Security News

File this one under "Well, duh." Consumer mag Which? today published research estimating that over a billion Android devices are vulnerable to hackers and malware as they are not receiving security updates. The most current version of Android is version 10, while Android 9.0 Pie and Android 8.0 Oreo continue to receive updates.

Data stolen from Tesco clubcards could be resold for just £2.70 a pop, reckons a price-comparison website that appears to have strayed into the dark web. "Our internal systems picked this up quickly and we immediately took steps to protect our customers and restrict access to their accounts. At no point was any customer's financial data accessed," Tesco said.

As Head of Research at CyberMDX, Elad Luz gathers and analyzes information on a variety of connected healthcare devices in order to improve the techniques used to protect them and/or report about their security issues to vendors. Care critical devices that are directly connected to patients like infusion pumps, ventilation, anesthesia, patient monitoring and such obviously represent the most critical endpoints from a security perspective.

The intellectual property, including research results, of biotechnology companies and other medical organizations is also increasingly a target for hackers, who sometimes dump data on hacker forums or public websites. While GBG did not identify the "Member company" impacted by the attack, media outlet Bleeping Computer on Jan. 23 reported that Medical Diagnostics Laboratory - a unit of GBG - was a victim of a Dec. 2, 2019, Maze ransomware attack that resulted in the dumping of more than 9 Gbytes of research related data on the Maze Team website.

The Norwegian Consumer Council has published an extensive report about how the adtech industry violates consumer privacy. At the same time, it is filing three legal complaints against six companies in this space.

A threat group linked to Iran has targeted a U.S.-based research company whose services are used by businesses and government organizations, cybersecurity firm Intezer reveals. Specifically, Intezer's security researchers discovered a phishing document masquerading as an employee satisfaction survey tailored to Westat employees.

Behavioral-biometrics company TypingDNA announces that it raised a $7 million Series A round led by Gradient Ventures, Google's AI-focused venture fund. TypingDNA has developed proprietary artificial intelligence algorithms to authenticate users based on how they type.

SentinelOne, the autonomous endpoint protection company, announced the launch of SentinelLabs, a research division designed to identify new attack vectors and mitigate threats impacting...

ZeroCleare wipes up where Shamoon left off An Iran-based hacking crew long known to target energy facilities in neighboring Middle Eastern countries is believed to be launching new attacks.…

Automox, the cloud-native cyber hygiene platform provider, announced the appointment of Christopher Hass as director of information security and research. In this role, Hass will lead the...