Security News
As revealed by the FTC, over 95,000 US consumers reported losses of roughly $770 million after getting scammed on social media platforms. "More than one in four people who reported losing money to fraud in 2021 said it started on social media with an ad, a post, or a message. In fact, the data suggest that social media was far more profitable to scammers in 2021 than any other method of reaching people." the FTC said.
The US Federal Trade Commission said Americans reported losing $148 million to gift card scams during the first nine months of 2021, following a significant increase compared to last year. Almost 40,000 consumers reported falling victim to scams where gift cards were the chosen form of payment throughout the year.
The Apple iPhones of at least nine US State Department officials were compromised by an unidentified entity using NSO Group's Pegasus spyware, according to a report published Friday by Reuters. NSO Group in an email to The Register said it has blocked an unnamed customers' access to its system upon receiving an inquiry about the incident but has yet to confirm whether its software was involved.
A newly spotted banking trojan has been caught leveraging legitimate platforms like YouTube and Pastebin to store its encrypted, remote configuration and commandeer infected Windows systems, making it the latest to join the long list of malware targeting Latin America after Guildma, Javali, Melcoz, Grandoreiro, Mekotio, Casbaneiro, Amavaldo, Vadokrist, and Janeleiro. " interesting new techniques to the pool of Latin American banking trojans' tricks, like using seemingly useless ZIP archives or bundling payloads with decoy BMP images," ESET researchers said in a technical analysis published on Friday.
Several serious vulnerabilities discovered in a widely used pneumatic tube system made by Swisslog Healthcare can be highly useful for ransomware attacks aimed at hospitals, according to enterprise IoT security firm Armis. Armis researchers discovered 8 types of vulnerabilities in the TransLogic pneumatic tube system made by Swisslog Healthcare, which specializes in automation and transport solutions for hospitals and pharmacies.
Julian Assange will remain in a British prison for now after the US government won permission to appeal against a January court ruling that freed him from extradition to America. News of the appeal came as the US Department of Justice offered Assange a deal that would keep him out of the notoriously cruel US supermax prisons, according to The Times.
Federal law enforcement agencies secretly seek the data of Microsoft customers thousands of times a year, according to congressional testimony Wednesday by a senior executive at the technology company. "Most shocking is just how routine secrecy orders have become when law enforcement targets an American's email, text messages or other sensitive data stored in the cloud," said Burt, describing the widespread clandestine surveillance as a major shift from historical norms.
The number of spam calls, the number of people losing money to them and the total amount of money lost In the past year are all record setting. A study of U.S. residents has found that one in three say they've fallen victim to a phone scam in the past year, and 19% say they've been duped more than once.
In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. [NYSE:FAF] was leaking more than 800 million documents - many containing sensitive financial data - related to real estate transactions dating back 16 years. According to data from the American Land Title Association, First American is the second largest mortgage title and settlement company in the United States, handling nearly a quarter of all closings each year.
American Express Services Europe has been fined £90,000 by a U.K. regulator, which found the company illegally blasted out 4 million marketing emails to customers who had opted out of receiving them. Amex claimed the emails weren't marketing messages, but service communications, which are allowed under U.K. information privacy regulations.