CyberSecurity Updates

04 Jan

Gaming: How much is too much for our children?

Information

With many children spending a little too much time playing video games, learn to spot the signs things may be spinning out of control Across Europe, half of the population aged 6-64 plays video games, according to industry body ISFE. The number rises significantly for 6-10-year-olds (68%), and those aged 11-14 (79%) and 15-24 (72%). According to some research, teenagers may spend as many as three hours per day gaming. That’s not necessarily a problem,…

Read More
04 Jan

Serious Security: Vital cybersecurity lessons from the holiday season

Information, Malware

by Paul Ducklin Even though it’s already Day 4 of Year 2023, some of the important IT/sysadmin/X-Ops security stories of the holiday season are only popping up in mainstream news now. So we though we’d take a quick look back at some of the major issues we covered over the last couple of weeks, and (just so you can’t accuse us of sneaking out a New Year’s listicle!) reiterate the serious security lessons we can…

Read More
04 Jan

How to foster secure and efficient data practices

Attacks, Data Breaches

Companies rely on data transfers to communicate between departments and with clients. When transferring data between different people, however, there are several risks if these data transfers are insecure. If insecure file transfer methods such as unencrypted email or cloud services are used, companies can open themselves up to potential exploitation by malicious actors. These actors could look to utilize methods including poisoning uploads with malware or intercepting files to gain access to confidential data.…

Read More
04 Jan

Attackers use stolen banking data as phishing lure to deploy BitRAT

Data Breaches, Malware, Social Engineering

In a case that highlights how attackers can leverage information from data breaches to enhance their attacks, a group of attackers is using customer information stolen from a Colombian bank in phishing attacks with malicious documents, researchers report. The group, which might have been responsible for the data breach in the first place, is distributing an off-the-shelf Trojan program called ​​BitRAT that has been sold on the underground market since February 2021. Stolen data used…

Read More
04 Jan

Cyberattacks against governments jumped 95% in last half of 2022, CloudSek says

Data Breaches, Malware, Social Engineering

The number of attacks targeting the government sector increased by 95% worldwide in the second half of 2022 compared to the same period in 2021, according to a new report by AI-based cybersecurity company CloudSek.  The increase in attacks can be attributed to rapid digitization and the shift to remote work during the pandemic, which broadened the attack surface of government entities and paved the way for an increase in cyberwarfare waged by nation-state actors,…

Read More
04 Jan

Synology Patches Severe Vulnerabilities in VPN Product

Attacks, Malware

Synology urges all VPN Plus Server for SRM (Synology Router Manager) users patch as soon as possible to the latest version. Users can apply updates by: 1. Logging into Synology Desktop environment2. Opening the Package Center app3. Click Update on the left panel to see available updates. Click the Update buttons or Update All to update packages. https://www.bleepingcomputer.com/news/security/synology-fixes-maximum-severity-vulnerability-in-vpn-routers/ https://nvd.nist.gov/vuln/detail/CVE-2022-43931 https://www.synology.com/en-us/security/advisory/Synology_SA_22_26 https://kb.synology.com/en-nz/SRM/help/SRM/PkgManApp/manage?version=1_2

Read More
04 Jan

Ongoing Flipper Zero Phishing Attacks Target Infosec Community

Attacks, Malware

As long as the interest and shortages continue, cybercriminals will continue to attempt to impersonate Flipper Zero through fake shops to trick security enthusiasts into giving up their personal information and crypto. Due to this, it is vital to be on the lookout for these promotions and shops claiming immediate product availability and only buy from the official store. https://www.bleepingcomputer.com/news/security/ongoing-flipper-zero-phishing-attacks-target-infosec-community/

Read More
04 Jan

Meta Hit With 390 Million Euro Fine Over EU Data Breaches

Information, News

US social media giant Meta was slapped Wednesday with fines totaling 390 million euros ($413 million) for breaching EU personal data laws on Facebook and Instagram, Ireland’s data regulator said. Meta and other US Big Tech firms have been hit by huge fines over their business practices in the European Union in recent years and the bloc has also tightened online regulation. The Irish Data Protection Commission said in a statement that Meta breached “its…

Read More
04 Jan

Meta hit with $413 million fine in EU for breaking GDPR rules

Data Breaches, Malware, Social Engineering

The Irish Data Protection Commission announced Wednesday that it would fine Meta Ireland a total of $413 million for breaches of the EU’s GDPR (General Data Protection Regulation) related to the company’s handling of personal information on Facebook and Instagram. Under the GDPR, companies looking to process users’ personal information must do so under one of six identified legal bases, which include the consent of the user, necessity to the performance of a contract, and…

Read More