• Key Ransomware Variants In Canada

    Under the new Technology and Cyber-Security Reporting Advisory, financial institutions must report incidents within 24 hours in writing. Here is a list of examples of reportable incidents: Scenario Name Scenario Description Impact Cyber Attack Account takeover botnet campaign is targeting online services using new techniques, current defenses are failing to prevent customer account compromise High volume and velocity of attemptsCurrent controls are failing to block attackCustomers are locked outIndication that customer account(s) or information has been compromised Service Availability & Recovery Technology failure at data center Critical online service is down and alternate recovery option failedExtended disruption to critical business systems and operations Third-Party Breach A material third party is…

  • Mobile Verification Toolkit To Detect Pegasus Spyware In Personal Devices

    The human rights organization Amnesty International has developed a utility called MVT (Mobile Verification Toolkit) that allows you to identify the Pegasus malware in your device and its source code is available on GitHub.The MVT utility is compatible with Android and iOS, but there are no ready-made solutions for the quick installation of the application. They need to be compiled for a specific device, which can be done only on a computer with Linux or macOS. The utility saves a backup copy of the data from the smartphone on the computer, scans all data and checks if the device is infected with the Pegasus spyware, and informs the user if…

  • New Type Of Ransomware Attack Hits 200 US Companies

    A successful ransomware attack on Kesaya, a company that remotely controls programs for businesses, has spread to at least 200 organizations. According to cybersecurity firms this is one of the single largest criminal ransomware sprees in history. The attack, first revealed Friday afternoon, is believed to be affiliated with the prolific ransomware gang REvil and perpetuated through Kaseya. Kaseya has issued a statement urging all its customers to immediately stop using its service. The number of infected companies is expected to rise over the weekend. Many are still awaiting a decryption key from Kaseya. The U.S. Cybersecurity and Infrastructure Security Agency announced Friday evening that it is taking action to understand and…

  • 8.5 Billion Passwords Leaked On Hacker Forum

    A massive 100GB TXT file that contains 8.4 billion entries of compromised passwords found its way on a popular hacker forum. The leaked password compilation is dubbed RockYou2021 and has presumably been built from previous data leaks and breaches. This is the time to change passwords. What to do if your password was leaked? If you suspect that one or more of your passwords may have been included in the RockYou2021 collection, we recommend taking the following steps in order to secure your data and avoid potential harm from threat actors: Use a personal data leak checker and leaked password checker to see if your data has been leaked in…

  • Cybersecurity And Vaccine Passports

    Since the start of the pandemic, most organizations reported an increase in targeted cyberattacks. Now, with the end of the pandemic in sight, cybersecurity teams face another potential headache — the vaccine passport. Cybercriminals have begun developing strategies to deploy large scale vaccination specific-identity theft, security breaches and personal data “leaks”. Other concerns are fake QR codes sold on dark markets. https://www.forbes.com/sites/forbestechcouncil/2021/05/21/cybersecurity-and-the-vaccine-passport-a-dream-ticket-or-a-flight-of-fancy/

  • California: Citizen App Sparks Manhunt For The Wrong Suspect

    Algorithmic bias meets our worst nightmare. The On Air feature of the Citizen crime alert app triggered a public manhunt for a man wrongfully accused to have started a wildfire in Los Angeles. A reward was offered for app users to find him. It turned out that the man was innocent. https://www.foxla.com/news/citizen-app-sets-off-manhunt-for-man-falsely-accused-of-starting-palisades-fire

  • 3.2B Email and Password Pairs Leaked

    CyberNews reports that a massive repository of individuals’ data has been posted online. Dubbed “Compilation of Many Breaches” (COMB) this may be the biggest-ever compilation of hacked user credentials ever posted online before, but it’s not the result of a new hack or data breach. Leaked user data combines a 2012 data breach at LinkedIn involving 117 million accounts, as well as stolen Netflix login data. This is the time to change passwords and it comes as a reminder for users to stop recycling user names and passwords across different services. https://bgr.com/tech/data-breach-email-and-passwords-leaked-compilation-of-many-breaches-5904287/