A malicious MS Word document, titled “eml_-_PO20180921.doc,” which contains auto-executable malicious VBA code and spreads through phishing campaigns has been found by researchers at Fortinet’s FortiGuard Labs. In the case of this malicious MS Word document, victims who open the document Continue reading MS Word Documents Spreading .Net RAT Malware – Egress’ CTO comments
It has been reported that AIESEC, labelled as the “world’s largest youth-run organisation,” has been found to have exposed over four million intern applications, which contain sensitive and personal information, after failing to apply a password onto an Elasticsearch server. Continue reading Worlds largest youth run agency exposes 4 million intern applications on Elasticsearch server- Comment
On Tuesday 22nd January the House of Lords Science and Technology Select Committee will question Dr Gillian Tully, the Forensic Science Regulator, on the forensic science market and her ability to enforce standards. In written evidence to the Committee, the Continue reading FEE Conference Speaker, Dr Gillian Tully, gives evidence to the House of Lords Science and Technology Select Committee
Almost 773 million unique email addresses and just under 22 million unique passwords were found to be hosted on cloud service MEGA. In a blog post, security researcher Troy Hunt said the collection totalled over 12,000 separate files and more than Continue reading Collection 1 data dump exposes passwords on over 770m records-Comment
Hackers have been found to be impersonating HR staff to gain employee credentials to access employee payroll accounts and banking details. Commenting on the news is Felix Rosbach, Product Manager at comforte AG: “Here we have yet another example of how easy it is to Continue reading Hackers tricking employees to handover payroll data in latest BEC scam- Comment
Artificial Intelligence (AI) isn’t going anywhere anytime soon. With 20% of the C-suite already using machine learning and 41% of consumers believing that AI will improve their lives, wide scale adoption is imminent across every industry – and cybersecurity is Continue reading Is AI the antidote to the cybersecurity minefield?
The healthcare industry continues to be target of cyberattacks, with Managed Health Services (MHS) of Indiana Health Plan reporting that a third-party data breach of its vendor, LCP Transportation, exposed up to 31k patients’ information. Jake Olcott, VP Communications and Continue reading BitSight responds to third-party healthcare breach exposing 31,000 records
Mandiant Incident Response and Intelligence teams have identified a wave of DNS hijacking that has affected dozens of domains belonging to government, telecommunications and internet infrastructure entities across the Middle East and North Africa, Europe and North America. Initial research Continue reading Security researcher comment: Iran blamed for Global DNS Hijacking campaign
United States based kitchen utensil manufacturer OXO International disclosed a data breach that spans numerous periods over two years. This breach notification states that customer and payment information may have been exposed and further research indicates this was most likely a MageCart Continue reading OXO International discloses data breach that occurred over two year period – Magecart likely suspect
A huge MongoDB database containing over 200 million records with resumes from job seekers in China was left unprotected for at least one week with anyone able to locate it. The size of the cache weighed 854GB. The information exposed this way, Continue reading Unsecured MongoDB database containing over 200 million CVs exposed
