Cybersecurity News
The Guardian view on an NHS coronavirus app: it must do no harm | Editorial
Smartphones can be used to digitally trace Covid-19. But not if the public don’t download an app over privacy fears – or find it won’t work on their device
The idea of the NHS tracing app is to enable smartphones to track users and tell them whether they interacted with someone who had Covid-19. Yet this will work only if large proportions of the population download the app. No matter how smart a solution may appear, mass consent is required. That will not be easy. Ministers and officials have failed to address the trade-offs between health and privacy by being ambiguous about the app’s safeguards.
Instead of offering cast-iron guarantees about the length of time for which data would be held; who can access it; and the level of anonymity afforded, we have had opacity and obfuscation. It is true that we are dealing with uncertainties. But without absolute clarity about privacy the public is unlikely to take up the app with the appropriate gusto.
Continue reading...06 May 2020
The Price of Fame? Celebrities Face Unique Hacking Threats
Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.
06 May 2020
When Achieving Deadpool Status Is a Good Thing
It means attackers have been met with sufficient resistance that it's no longer worth their trouble and have moved on
06 May 2020
The Price of Fame? Celebrities Face Unique Hacking Threats
Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.
06 May 2020
Microsoft Shells Out $100K for IoT Security
A three-month Azure Sphere bug-bounty challenge will offer top rewards for compromising Pluton or Secure World within Microsoft's IoT security suite.
06 May 2020
Hackers hide web skimmer behind a website's favicon
Hackers created a fake image-hosting portal to hide a web skimming operation.06 May 2020
Ransomware Attack Takes Down Toll Group Systems, Again
Australian transportation company Toll Group has been hit by the Nefilim ransomware, causing customers to experience delays.
06 May 2020
Is CVSS the Right Standard for Prioritization?
More than 55% of open source vulnerabilities are rated high or critical. To truly understand a vulnerability and how it might affect an organization or product, we need much more than a number.
06 May 2020
Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware
Fresenius, Europe's largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. The company said the incident has limited some of its operations, but that patient care continues.06 May 2020
Attackers Claim Identity of Financial NGO to Steal Sharepoint, Office Credentials
Investment brokers are the target of a new wave of socially engineered phishing attacks, warns FINRA.
06 May 2020
Search provider Algolia discloses security incident due to Salt vulnerability
Algolia now joins the ranks of LineageOS, Ghost, Digicert, and Xen Orchestra.06 May 2020
Facebook wipes out accounts linked to ‘fringe conspiracy’ QAnon content
The QAnon conspiracy theory movement surrounds US President Trump and bringing down the “deep state.”06 May 2020
Logistics giant Toll Group hit by ransomware for the second time in three months
Toll says that it has no intention of bowing to blackmail.06 May 2020
Details of 44m Pakistani mobile users leaked online, part of bigger 115m cache
The leak is already under investigation in Pakistan since last month, April 2020.05 May 2020
SAP notifying 9% of customers about security bugs in some cloud products
SAP says an internal security review found issues with seven of its cloud products.05 May 2020
SAP notifying 9% of customers about mysterious cloud products security holes
SAP says an internal security review found issues with seven of its cloud products.05 May 2020
Attackers Adapt Techniques to Pandemic Reality
Over the past several months, threat actors have quickly shifted their tactics to take advantage of interest in the coronavirus, two studies find.05 May 2020
Microsoft Challenges Security Researchers to Hack Azure Sphere
Participants can earn up to $100,000 for finding severe flaws in Microsoft's Linux-based Azure Sphere IoT operating system.05 May 2020
Breach Hits GoDaddy SSH Customers
The October 2019 breach left some customer data open to hacking eyes.05 May 2020
Spear-Phishing Attack Spoofs EE To Target Executives
Researchers say spear-phishing emails purporting to be from telecom giant EE are being sent to top corporate execs.
05 May 2020