Security News

Silent Skimmer: A Year-Long Web Skimming Campaign Targeting Online Payment Businesses
2023-10-02 11:20

A financially motivated campaign has been targeting online payment businesses in the Asia Pacific, North America, and Latin America with web skimmers for more than a year. The BlackBerry Research...

Online fraud can cost you more than money
2023-10-02 03:00

Online fraud is a pervasive and constantly evolving threat that affects individuals and organizations worldwide. In this Help Net Security round-up, cybersecurity experts talk about online fraud and damaging effects it has on individuals and organizations.

Avoiding domain security risks when taking your business online
2023-09-19 04:00

As available domain extensions increase in variety, so do security risks. In this Help Net Security video, Prudence Malinki, Head of Industry Relations at Markmonitor, discusses best practices enterprises should abide by when kickstarting their online business and domain strategy.

Used cars? Try used car accounts: 15,000 up for grabs online at just $2 a pop
2023-09-13 12:15

Cut and shut is so last century, now it's copy and clone Researchers have found almost 15,000 automotive accounts for sale online and pointed at a credential-stuffing attack that targeted car makers.…

Last rites for the UK's Online Safety Bill, an idea too stupid to notice it's dead
2023-08-21 08:31

The open source project has recently announced a secure communications framework, designed for decentralized peer-to-peer use through a multi-hop mesh routing system that combines strong encryption with untraceability. This same state is, of course, the one demanding that to "Protect children," it should get access to whatever encrypted citizen communication it likes via the Online Safety Bill, which is now rumored to be going through British Parliament in October.

Cumbrian Police accidentally publish all officers' details online
2023-08-14 11:38

Cumbria Constabulary inadvertently published the names and salaries of all its officers and staff online earlier this year, making it the second UK force in a fortnight to admit disclosing personal information about its employees. In a statement, the force told The Register: "Cumbria Constabulary became aware of a data breach on Monday 6th March 2023 where information about the pay and allowances of every police officer and police staff roles as at 31st March 2022 was uploaded to the Constabulary's website, which was a human error."

Northern Ireland police may have endangered its own officers by posting details online in error
2023-08-09 13:00

A spreadsheet containing details of serving Northern Ireland police officers was mistakenly posted online yesterday, potentially endangering the safety of officers, given the volatile politics of the region. The data leak involved a spreadsheet detailing the surnames and initials of all serving officers in the Police Service of Northern Ireland, plus civilian staff members.

Microsoft Exchange Online hit by new outage blocking emails
2023-07-18 09:06

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Microsoft admits unauthorized access to Exchange Online, blames Chinese gang
2023-07-13 06:26

US commerce secretary Gina Raimondo and other State and Commerce Department officials were reportedly among the victims of a China-based group's attack on Microsoft's hosted email services. The US Cybersecurity and Infrastructure Security Agency and the FBI issued a joint advisory detailing how a Federal Civilian Executive Branch agency was tipped off when it observed MailItemsAccessed events with an unexpected ClientAppID and AppID in Microsoft 365 Audit Logs - as the AppId did not normally access mailbox items in that manner.

Over 130,000 solar energy monitoring systems exposed online
2023-07-06 09:04

Security researchers are warning that tens of thousands of photovoltaic monitoring and diagnostic systems are reachable over the public web, making them potential targets for hackers. These systems are used for remote performance monitoring, troubleshooting, system optimization, and other functions to allow remote management of renewable energy production units.