack and the hacker stole around $2 million worth of cryptocurrency. Of late, flash loan attacks have become very common against cryptocurrency services running Defi platforms.

Crytocurrency Blogs | IEMLabs

ISPA is warning SA’s 11 million gamers

Description

11 million gamers of South Africa were warned of targeted attacks by the local Internet industry representative body, the Internet Service Providers’ Association (ISPA). The global gaming industry has seen major growth in this lockdown and it was rated the third most popular entertainment genre in the world after books and gambling. But at the same time the gaming industry has become one of the major targets.

ISPA Blogs | IEMLabs

Malware attack disclosed by Milteni Biotec

Description

With the spread of the Covid-19 pandemic, there has also been an increase in the number of ransomware attacks across the world. Many groups have come up who are constantly attacking and harassing various companies and infrastructure. Most of  these attacks have been targeted towards the health sectors across the world. The main reason for this is that because of the Covid the healthcare industry is slowly moving all of its functionalities to the online mode of service. This mode of service makes the data infrastructure more vulnerable to such cyber attacks

Milteni Blogs | IEMLabs

Ransomware attack is a major threat to manufacturing industry

Description

Ransomware attacks have become a major problem for the manufacturing industry as cyber criminals are highly interested in targeting the industrial control systems (ICS) that manage various operations. On analysing the records researchers have discovered that the number of publicly recorded ransomware attacks against the manufacturing industry has tripled in the last year.

Ransomware Attack Blogs | IEMLabs

New attack method can steal data from Intel CPUs

Description

 Researchers disclosed that a new attack method named Platypus targets the RAPL interface of Intel processors. Platypus is actually the acronym for Power Leakage Attacks: Targeting Your Protected User Secrets” while RAPL stands for Running Average Power Limit. RAPL is a component that allows software or firmware applications to monitor power consumption in the CPU and DRAM. RAPL, which effectively allows firmware and software apps to read how much electrical power a CPU is pulling in to perform its tasks, is a system that has been used for years to track and debug application and hardware performance.

Intel Blogs | IEMLabs

New Tricks and Tactics of Joker malware

Description

With technology growing at an exponential rate, the threats to such technology by cyber attacks have also increased. But with the increase in the number of cyber attacks, there are people who have come up with new and innovative ways to prevent such attacks from happening and to maintain the security of a system. For this reason, cyber criminals try to come up with even more innovative ways to bypass all these security measures.

Malware Blogs | IEMLabs

Medical Billing Company suffers Data Breach

Description

Timberline is based on Des Moines, the capital city of Iowa and it provides services to around 190 schools of Iowa. In recent times, Timber Billing Services LLC faced a cyberattack. After gaining access to the company’s network, the attacker encrypted files and removed information.

Medical Blogs | IEMLabs

Successful exploits against Windows 10, iOS, Chrome at Tiangfu Cup

Description

Many of the superior software programs of recent times were hacked using new and advanced techniques at the 2020 edition of Tiangfu Cup, the most prestigious and largest hacking competition of China. The third edition of Tiangfu competition was held in the city of Chengdu, in central China and ended on 9th November, 2020.

Software Blogs | IEMLabs

Hackers used mysterious bugs to hack iphones and android phones

Description

Google’s elite team responsible for bug and malware detection found and disclosed seven mysterious and critical bugs that have been exploited by hackers. These bugs may have a high impact on Windows, Chrome, Android and iOS. Google also said that all these bugs were related to each other in some way or other indicating that these vulnerabilities were being used by the same hacker or same gang in order to hack people. 

Hacker Blogs | IEMLabs

Healthcare Workers Private Data Leaked from Covid-19 Tracker App

Description

Since the November of last year, the entire world has been suffering from a life-threatening pandemic situation. We have been forced to be isolated into our homes and continue our work using online resources. But shifting huge amounts of data to the internet also increased the chances of cybersecurity attacks. In the past few months, there have been an increasing amount of attacks on various networks and public sectors, especially the healthcare sectors.

COVID Blogs | IEMLabs

Discovery of Linux Version of RansomEXX by Kaspersky.

Description

RansomEXX is a new ransomware that became famous since June 2020. Cybercriminals have used this ransomware for attacking large organizations like Tyler Technologies, the US government contractor , Montreal’s public transportation system, the Texas Department of Transportation (TxDOT), Konica Minolta, and Brazil’s court system (STJ). Security Researchers call RansomEXX the “Big Game Hunter’ as it targets big organizations and demands for large ransom.

Linux Blogs | IEMLabs

Zoom Misled Users About Secured Meetings

Description

Federal Trade Commission (FTC) filed a complaint accusing Zoom of deceiving users over security since 2016. It was said that the company held on to cryptographic keys that allowed it to access content from its customers’ meetings, and secured meetings with a lower level of privacy encryption than it promised customers.

ZOOM Blogs | IEMLabs

Vulnerabilities detected in Schneider Electric PLCs

Description

Researchers at Claroty have found out new details on authentication and encryption vulnerabilities in Schneider Electric programmable logic controllers (PLCs). If exploited, these vulnerabilities could allow an attacker to exfiltrate data, modify code, and execute commands on operational technology (OT) and critical infrastructure systems. 

Schneider Blogs | IEMLabs

Social Media Scammers use Cadbury brand name for data extraction

Description

 A fake Facebook Group has been  offering a free hamper of Cadbury chocolate to trick social media users into revealing their personal and financial details. As discovered by Think Tank Parliament, the campaign is basically based on “Cadbury Rewards”. These scammers have been using the Cadbury logo on the social media sites to extract users’ personal information.

Cadbury Blogs | IEMLabs

Ryuk ransomware operators had used pentester toolkit for criminal activities

Description

Nowadays, there has been a rapid increase in the rate of ransomware attacks. The Advanced Intel group had detected that Ryuk ransomware operators had used pentester toolkit for targeted cybercrime operations, and they have succeeded in their criminal activities.

Ryuk Blogs | IEMLabs

WordPress plugin makes it easier for cybercriminals to attack

Description

Welcart e-Commerce is a free WordPress plugin that has more than 20,000 installations. According to WordPress, Welcart e-Commerce enjoys top market share in Japan. It allows site owners to add online shopping to their sites in a turn-key fashion, with options to sell physical merch, digital goods and subscriptions, with 16 different payment options.

Wordpress Blogs | IEMLabs

Israeli companies targeted by Pay2Key Ransomware

Description

In recent times several well-known organizations and large corporations of Israel have been breached and had their systems encrypted by a previously unknown ransomware called Pay2Key. The attacks were first carried out towards the end of October. In a report published by the Israeli cyber security firm, Check Point it is stated that most of the attacks have been carried out at midnight when fewer employees are working at the IT companies.

Pay2Key Blogs | IEMLabs

Linux servers and Linux IoT devices targeted by Gitpaste-12 worm

Description

Researchers have discovered a new worm named as Gitpaste-12 that has targeted Linux Servers and Linux IoT devices that are based on ARM and MIPS CPUs. The malware is called GitPaste -12 as it uses Github and Pastebin for accommodating the component code it has 12 different attack modules.

Gitpaste Blogs | IEMLabs

Customer data leaked by Hotel reservation platform

Description

Hotel reservation platforms released personal data of customers from famous online booking sites. Prestige Software which is a Spain-based software company of Barcelona was caught for releasing sensitive and private information of millions of customers around the entire world.

Customer Blogs | IEMLabs

Over 47.5 millions of Truecaller Customer’s data released on dark web

Description

Truecaller is a smartphone application that has features of caller-identification, call-blocking, flash-messaging, call-recording, Chat & Voice by using the internet. The app was developed by a private company called True Software Scandinavia AB in Stockholm, Sweden. Of late, 47.5 millions of Indian customers’ personal information was released by an anonymous individual on the dark web for $1000. 

Truecaller Blogs | IEMLabs

Researchers uncover a new type of APT group

Description

In the past decade, the word has witnessed an exponential growth in technology. But such development comes with its own pros and cons. With the growth of technology, there has also been an increase in cybercrime and cyber attacks. Black hat hackers are either producing sophisticated technologies for attacking vulnerable systems or using sophisticated technologies created by others to hack into vulnerable systems. 

Password Blogs | IEMLabs

Virtual machines at a threat from Regretlocker Ransomware

Description

With the rise in the Covid-19 pandemic, there has also been an increasing rise in cybercrimes around the world. There have been various reports of attacks by black-hat hackers, especially reports of ransomware attacks from various public and private sectors of the world.

Regret Ransomware Blogs | IEMLabs

Several JavaScript Vulnerabilities in Adobe Acrobat Reader

Description

Adobe Acrobat Reader is one of the well-known PDF reader in the market. It has got a huge user base and is used as a by-default PDF reader in systems. However, in recent times several JavaScript vulnerabilities have been detected in Adobe Acrobat Reader. These vulnerabilities were discovered by Aleksander Nikolic of Cisco Talos and can be easily triggered by sending email attachments or visiting unknown websites.

ADOBE Blogs | IEMlabs

Leakage of Stolen data may not be prevented by paying Ransom

Description

In one of its recently published reports, Coveware which is a ransomware IR provider stated that of late there has been an increment of 31% in paying ransom to the cybercriminals. In the 3rd quarter (Q3) of 2020, overall ransom amounting to $233,817 was paid to the cybercriminals by the targeted organizations. The report also said that cases where the attackers have exfiltrated data and demanded additional payment for deleting all the leaked data have doubled in this quarter.

COVEWARE Blogs | IEMLabs

419 new cyber threats per minute in 2nd Quarter of 2020

Description

In a recent report released by McAfee, mainly based cybercrime activities, it is stated that 419 cyber threats are taking place per minute in the second Quarter (Q2) of 2020. Amid the pandemic situation, when people are getting accustomed to work from home situation, there has been a rapid growth in the rate of cyber attacks. Raj Samani, the chief scientist at McAfee said that it has been quite easy for the cybercriminals to attack the famous enterprises through their employees who have been working online either from their home or other remote places.

McAfee Blogs | IEMLabs

New Partnership of Microsoft with NCSC for Cyber Accelerator Program.

Description

Microsoft is one of the biggest tech companies in the world that is best known for software products. The Cyber accelerator program of Microsoft aims to support the extension of newly emerged cyber oriented companies and growth of entrepreneurs and their start-ups in the field of cyber security. The main objective of Microsoft is to make UK a safe place to carry all the works online by helping these start-ups to bring advanced, cheaper and faster products in this particular field.

Microsoft Blogs | IEMLabs

Inverted images to evade detection

Description

Phishing is not a new term in the world of cybersecurity and cybercrime. During the Covid-19 pandemic, there have been several reports of phishing scams around the world. But recently, there have been reports of a phishing campaign to steal login credentials from Office 365 users. Office 365 is a product of Microsoft, which collaborates all the Microsoft Office tools online. 

Office 365 Blogs | IEMLabs

Mysterious APT sends Curious ‘KilllSomeOne’ message

Description

Recently, a new advanced mysterious APT has threatened the non-governmental sectors in Myanmar (formerly known as Burma) in Southeast Asia. The threatening messages sent by the attackers include messages like “kill someone”. Researchers are working hard to gather information about these attackers responsible for sending such script-kiddie messages.

5.22 GB of Mashable database was leaked by ShinyHunters

Description

Mashable is an American entertainment company and a multi subject digital media platform that contains blogs on all the topics including technology, culture, science, social good etc. But recently 5.22 GB worth of database that belongs to mashable.com has been leaked by a hacker from the online handle of Shiny Hunters. This leaked database is available on various hacker forums. 

Capcom, the Japanese video game company faced a Cyber attack

Description

Of late, the Japanese video game publisher and developer, Capcom faced a cyber attack which affected their business. Capcom is a reputed video game company that has developed several games including Mega Man, Street Fighter, Darkstalkers, Resident Evil, Onimusha, Dead Rising, Dino Crisis, Sengoku Basara, Monster Hunter, Ace Attorney and Breath of Fire. The firm is also famous for developing Disney animated games.

Capcom Blogs | IEMLabs

Increased rate of Ransomware attack in health sectors amid the pandemic

Description

Amid this pandemic situation, there has been a growth in the rate of Ransomware attacks in health sectors. Within a few months of this year, more than eighty ransomware attacks have been reported. These attacks have impacted both small and large health facilities.

Recently, a 434 bed hospital named as Presbyterian Medical Center Recently, a 434 bed hospital named as Presbyterian Medical Center of Hollywood faced a ransomware attack. Giles, the chief information officer of the hospital informed that due to the attack his staff had to pay $17,000 converted to cryptocurrency to the hackers.

Ransomware Attack Blogs | IEMLabs

Leading Cyber Security Company Sued 23 Suits After Ransomware Attack

Description

Blackbaud is a leading cybersecurity company operating in various countries around the world, notably, Canada, USA, Australia, United Kingdom, etc. With the spread of the Covid-19 pandemic, reports of ransomware attacks on various sectors of the world have also been on the increase. There have been reports of ransomware attacks in the public health sectors, etc. Even the cybersecurity services providing companies are not spared from such attackers.

Blackbaud Blogs | IEMLabs

Microsoft Store Games could be Modified for Extra Privileges on Windows

Description

In the recent past, Microsoft had announced that it has begun allowing mods on certain games available on its store. Mods simply means that a user can modify certain files or parts of the game to customize the look and the feel of the game. A researcher at IOActive, a Cybersecurity service provider, felt that this might lead to the exploitation of vulnerabilities, if any, on the Microsoft store which could affect millions of Windows users.

Microsoft Blogs | IEMlabs

Our Certifications

Collaboration | ISO | IEMLabs

Our Accreditation

Collaboration | EC Council | IEMLabs

Our Membership

Collaboration | Nasscom | IEMLabs
DSCI Logo | IEMLabs
ICC Logo | IEMLabs
CII Logo | IEMLabs

Christmas Bonanza

Contact Us and Get

Instantly

Call Us - 1800 270 3002

Use Promocode - IEMA20

Valid Till - 31st December, 2020

Get In touch

We are available 24 * 7, Contact Us and Avail Instant Discount

WhatsApp Now