29 June 2021
2020
Muslim Pro nafi jual data peribadi pengguna – JPDP
https://www.hmetro.com.my/mutakhir/2020/11/645189/muslim-pro-nafi-jual-data-peribadi-pengguna-jpdp
Excerpt:
“Jabatan Perlindungan Data Peribadi (JPDP) menerima penjelasan pembangun Muslim Pro, aplikasi mudah alih Islam yang menafikan dakwaan mereka menjual data peribadi pengguna Islam kepada tentera Amerika Syarikat.”
PDPD urges Muslim pro to protect users' personal data
https://bernama.com/en/general/news.php?id=1904515
Excerpt:
“The Personal Data Protection Department (PDPD) today urged Muslim Pro, an Islamic mobile app, to ensure the safety of its users’ personal data so that it will not be abused.”
Around 18,000 fraudulent sites are created daily
https://www.helpnetsecurity.com/2020/11/25/fraudulent-sites/
Excerpt:
“The internet is full of fraud and theft and cybercriminals are operating in the open with impunity, misrepresenting brands and advocating deceit overtly.”
Tesla Hacked and Stolen Again Using Key Fob
Elizabeth Montalbano
https://threatpost.com/tesla-hacked-stolen-key-fob/161530/
Excerpt:
“Researchers have demonstrated for the third time how hacking into the key fob of a Tesla can allow someone to access and steal the car in minutes. The new attack again shows a security vulnerability in the keyless entry system of one of the most expensive electric vehicles (EVs) on the market.”
Retail giant E-Land closes nearly half of stores due to ransomware attack
https://www.koreatimes.co.kr/www/tech/2020/11/694_299692.html
Excerpt:
“South Korean fashion and retail conglomerate E-Land Group said Sunday it has suspended operations at nearly half of its stores in the country due to a ransomware attack.”
Even the world’s freest countries aren’t safe from internet censorship
https://www.helpnetsecurity.com/2020/11/23/safe-from-internet-censorship/
Excerpt:
“The largest collection of public internet censorship data ever compiled shows that even citizens of what are considered the world’s freest countries aren’t safe from internet censorship.”
Facebook Messenger Bug Lets Hackers Listen to You Before You Pick Up the Call
Ravie Lakshmanan
https://thehackernews.com/2020/11/facebook-messenger-bug-lets-hackers.html
Excerpt:
“Facebook has patched a bug in its widely installed Messenger app for Android that could have allowed a remote attacker to call unsuspecting targets and listen to them before even they picked up the audio call.”
56% of organizations faced a ransomware attack, many paid the ransom
https://www.helpnetsecurity.com/2020/11/20/faced-ransomware-attack/
Excerpt:
“There’s a continued proliferation of ransomware, heightened concerns around nation-state actors, and the need for acceleration of both digital and security transformation, a CrowdStrike survey reveals.”
Hackers are actively probing millions of WordPress sites
Sergiu Gatlan
Excerpt:
“Unknown threat actors are scanning for WordPress websites with Epsilon Framework themes installed on over 150,000 sites and vulnerable to Function Injection attacks that could lead to full site takeovers.”
American Bank Systems hit by ransomware attack, full 53 GB data dump leaked
Ax Sharma
Excerpt:
“Avaddon ransomware hits American Bank Systems Inc. American Bank Systems (ABS), a company that provides services to U.S. financial institutions and banks helping them “operate efficiently and confidently in a rapidly evolving – highly regulated – environment” has been hit by a ransomware attack this month.”
Exploring the progress organizations are making in their investments towards digital resiliency
Lawrence Abrams
Excerpt:
“Cold storage giant Americold is currently dealing with a cyberattack impacting their operations, including phone systems, email, inventory management, and order fulfillment. Americold is a leading temperature-controlled warehouses operator who offers supply-chain services and inventory management for retailers, food service providers, and producers. Americold manages 183 warehouses worldwide and has approximately 13,000 employees.”
Ransomware gangs that steal your data don't always delete it
Catalin Cimpanu
https://www.zdnet.com/article/ransomware-gangs-that-steal-your-data-dont-always-delete-it/
Excerpt:
“Ransomware gangs that steal a company's data and then get paid a ransom fee to delete it don't always follow through on their promise.”
Zoom Snooping: How Body Language Can Spill Your Password
Becky Bracken
https://threatpost.com/zoom-snooping-passwords/161000/
Excerpt:
“You’ve heard of Zoom Bombing, but have you heard of Zoom Snooping? Researchers contend they can extract keystroke data from participants in a video call simply by tracking shoulder movements. A recently published study warns malicious actors might use the technique to decipher personal passwords and proprietary business information.”
7,500 educational organizations hacked, access being sold on Russian hacker forums
Edvardas Mikalauskas
Excerpt:
“Network access to 7,500 organizations is being sold by a threat actor on multiple Russian hacker forums. According to the listings posted on October 3 and October 26, these mainly include educational organizations. However, the package also appears to include access to corporate networks from other verticals, such as entertainment and the bar industry.”
Paying a ransom to prevent leaking of stolen data is a risky gamble
Zeljka Zorz
https://www.helpnetsecurity.com/2020/11/05/ransom-payment-risky-gamble/
Excerpt:
“Ransomware groups have realized that their tactics are also very effective for targeting larger enterprises, and this resulted in a 31% increase of the average ransom payment in Q3 2020 (reaching $233,817), ransomware IR provider Coveware shared in a recently released report.”
Ryuk ransomware behind one third of all ransomware attacks in 2020
https://www.helpnetsecurity.com/2020/11/03/ryuk-ransomware-2020/
Excerpt:
“There’s a growing use of ransomware, encrypted threats and attacks among cybercriminals leveraging non-standard ports, while overall malware volume declined for the third consecutive quarter, SonicWall reveals.”
Russian jailed for eight years in the US for writing code that sifted botnet logs for web banking creds for fraudsters
Kieren McCarthy
https://www.theregister.com/2020/11/02/botnet_brovko_jailed/
Excerpt:
“A Russian programmer has been sentenced to eight years behind bars in America for his part in a massive cybercriminal network that hacked into and drained victims' bank accounts.”
Nuclear Regulation Authority shut down email systems after a cyber attack
Pierluigi Paganini
https://securityaffairs.co/wordpress/110284/hacking/nuclear-regulation-authority-cyber-attack.html
Excerpt:
“The Japan’s Nuclear Regulation Authority (NRA) temporarily suspended its email systems, the interruption is likely caused by a cyber attack. The agency published a warning on its website, it is asking people to contact it via phone or fax because it is unable to receive emails from the outside world.”
Gold seller JM Bullion hacked to steal customers' credit cards
Lawrence Abrams
Excerpt:
“Precious metal online retailer JM Bullion has disclosed a data breach after their site was hacked to include malicious scripts that stole customers' credit card information. JM Bullion is an online retailer of gold, silver, copper, platinum, and palladium products, including coins and bullion.”