Lloyds Bank customers are being targeted by a sophisticated email and SMS messaging phishing campaign, according to an investigation by law practice Griffin Law. An estimated 100 people have reported receiving fake communication purporting to be from Lloyds, which is one of the largest banks in England and Wales. In the email scam, a realistic-looking […]
Warner Music Group has issued a data breach notification following a prolonged skimming attack on an undisclosed number of its e-commerce websites. The cyber-attack was discovered by the multinational entertainment and record label conglomerate on August 5, 2020. E-commerce websites that are hosted and supported by an external service provider in the US but operated […]
New research from Kaspersky has discovered that of the 32% of Brits provided with a corporate desktop computer, only 77% have adequate anti-virus or cybersecurity software installed, leaving 23% of company desktops significantly insecure and exposed to cyber-threats. This is also the case for company smartphones, 23% of which are unprotected, according to the security […]
A family of Android apps is using the lure of free items to distribute a novel ad fraud botnet. Victims of the scam are told that they will receive a complimentary gift when they download an app from the Google Play Store. However, the only thing received by victims is an infection of malware that […]
A vulnerability in the TeamViewer app could allow malicious actors to steal passwords. The high-severity flaw was discovered in the desktop version of the app for Windows before 15.8.3. By exploiting the weakness, authenticated threat actors operating remotely could execute code on victims’ systems or crack their TeamViewer passwords. TeamViewer is a proprietary software application that allows users […]
Popular stock photo site Freepik has disclosed a major data breach affecting over eight million customers. The incident also affected users of the sister site Flaticon, which claims to run the world’s largest database of free icons. In a breach notice over the weekend, the firm claimed an attacker had compromised an SQL injection vulnerability […]
Nearly half (47%) of UK IT leaders have not updated their security strategies to account for their move to cloud environments, putting their organizations at higher risk of cyber-attack, according to a new study by Trend Micro commissioned for CLOUDSEC Online. This is despite the fact that traditional on-premises security such as firewalls, network intrusion prevention systems (IPS/IDS) […]
Almost two-fifths (39%) of British business decision makers have sacked employees because they breached corporate security policy during the pandemic, according to new data from Centrify. The IAM specialist polled 200 UK respondents to find out more about how COVID-19 and mass remote working has impacted corporate cybersecurity. Over half (58%) of respondents admitted that employees […]
A social media data broker has exposed the public-facing profiles of 235 million users via a misconfigured online database, according to researchers. Comparitech teamed up with Bob Diachenko to uncover three identical copies of the data on August 1, left online with no password or other authentication required to access it. In total, 192 million […]
The company behind one of India’s most popular travel booking sites exposed 43GB of customer and corporate data before it was deleted by the infamous “Meow” attacker, according to researchers. A team at SafetyDetectives led by Anurag Sen discovered an Elasticsearch server without password protection or encryption on August 10. It failed to get a […]