Security concerns going into 2020

2019 has been the year of the data breach with over 10 billion records estimated to have been leaked. The news headlines have been flooded with unfortunate attacks with enterprises on both sides of the Atlantic suffering. Whether it’s ransomware, phishing or endpoint attacks, there’s always something on the horizon waiting for its turn in the spotlight. Yet, with 2020 now on our doorstep, cyber security professionals are concerned with…

December 5, 2019
Read More >>

Holiday phishing scam surge aimed at small business

NEW YORK – The email looked legitimate, so Danielle Radin clicked on the link it contained, expecting to have her products included in a holiday gift guide. “I instantly regretted it,” says Radin, owner of Mantra Magnets, a website that sells wellness products. “It took me to some random website that looked like those pop-ups telling you that you’ve won the lottery.” Source: Japan Times Source: http://www.itsecurityguru.org

December 5, 2019
Read More >>

Geost Operators are spied on by researchers

The investigation of a major Android banking botnet yields insights about how cybercriminals structure and run an illicit business. Researchers who discovered one of the largest Android banking botnets to date also found its attackers’ chat log, which they have been watching for nearly a year to learn the inner workings of this cybercrime operation, how its illicit business is structured, and how members interact. Source: Dark Reading Source: http://www.itsecurityguru.org

December 5, 2019
Read More >>

Magecart Skimmers Hosted by Salesforce’s Heroku

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site! Our Address: 10 London Mews, London, W2 1HY Source: http://www.itsecurityguru.org

December 5, 2019
Read More >>

Analysis and Reports tools added to CrackQ to crack passwords

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site! Our Address: 10 London Mews, London, W2 1HY Source: http://www.itsecurityguru.org

December 5, 2019
Read More >>

Fake giveaways lure in Steam gaming service users with Phishing scam

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site! Our Address: 10 London Mews, London, W2 1HY Source: http://www.itsecurityguru.org

December 5, 2019
Read More >>

Magecart’s Latest Target is Smith & Wesson

Researchers estimate the gun manufacturer’s website was compromised sometime before Black Friday. A Magecart group has compromised the website of American gun manufacturer Smith & Wesson by injecting malicious code designed to lift customers’ payment data at checkout. The incident was found by Sanguine Security’s Willem de Groot, who was investigating payment skimmers impersonating Sanguine Security’s anti-skimming service. He found attackers were registering malicious domains named after Sanguine and using…

December 4, 2019
Read More >>

Android Apps Now Use 80% of all Encrypted Network Traffic

Google has announced that as of October 2019, 80% of all Android apps are now using Transport Layer Security (TLS) to encrypt their network traffic. Since 2017, Google has been pushing Android developers to integrate encrypted traffic into their apps in order to provide better security and privacy as apps communicate over the Internet or on a network. Source: Bleeping Computer Source: http://www.itsecurityguru.org

December 4, 2019
Read More >>

Victims being created by Ryuk Ransomware

While doing some open-source intelligence (OSINT), a security researcher discovered that a provider of end-to-end solutions for emergency care facilities in the U.S. fell victim to Ryuk ransomware. The company hit by the malware is T-System based in Dallas, Texas, and it is currently working to recover from the attack. At the moment of writing, company systems are offline. The attack occurred at the end of November, a month that…

December 4, 2019
Read More >>

PyXie Python RAT distributed by Tetris game app

A new remote access trojan whose name reminds one of a fairytale and not the potential nightmare it could bring to its victim has been disclosed by Cylance. PyXie Python RAT has been flitting about since 2018 helping deliver ransomware and other malware to the healthcare and education industries. The RAT has been tracked being delivered through malicious TETRIS apps to load and execute the pen testing tool Cobalt Strike…

December 4, 2019
Read More >>