On 17 April (Monday) the strain, dubbed "BankBot", was discovered in an application called "HappyTimes Videos" on Google's Play Store. In addition, experts from Securify, a Dutch cybersecurity firm, recently found another infected app there, titled "Funny Videos 2017". The Trojan is able to pose as legitimate services, mostly banks and financial institutions. However, once … Continue reading BankBot malware targets Android Apps →

The Intercontinental Hotels Group (IHG) has been forced to reveal yet another major data breach of customer card details over the latter part of 2016. In a lengthy missive on Friday, the group explained that an unspecified number of IHG hotels run as franchises were affected between September 29 and December 29 last year. via … Continue reading Intercontinental Hotel Credit Card Breach →

Like Mirai, Hajime also scans the internet for poorly secured IoT devices like cameras, DVRs, and routers. It compromises them by trying different username and password combinations and then transferring a malicious program. However, Hajime doesn’t take orders from a command-and-control server like Mirai-infected devices do. Instead, it communicates over a peer-to-peer network built off protocols … Continue reading IoT Botnet rivalry →

A sharp spike in the number of health care data breaches was recorded in March with 39 incidents taking place compromising more than 1.5 million patient record. via 1.5 million records lost in March health care industry data breaches 1.5m records lost in March health care industry data breaches represents a rather unsettling trend. While … Continue reading Rise in Healthcare Breaches →

The ransomware is provided as a C++ source code, paired with the necessary PHP web server scripts and a payment panel. via CradleCore Ransomware Sold as Source Code | SecurityWeek.Com As if the world didn't have enough troubles with vanilla ransomware. They went ahead and created ransomware as a service (RaaS). But now they've gone … Continue reading Get your Ransomware source code →

"Customers should pay close attention (to) their own security and take security into consideration when selecting a service bureau and working with other third-party providers,” SWIFT, also known as the Society for Worldwide Interbank Financial Telecommunication, said in a press release published on its website. via SWIFT warns on vendor security after documents leaked by … Continue reading Vendors pose a security risk says SWIFT →

Cyberattacks — “We had one of our top cyberattack experts at AP talk to us. They were unanimous that the word is greatly overused for things like hacking. We caution that the word cyberattack should be used only for significant and widespread destruction,” Froke said. via AP style for first time allows use of they as … Continue reading Stop calling it a cyberattack! →

What originally appeared to be one of the most damaging releases in recent memory of "zero-day" exploits, or hacking tools that take advantage of previously unknown software vulnerabilities, fell from the sky with the shrieking ferocity of a MOAB bomb and landed with the soft thud of a dud. via Microsoft's Quiet Patch of Shadow … Continue reading When disclosure is responsible →

Last Friday night, as midnight approached, someone managed to trigger the emergency siren system used by the city of Dallas for tornado warnings and other emergencies. And that someone managed to keep the alarms in action for 95 minutes—even after emergency services workers shut them off. The entire system had to be shut down. via Pirate … Continue reading Dallas emergency sirens set off →