Recently, Microsoft has addressed 56 security vulnerabilities for February Patch which includes 11 critical and 6 publicly acknowledged. According to security updates, nine critical-severity cybersecurity bugs in February’s Patch have been tackled by Microsoft. Six of the security holes including one particular of the critical bugs have been now publicly disclosed.
In recent times, Social media has become an integral part of our lives. It plays a crucial role in connecting people and developing relationships, not only with key influencers and journalists, but also provides a great opportunity to establish customer service by gathering input, answering questions and listening to their feedback.
Microsoft has raised its voice of concern over the issue of increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers in the past few months. An APT known as TA2552 has been spotted using OAuth2 or other token-based authorization methods to access Office 365 accounts, in order to steal users’ contacts and mail.
Recently, Microsoft has addressed 56 security vulnerabilities for February Patch which includes 11 critical and 6 publicly acknowledged. According to security updates, nine critical-severity cybersecurity bugs in February’s Patch have been tackled by Microsoft. Six of the security holes including one particular of the critical bugs have been now publicly disclosed.
Recently, the Trickbot Trojan has added a new network scanning module to scan local network systems with open ports for quick lateral movement. The module uses the Masscan open-source tool to look for open ports with lightning-fast results.
Day by day, the retail sectors are becoming the favorite target of cybercriminals. Amid the COVID-19 pandemic, when there is a rapid increase in online purchasing and the major retail firms are using digital platforms to carry out their business, Cybercriminals are more likely to attack these sectors.
Recently, security experts have detected critical vulnerabilities in the Realtek RTL8195A Wi-Fi module that could be exploited by attackers to take complete control of a device’s wireless communications.
The cybersecurity firm, NCC Group has identified a Zero-day vulnerability in SonicWall enterprise security products. SonicWall, is a private company headquartered in Silicon Valley that sells a range of Internet appliances primarily directed at content control and network security. These include devices providing services for network firewalls, unified threat management (UTM), virtual private networks (VPNs) and anti-spam for email.
The Defense Advanced Research Projects Agency (DARPA) has finalized the results of a recent bug bounty event that tested the effectiveness of new hardware- and firmware-based security technologies. Initially, the bug bounty was set up to evaluate the hardware architectures developed under DARPA’s System Security Integration Through Hardware and Firmware (SSITH) program.
Recently, the retail giant, pan-Asian Dairy Farm Group has suffered a ransomware attack REvil ransomware operation group. The attackers have compromised Dairy Farm Group’s network and encrypted devices claim to have demanded a $30 million ransom.
Online gaming platform VIP games suffered a data breach and more than 23 million records were left exposed on a misconfigured server. VIP Games owned by software development company Casualino JSC is a free to play online card and board game platform, with an internet website and a mobile app.
Recently, security experts have detected a new Android malware that spreads through WhatsApp. The malware takes advantage of WhatsApp’s quick reply feature that permits users to respond to incoming messages directly from notifications and send out replies immediately.
The two well-known browsers of Microsoft Edge and Google Chrome are implementing new features that will make it easier for browser users to discover compromised passwords and will notify the users if their password has been compromised as part of a breach or database exposure.
Recently, security experts have detected a Telegram based scam named Classiscam mainly initiated by Russian-speaking scammers. The Classiscam scheme has been taking advantage of Telegram bots that provide scammers with ready-to-use phishing pages under the name of popular marketplaces and delivery services to steal money and payment data.
Recently, Whatsapp has updated its privacy policy that will be effective from 8th Feb 2021 and it is mandatory for all the users to agree to the terms and conditions of this new privacy policy in order to use the app in future.
Researchers have discovered 500,000 breached stolen credentials of employees from gaming companies and a million compromised internal accounts related to employee and customer-facing resources on the dark web. The compromised accounts were linked to internal resources like admin panels, VPNs, Jira instances, FTPs, SSOs, developer-related environments and more were found in virtually all of the top 25 gaming companies studied.
Recently, the General Medical Laboratory (AML) in the Antwerp district of Hoboken which was working for the management of Covid-19 pandemic has been the victim of ransomware attack. The attackers installed ransomware on the lab’s website and the website stopped working. The hackers demanded a large amount of ransom in order to make the site function normally.
Security experts from ThreatNix have detected that attackers have misused Facebook attacks in order to run a phishing campaign. These Facebook ads redirected the users to GitHub where the actual phishing pages resided. More than 6 lakhs of people belonging to different countries like Egypt, Philippines, Pakistan and Nepal fell into the trap of this phishing campaign.
Recently, Whirlpool has suffered a ransomware attack by Nefilim ransomware gang and the attackers stole the data before encrypting devices. The Whirlpool Corporation is an American multinational manufacturer and marketer of home appliances that has generated approximately $20 billion revenue in the year 2019.
Recently Google has fixed a bug in its feedback tool incorporated across its services as the tool could be exploited by an attacker to steal screenshots of sensitive Google Docs documents simply by exposing them in a malicious website
Online shopping has become very popular in modern times and amid this festive season millions of users are searching for the best deals on online shopping platforms. However, it should be noted that all the shopping ads promoted on Google are not created by legitimate advisers. Some of these ads are created by cybercriminals and may lead to malicious phishing websites. These phishing websites are usually responsible for stealing the login credentials of users and the users fall into the trap of financial scams.
Koei Tecmo Holdings Co. Ltd, is a Japanese video game and anime holding company created in 2009 by the merger of Koei and Tecmo. Koei Tecmo Holdings owns several companies, the biggest one of those being its flagship game developer and publisher Koei Tecmo Games. The company is famous for releasing popular games such as Nioh 2, Hyrule Warriors, Dead or Alive, Atelier Ryza, etc.
Recently, more than 15 billion login credentials have been discovered by researchers and cyber security experts that were released on the Dark we for sale. The released database included usernames, passwords, login data from online bank accounts, and from online music & video streaming services.
Recently, researchers and experts at Kapersky have detected that popular Google Chrome Extensions have been used to play videos in user’s browsers and increase the view counts. More than twenty Browser extensions have been used by the culprits to use chrome on user’s devices with malicious intentions.
Recently, researchers have highlighted the issue of rapid increment in ransomware attacks on healthcare and pharma companies. Amid this pandemic situation, these healthcare sectors have tried their best to fight COVID-19 and look after the well being of the people. But new reports suggest that there has been a rapid increment in ransomware attacks on the Indian pharma firms towards the end of 2020 as these companies finalise the vaccine of Covid-19.
Microsoft, Google, Cisco, Dell and other well known tech companies have recently joined Facebook’s legal battle against the hacking company NSO. A legal complaint was filed against NSO as the company had exploited a bug in Whatsapp, an American freeware, cross-platform messaging and Voice over IP service owned by Facebook.
Russia has completely denied the recent cyber-attack that impacted at least six federal agencies in the United States. In the last week, America’s Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive after cyber-criminals trojanized updates to SolarWinds’ Orion IT monitoring and management software to launch a large-scale cyber-attack.
In August, a server misconfiguration was found on the Telangana government site that risked exposing over 130,000 official files. Those files included thousands of government employee payslips, income tax details, and pension documents that had information including full names, addresses, bank account numbers along with IFSC codes, phone numbers, and salaries drawn, among other data
France based hardware wallet provider Ledger suffered a data breach back in July this year. Ledger develops security and infrastructure solutions for cryptocurrencies as well as blockchain applications for individuals and companies, by leveraging a distinctive, proprietary technology. The incident took place on July 25th, 2020 in which attackers stole the personal data of customers and subscribers.
Open-source security firm Sonatype reported that new malicious RubyGems packages have been discovered that are being used in a supply chain attack to steal cryptocurrency from unsuspecting users.
Recently, India introduced its first and biggest framework to protect itself from cyber attacks, data theft and other virtual vulnerabilities threatening its national security. The Union cabinet has approved the ‘National Security Directive on Telecom Sector’ in view of the alarming magnitude of cyber threats to India, official sources said.
Cybersecurity Research and Provider company Avast, has recently discovered about 28 new browser extensions, both in Google Web Store and in Microsoft Edge add-ons portal. These extensions are considered highly dangerous by Avast. Once these extensions have been downloaded in the browser, the malware starts to work on stealing sensitive private data from your browser as well as it can take you to various phishing websites
Nearly two thousand servers containing 45 million images of X-rays and other medical scans were left exposed on online platforms within the past twelve months. These scans and medical reports could be freely accessed by anyone, without any security protections. As reported by CybelAngel (a Digital Risk Protection Platform), these sensitive personal information were not only exposed to the public but also accessed by malicious folk.
Over the past 12 months, researchers at Kaspersky (the multinational cybersecurity and anti-virus provider) discovered an average of 360,000 new malicious files every day. There has been an increment of 5.2% than the previous year i.e 18,000 more malicious files per day have been discovered.
Adrozek is a new ad-injecting browser modifier malware that is capable of extracting device data and stealing credentials. Hence it has become a dangerous threat in recent times. According to researchers, the malware was at its peak in August 2020 when it targeted more than 30,000 devices per day affecting multiple browsers.
In a recent article, Google revealed that attackers are taking advantage of a specific class of vulnerabilities derived from side-channels built into the web platform, to extract sensitive information from various web applications. Dubbed cross-site leaks (XS-Leaks), this new class of vulnerability highlights new challenges for the security of web infrastructure.
Services provided by Google abruptly went down on Monday evening affecting more than 40,000 people worldwide. Many of the services which went down include Google Search, YouTube, Gmail, etc. The affected apps also included Google maps, Google Calendar, Google Docs, Google Slides. The latest outage started at approximately 5pm (IST) today.
In a recent report published by IBM the company informed about “a global phishing campaign” focused on organizations associated with the COVID-19 vaccine “cold chain” process. “Cold chain” is the process of keeping the vaccine doses at extremely cold temperatures (minus 70 degrees Celsius or below) while transporting them from manufacturers to people’s arms in order to prevent spoiling.
Media agencies have become one of the major targets for cybercriminals. In recent times ransomware attacks on media agencies have been very common. LockBit ransomware gang attacked the Press Trust of India and due to the attack the agency was prevented from delivering news to its subscribers. The largest independent news agency in Denmark, named Ritzau suffered a ransomware attack that led to the compromise and encryption of more than one-quarter of its 100 network servers.
Amid this ongoing pandemic situation IT companies are at high risk of cyberattacks. Within the last few weeks several IT firms witnessed direct cyberattacks which affected both their reputation and business.
Recently the firm, Rand McNally has suffered cyberattack and is currently working on restoring its network functionality. Rand McNally is a Chicago-based transportation technology firm founded in 1856. It provides leading route mileage optimization and fleet management software to carriers, shipping companies, and third-party logistics providers. The firm also owns a cloud-based telematics platform and distributes connected vehicle technology, consumer travel, and education products it produces.
Towards the end of November, ‘Abnormal Security’ detected one of the phishing campaign’s attack emails. The phishing campaign used back-to-work notifications in order to compromise recipients’ corporate email accounts.
That message involved an internal notification from the recipient’s company. It did so by using spoofing techniques to disguise the sender address. The email didn’t originate from inside the company. However in its research Abnormal Security explained that email instructed the recipient to open an HTML attachment containing the recipient’s name in its title.
Recently, online learning solutions provider K12 Inc faced a ransomware attack and had to pay a ransom to cybercriminals who managed to breach its systems and deploy a piece of ransomware.
Initially, the company detected unauthorized activity on its network. The attackers deployed a piece of ransomware and accessed information stored on some corporate back-office systems. This includes student and employee information, but K12 has yet to determine exactly what type of information has been compromised.
Recently, Illinois Valley Community College has informed all its current and former students, faculty and applicants about a data breach that took place in April. More than 160,000 letters have been sent by the college to all the people who may get affected by the data breach.
WordPress is a free and open-source content management system (CMSes) with plugins architecture and a template system. It has schemes that allow professionals and novices alike to create amazing websites with ease. Because of great popularity and easily available development features WordPress is often a target of cybercriminals seeking ways to launch their malicious activities.
Recently, specialty networking solutions provider Belden disclosed a data breach resulting in the theft of employee and business information. The company reported that the hackers responsible for the incident got access to some current and former employee data, as well as limited and sensitive information of the company regarding some business partners.
Over the last week, British music-streaming app Last.fm suffered the leakage of several admin password credentials. The bug has been fixed but it posed an immense threat to all the users of Last.fm of having their personal data exposed.
The cause for this leakage, as discovered by security researchers Sebastien Kaul and Bob Diachenko, was a web app running in debug mode in the background.
TikTok is a China-made global phenomenon mobile phone app used to create short lip-synced comedy or talent video clips of between 3 and 15 seconds or looped up to 60 seconds. It is highly popular among the youth who use it for self-publicity or showing off.
WhiteHat Jr is an Indian startup and online education platform that offers Online coding classes and technical education. It is a highly popular online education platform with numerous users. However, security experts have detected vulnerability in this platform on 19th November. WhiteHat Jr had a bug in its system that made its data of over 2.8 lakh students vulnerable.
The Russian ransomware group known by the name of REvil has attacked Kenneth Copeland Ministry. Kenneth Copeland Ministry is an organization with a net worth of at least $300 million owned by the American televangelist Kenneth Copeland who has been recognized preaching the prosperity gospel. As part of his evangelism, he calls for donations to his church, with the suggestion that parishioners will get a “hundredfold” return on their investment.
Of late, the extremely popular football club Manchester United has been hit by a cyber attack. The attack involved a breach of personal data of its fans. However, initially the club was not aware of any breach of personal data associated with its fans but later the club confirmed the security breach. As a result of the security breach the club had to shut down its systems to prevent the malware from spreading within.
Peatix is one of the well-known online event management apps currently ranked among the Alexa Top 3,500 most popular sites on the internet with millions of users. But, a hacker has leaked personal data of more than 4.2 million users registered on Peatix. The site’s user data was made available through ads posted via Instagram stories, on Telegram channels, and on several different hacking forums.
Ransomware attacks have become very common in 2020. The ransomware group named Mount Locker first came into action in July and it is now preparing to take advantage of the tax season in the U.S. Mount Locker operators have been observed specifically targeting Turbo Tax returns. Turbo tax is a software used for the preparation of American income tax returns
Spotify is one of the famous music streaming services with millions of users. However, users of the music streaming service were targeted by attackers using credential-stuffing approaches and due to this credential-stuffing operation, subscribers of Spotify streaming music service may have experienced some disruption
Pray.com is a popular Christian faith app used for daily prayers and biblical audio content. It has been downloaded by several million users from the Play Store. Recently, Pray.com has exposed personal data of 10 million users dating back to 2016.
Researchers at vpnMentor discovered four misconfigured AWS S3 buckets belonging to the company. Although it had made private around 80,000 files, it failed to replicate these security measures on its Cloudfront CDN, which also had access to the files. This means a hacker could have released personal information of 10 million people, most of whom were not even Pray.com users.
Amid the pandemic situation of 2020, when everyone is getting accustomed to work from home, there has been a rapid increase in the rate of cyber attacks. The ongoing pandemic has increased the usage of the internet to a large extent in India. But at the same time the rate of Cyber crimes has also increased. Due to the increased rate of cyber attacks, over 80% of the companies have changed their approach to cyber security.
Over 40 percent of organizations sped up their cloud migration because of COVID-19. Some already used several cloud services, such as services to track employee productivity, cloud invoicing and accounting solutions, and videoconferencing programs.
American Bank Systems (ABS) is a company that provides services to U.S. financial institutions and banks. Recently, the company has been hit by a ransomware attack. On analysis, researchers discovered that a ransomware group named Avaddon was responsible for the attack. They had acquired over 50 GB of the company’s proprietary data but had leaked only 4 GB of it initially. But after ABS refused to cooperate with Avaddon’s ransom demands, the threat actors have published the entire 52.57 GB worth of stolen data.
In recent times cybercrime has become one of the biggest problems with mankind and it is one the greatest threats in today’s world. According to Cybersecurity Ventures, cybercrimes had cost $3 trillion in 2015. But they predicted that Global Cybercrime Damages will reach $6 trillion annually by 2020. This prediction has been acknowledged by several major media outlets, senior government officials, tech-industry experts, world’s largest cybersecurity companies, and cyber fighters globally.
TroubleGrabber is a recently discovered malware that spreads via Discord attachments and uses Discord webhooks for data exfiltration. The security researchers at Netskope, the American cyber security firm have spotted this new credential stealer TroubleGrabber that uses Discord webhooks to transfer stolen data to its operators. Several threat actors use the new info stealer to target gamers on Discord servers and to steal their passwords and other sensitive information. The functionalities of this malware is very similar to the AnarchyGrabber, another info stealer.
Pluto TV is an American internet television service owned by Viacom CBS. It is one of the leading free online TV service providers that offers several ad-supported channels corresponding to real-life networks (NBC, Nick, etc.) and various topics (old movies, gaming, etc.). Recently, Pluto TV has suffered a security breach and the hackers shared records of 3.2 millions of account details from 2018 for free. The well-known hacking group, ShinyHunters which has previously released customer data from over 17 companies and broke into microsoft’s private repository earlier this year, was responsible for the breach.
On September 16, 2020, the Department of Health and Social Services (DHSS) discovered that a Division of Public Health temporary staff member mistakenly sent two unencrypted emails, one on August 13, 2020, and one on August 20, 2020, to an unauthorized user.
These unencrypted emails involved COVID-19 test results for approximately 10,000 individuals. The email of August 13, 2020 included test results for individuals tested between July 16, 2020, and August 10, 2020 while the August 20, 2020 email included test results for individuals tested on August 15, 2020.
Akropolis is a Defi (decentralized finance) lending and savings protocol which allows users to take loans and earn interest on crypto deposits. But recently, this cryptocurrency service faced a “flash loan” attack and the hacker stole around $2 million worth of cryptocurrency. Of late, flash loan attacks have become very common against cryptocurrency services running Defi platforms.
11 million gamers of South Africa were warned of targeted attacks by the local Internet industry representative body, the Internet Service Providers’ Association (ISPA). The global gaming industry has seen major growth in this lockdown and it was rated the third most popular entertainment genre in the world after books and gambling. But at the same time the gaming industry has become one of the major targets.
With the spread of the Covid-19 pandemic, there has also been an increase in the number of ransomware attacks across the world. Many groups have come up who are constantly attacking and harassing various companies and infrastructure. Most of these attacks have been targeted towards the health sectors across the world. The main reason for this is that because of the Covid the healthcare industry is slowly moving all of its functionalities to the online mode of service. This mode of service makes the data infrastructure more vulnerable to such cyber attacks
Ransomware attacks have become a major problem for the manufacturing industry as cyber criminals are highly interested in targeting the industrial control systems (ICS) that manage various operations. On analysing the records researchers have discovered that the number of publicly recorded ransomware attacks against the manufacturing industry has tripled in the last year.
Researchers disclosed that a new attack method named Platypus targets the RAPL interface of Intel processors. Platypus is actually the acronym for “Power Leakage Attacks: Targeting Your Protected User Secrets” while RAPL stands for Running Average Power Limit. RAPL is a component that allows software or firmware applications to monitor power consumption in the CPU and DRAM. RAPL, which effectively allows firmware and software apps to read how much electrical power a CPU is pulling in to perform its tasks, is a system that has been used for years to track and debug application and hardware performance.
With technology growing at an exponential rate, the threats to such technology by cyber attacks have also increased. But with the increase in the number of cyber attacks, there are people who have come up with new and innovative ways to prevent such attacks from happening and to maintain the security of a system. For this reason, cyber criminals try to come up with even more innovative ways to bypass all these security measures.
Timberline is based on Des Moines, the capital city of Iowa and it provides services to around 190 schools of Iowa. In recent times, Timber Billing Services LLC faced a cyberattack. After gaining access to the company’s network, the attacker encrypted files and removed information.
Many of the superior software programs of recent times were hacked using new and advanced techniques at the 2020 edition of Tiangfu Cup, the most prestigious and largest hacking competition of China. The third edition of Tiangfu competition was held in the city of Chengdu, in central China and ended on 9th November, 2020.
Google’s elite team responsible for bug and malware detection found and disclosed seven mysterious and critical bugs that have been exploited by hackers. These bugs may have a high impact on Windows, Chrome, Android and iOS. Google also said that all these bugs were related to each other in some way or other indicating that these vulnerabilities were being used by the same hacker or same gang in order to hack people.
Since the November of last year, the entire world has been suffering from a life-threatening pandemic situation. We have been forced to be isolated into our homes and continue our work using online resources. But shifting huge amounts of data to the internet also increased the chances of cybersecurity attacks. In the past few months, there have been an increasing amount of attacks on various networks and public sectors, especially the healthcare sectors.
RansomEXX is a new ransomware that became famous since June 2020. Cybercriminals have used this ransomware for attacking large organizations like Tyler Technologies, the US government contractor , Montreal’s public transportation system, the Texas Department of Transportation (TxDOT), Konica Minolta, and Brazil’s court system (STJ). Security Researchers call RansomEXX the “Big Game Hunter’ as it targets big organizations and demands for large ransom.
Federal Trade Commission (FTC) filed a complaint accusing Zoom of deceiving users over security since 2016. It was said that the company held on to cryptographic keys that allowed it to access content from its customers’ meetings, and secured meetings with a lower level of privacy encryption than it promised customers.
Researchers at Claroty have found out new details on authentication and encryption vulnerabilities in Schneider Electric programmable logic controllers (PLCs). If exploited, these vulnerabilities could allow an attacker to exfiltrate data, modify code, and execute commands on operational technology (OT) and critical infrastructure systems.
A fake Facebook Group has been offering a free hamper of Cadbury chocolate to trick social media users into revealing their personal and financial details. As discovered by Think Tank Parliament, the campaign is basically based on “Cadbury Rewards”. These scammers have been using the Cadbury logo on the social media sites to extract users’ personal information.
Nowadays, there has been a rapid increase in the rate of ransomware attacks. The Advanced Intel group had detected that Ryuk ransomware operators had used pentester toolkit for targeted cybercrime operations, and they have succeeded in their criminal activities.
Welcart e-Commerce is a free WordPress plugin that has more than 20,000 installations. According to WordPress, Welcart e-Commerce enjoys top market share in Japan. It allows site owners to add online shopping to their sites in a turn-key fashion, with options to sell physical merch, digital goods and subscriptions, with 16 different payment options.
In recent times several well-known organizations and large corporations of Israel have been breached and had their systems encrypted by a previously unknown ransomware called Pay2Key. The attacks were first carried out towards the end of October. In a report published by the Israeli cyber security firm, Check Point it is stated that most of the attacks have been carried out at midnight when fewer employees are working at the IT companies.
Researchers have discovered a new worm named as Gitpaste-12 that has targeted Linux Servers and Linux IoT devices that are based on ARM and MIPS CPUs. The malware is called GitPaste -12 as it uses Github and Pastebin for accommodating the component code it has 12 different attack modules.
Hotel reservation platforms released personal data of customers from famous online booking sites. Prestige Software which is a Spain-based software company of Barcelona was caught for releasing sensitive and private information of millions of customers around the entire world.
Truecaller is a smartphone application that has features of caller-identification, call-blocking, flash-messaging, call-recording, Chat & Voice by using the internet. The app was developed by a private company called True Software Scandinavia AB in Stockholm, Sweden. Of late, 47.5 millions of Indian customers’ personal information was released by an anonymous individual on the dark web for $1000.
In the past decade, the word has witnessed an exponential growth in technology. But such development comes with its own pros and cons. With the growth of technology, there has also been an increase in cybercrime and cyber attacks. Black hat hackers are either producing sophisticated technologies for attacking vulnerable systems or using sophisticated technologies created by others to hack into vulnerable systems.
With the rise in the Covid-19 pandemic, there has also been an increasing rise in cybercrimes around the world. There have been various reports of attacks by black-hat hackers, especially reports of ransomware attacks from various public and private sectors of the world.
Adobe Acrobat Reader is one of the well-known PDF reader in the market. It has got a huge user base and is used as a by-default PDF reader in systems. However, in recent times several JavaScript vulnerabilities have been detected in Adobe Acrobat Reader. These vulnerabilities were discovered by Aleksander Nikolic of Cisco Talos and can be easily triggered by sending email attachments or visiting unknown websites.
In one of its recently published reports, Coveware which is a ransomware IR provider stated that of late there has been an increment of 31% in paying ransom to the cybercriminals. In the 3rd quarter (Q3) of 2020, overall ransom amounting to $233,817 was paid to the cybercriminals by the targeted organizations. The report also said that cases where the attackers have exfiltrated data and demanded additional payment for deleting all the leaked data have doubled in this quarter.
In a recent report released by McAfee, mainly based cybercrime activities, it is stated that 419 cyber threats are taking place per minute in the second Quarter (Q2) of 2020. Amid the pandemic situation, when people are getting accustomed to work from home situation, there has been a rapid growth in the rate of cyber attacks. Raj Samani, the chief scientist at McAfee said that it has been quite easy for the cybercriminals to attack the famous enterprises through their employees who have been working online either from their home or other remote places.
Microsoft is one of the biggest tech companies in the world that is best known for software products. The Cyber accelerator program of Microsoft aims to support the extension of newly emerged cyber oriented companies and growth of entrepreneurs and their start-ups in the field of cyber security. The main objective of Microsoft is to make UK a safe place to carry all the works online by helping these start-ups to bring advanced, cheaper and faster products in this particular field.
Phishing is not a new term in the world of cybersecurity and cybercrime. During the Covid-19 pandemic, there have been several reports of phishing scams around the world. But recently, there have been reports of a phishing campaign to steal login credentials from Office 365 users. Office 365 is a product of Microsoft, which collaborates all the Microsoft Office tools online.
Recently, a new advanced mysterious APT has threatened the non-governmental sectors in Myanmar (formerly known as Burma) in Southeast Asia. The threatening messages sent by the attackers include messages like “kill someone”. Researchers are working hard to gather information about these attackers responsible for sending such script-kiddie messages.
Mashable is an American entertainment company and a multi subject digital media platform that contains blogs on all the topics including technology, culture, science, social good etc. But recently 5.22 GB worth of database that belongs to mashable.com has been leaked by a hacker from the online handle of Shiny Hunters. This leaked database is available on various hacker forums.
Of late, the Japanese video game publisher and developer, Capcom faced a cyber attack which affected their business. Capcom is a reputed video game company that has developed several games including Mega Man, Street Fighter, Darkstalkers, Resident Evil, Onimusha, Dead Rising, Dino Crisis, Sengoku Basara, Monster Hunter, Ace Attorney and Breath of Fire. The firm is also famous for developing Disney animated games.
Amid this pandemic situation, there has been a growth in the rate of Ransomware attacks in health sectors. Within a few months of this year, more than eighty ransomware attacks have been reported. These attacks have impacted both small and large health facilities.
Recently, a 434 bed hospital named as Presbyterian Medical Center Recently, a 434 bed hospital named as Presbyterian Medical Center of Hollywood faced a ransomware attack. Giles, the chief information officer of the hospital informed that due to the attack his staff had to pay $17,000 converted to cryptocurrency to the hackers.
Blackbaud is a leading cybersecurity company operating in various countries around the world, notably, Canada, USA, Australia, United Kingdom, etc. With the spread of the Covid-19 pandemic, reports of ransomware attacks on various sectors of the world have also been on the increase. There have been reports of ransomware attacks in the public health sectors, etc. Even the cybersecurity services providing companies are not spared from such attackers.
In the recent past, Microsoft had announced that it has begun allowing mods on certain games available on its store. Mods simply means that a user can modify certain files or parts of the game to customize the look and the feel of the game. A researcher at IOActive, a Cybersecurity service provider, felt that this might lead to the exploitation of vulnerabilities, if any, on the Microsoft store which could affect millions of Windows users.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.