Posts From CCME
Lloyds Bank customers are being targeted by a sophisticated email and SMS messaging phishing campaign, according to an investigation by law practice Griffin Law. An estimated 100 people have reported receiving fake communication purporting to be from Lloyds, which is
Just under 1500 incidents have been reported to the Information Commissioner’s Office (ICO) in the past nine months, with around a third classified as “cybersecurity incidents.” According to 2020-21 statistics released this week, among the 1446 reported incidents, 412 were
There has been a 60% increase in the number of girls applying for online cybersecurity skills courses this year compared to 2019, according to the National Cyber Security Centre (NCSC), a part of GCHQ. The NCSC stated on its website
APT group Evilnum, known for its targeting of financial technology companies via fake know your customer (KYC) documents, has undergone a significant change in tactics and armory recently that the FinTech sector must be made aware of, according to an
The Australian government has published voluntary best practice guidelines to help device manufacturers, IoT service providers and app developers improve the security of Internet of Things (IoT) devices. Developed jointly by the Department of Home Affairs and Australian Cyber Security
Security awareness training and simulated phishing platform provider KnowBe4 has announced it has added Kevin Klausmeyer to its board of directors. Klausmeyer is a veteran technology financial officer and board member and joins the KnowBe4 board as an independent board
The Evilnum APT group has added a new weapon to its arsenal, it is a Python-based spy RAT, dubbed PyVil, designed to target FinTech organizations. The Evilnum APT group was first spotted in 2018 while using the homonym malware. Over
A school district in North Carolina disclosed a data breach after having unencrypted files stolen during a SunCrypt Ransomware attack. The Haywood County School district in North Carolina has suffered a data breach after having unencrypted files stolen during a
CISA Pushes Vulnerability Disclosure Policies
America’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD) requiring the development and publication of vulnerability disclosure policies (VDPs). A BOD is a compulsory direction to federal executive branch departments and agencies for purposes of
CyberNews researchers discovered an unsecured data bucket that belongs to View Media containing close to 39 million US citizen records. The CyberNews research team discovered an unsecured data bucket that belongs to View Media, an online marketing company. The bucket
Online service providers, app developers and other relevant businesses have one year to comply with a new statutory code introduced on Wednesday to help protect children’s privacy. The Age Appropriate Design Code or Children’s Code will apply to any business
Northumbria University is still reeling from a cyber-attack which forced it to reschedule exams and close its entire campus in Newcastle-Upon-Tyne. Deputy vice chancellor, Peter Francis, told students on Monday that the “cyber incident” had caused “significant operational disruption” and
Global DDoS Extorters Demand Ransom from Firms
Security experts are warning of a new global DDoS-related extortion campaign targeting businesses operating in the e-commerce, finance and travel sectors. Radware said it had been tracking the threat actors since mid-August, with victims in North America, APAC and EMEA.
The Twitter account of the Indian Prime Minister Modi was hacked, attackers sent a series of tweets asking followers to donate cryptocurrency to a relief fund. The Twitter account for the personal website of the Indian Prime Minister Narendra Modi
Researchers observed a new tactic adopted by Magecart groups, the hackers used Telegram to exfiltrate stolen payment details from compromised websites. Researchers from Malwarebytes reported that Magecart groups are using the encrypted messaging service Telegram to exfiltrate stolen payment details
CISA Funds SLTT Cybersecurity Project
It was announced today that state, local, tribal, and territorial (SLTT) government organizations in the United States are to receive extra support to improve their cybersecurity. Help is coming in the form of a 12-month project funded by CISA that