The fallout from Uber’s hack and subsequent attempted coverup is a lesson for organisations in how not to respond to a data breach, security researchers say. The ride sharing company said today that it had paid hackers $US100,000 in an effort to conceal a data breach affecting 57 million accounts one year ago, leading to two firings at…
A recent scam targeted, and still is targeting, millions of Netflix users, trying to get them to follow a link to update their payment information via a realistic-looking email. That email was well enough crafted that it has fooled even some tech experts, and Inc’s Minda Zetlin described it as “a genuine work of art as phishing goes.”…
News that Equifax has had to spend US$87.5 million and counting on its recent data breach should serve as a warning to Australian companies as the era of mandatory data breach disclosure approaches. There are encouraging signs that consumers and business are taking the incoming laws seriously. But we need to look towards the healthcare sector to understand that…
In the wake of Dynamic Data Exchange (DDE) attacks, the subject of Quick Fields has come into focus among cybersecurity pros as well. These, too, have the potential to become a major security problem, and some researchers have stepped up to the challenge and begun exploring the world of Word Quick Fields, and their implications….
Another Netflix phishing campaign was seen in the wild prompting customers to update their login credentials or risk being locked out of their account. A similar scam occurred earlier this year. Mailguard researchers described the email used in the scam as being relatively well designed and said the scammers are using a template system to generate individualized messages with specific recipient data,…
A Cybersecurity Ventures report indicates ransomware costs will exceed $5 billion in 2017, up from $325 million in 2015–what can be done from preventing these attacks from happening? Late last month, another ransomware attack slammed Ukraine and Russia–the second major one since the NotPetya attack in June–igniting speculation that the severity of these attacks are only going to get worse from…
It’s rabbit season – BadRabbit, that is, the bastard spawn of ransomware Petya/NotPetya that was just discovered on Monday, and has since hopped its way around the world, taking down servers in Russia and Ukraine before moving onto Turkey, Asia, and the United States. What’s different in this attack is that BadRabbit abuses DiskCryptor, a…
Highly paid professional hackers often operate like a ‘regular’ business when they come together. Sales and marketing. ROI. Quarterly performance statements. Reports to investors. And, salaries, bonuses, expense accounts, and petty cash for employee birthday parties. It’s all part of the day-to-day running of a business – any business, including those in the hacking industry. And a…
Attack details A new strain of ransomware has been discovered in-the-wild – and it features some unique tricks to keep itself below antivirus and security solutions.The infection chain most likely begins with an email containing a Windows Script File (WSF) attachment. We say “most likely” because no such email has surfaced yet – but as…