Security

Cyber Security Reviews – Security will bring to our readers whats happening on the Security scene around the world.

0 Comments
The Space Information Sharing and Analysis Center (Space ISAC) and the New York Metro InfraGard Members Alliance (NYM-IMA) have agreed to work together to advance the mission of cybersecurity in space.  A Memorandum of Understanding (MOU) enabling collaboration between the two organizations was signed earlier this month. In a statement released to announce the news, the organizations
0 Comments
A 40-year-old man from California has admitted his role in a conspiracy to break into the private digital photo libraries of Apple customers to locate and steal sexually explicit images. Hao Kuo Chi, a resident of the city of La Puenta in Los Angeles County, pleaded guilty to charges of computer fraud and conspiracy on Friday, October
0 Comments
South Korea is seeking assistance from the International Criminal Police Organization (Interpol) to arrest two foreign nationals suspected of being cyber-criminal gang leaders. The two individuals allegedly played a key role in multiple cyber-attacks and a major extortion scam that claimed victims in both South Korea and the United States.  On Friday, South Korea said that it
0 Comments
The personal data of thousands of individuals have been stolen from a non-profit professional membership organization located in Illinois. Cyber-thieves struck the American Osteopathic Association (AOA) in the summer of 2020, making off with information that included names, Social Security numbers, and financial account details. The AOA, which is headquartered in Chicago, represents around 151,000
0 Comments
Apple’s plans to implement new phone-scanning features have been heavily criticized by more than a dozen cybersecurity experts. The tech company announced in August its intention to start scanning iPhone users’ iCloud Photos libraries. Apple presented the move under the pretext that it would locate users’ caches of illicit content, including child sexual abuse material (CSAM). In
0 Comments
Organizations around the world take on average more than two business days to respond to a cyber-attack, according to new research by American cybersecurity company Deep Instinct.  The finding was published in the company’s second bi-annual Voice of SecOps Report, which was based on a survey of 1,500 senior cybersecurity professionals in 11 countries who work for
0 Comments
Social media company Facebook has announced plans to selectively protect some of its better-known users from being harassed on its platform. Updates to the company’s bullying and harassment policies were announced yesterday by Facebook’s global head of safety, Antigone Davis. The announcement coincided with National Bullying Prevention and Awareness Day in the United States.  Davis said Facebook is introducing
0 Comments
A cybersecurity official in the Ghanaian police force has cautioned women and girls against using digital devices to take and share intimate pictures.  The assistant commissioner of police, Dr. Gustav Herbert Yankson, who is the director of the Cybercrime Unit at the CID Headquarters of the Ghana Police Service, gave the warning while speaking at
0 Comments
by Paul Ducklin It’s been a wild few weeks for Apple, or perhaps an “in-the-wild” few weeks, with several zero-day bugs necessitating emergency updates. We were going to say “unexpected updates”, but all (or almost all) Apple security patches are, of course, unexpected by design. Apple deliberately announces security fixes only after they’ve been published,
0 Comments
Google is bringing together a bevy of in-house experts to form a new cybersecurity advisory team. In a statement released earlier today, Google announced the creation of its new Google Cybersecurity Action Team, which it says will have “the singular mission of supporting the security and digital transformation of governments, critical infrastructure, enterprises, and small businesses.” In pursuit of
0 Comments
by Paul Ducklin It’s the second week of Cybersecurity Awareness Month 2021, and this week’s theme is an alliterative reminder: Fight the Phish! Unfortunately, anti-phishing advice often seems to fall on deaf ears, because phishing is an old cybercrime trick, and lots of people seem to think it’s what computer scientists or mathematical analysts call
0 Comments
Data belonging to patients of a hospital in New Mexico has been deleted by an unknown cyber-attacker.  The IT network of San Juan Regional Medical Center in Farmington was breached by an unauthorized individual in September last year. The attack was reported to the United States Department of Health and Human Services’ Office for Civil Rights on June 4
0 Comments
An authentication error left the personal data of hundreds of thousands of BrewDog customers and Equity for Punks shareholders exposed for a year and a half.  The gaffe involving an API bearer token was discovered by researchers at security consulting and testing company Pen Test Partners.  “Every mobile app user was given the same hard-coded API Bearer Token,
0 Comments
A student at East Carolina University has been charged with cyber-stalking after allegedly posing as a member of a rival fraternity to upload a racist post to social media. A police investigation was launched after an offensive message, purporting to be from the university’s Theta Chi chapter, was uploaded anonymously to Yik Yak in August. 
0 Comments
Patching vulnerabilities is too labor intensive and convoluted a process for most IT security professionals, according to new research by Ivanti.  The Utah-based software company surveyed over 500 enterprise IT and security professionals across North America, Europe, the Middle East, and Africa about their patch management challenges.  Nearly three-quarters of respondents (71%) found patching to be “overly complex,
0 Comments
A working group appointed by the International Association of Scientific, Technical and Medical Publishers (STM) has published a new set of guidelines to tackle the issue of doctored images in scientific research papers.  The recommendations of the Standards and Technology Committee (STEC) include a three-tier classification system that editors can use to flag suspicious content, and detailed
0 Comments
A voucher scheme launched by the Northern Ireland Assembly to stimulate economic growth following Covid-19 lockdowns is having an identity crisis.  Under the £145m High Street Spend Local Scheme, the approximately 1.4 million residents of Northern Ireland who are aged 18 and over are eligible to apply for a £100 Spend Local voucher.  The voucher takes the form
0 Comments
by Paul Ducklin As you probably know (or, at least, as you know now!), October is Cybersecurity Awareness Month, which means it’s a great opportunity to do three things: Stop. Think. Connect. Those three words were chosen many years ago by the US public service as a short and simple motto for cybersecurity awareness. 5
0 Comments
A former Facebook employee is to appear before a US Senate subcommittee tomorrow after blowing the whistle on the company’s alleged prioritization of profit above user welfare.  Frances Haugen, a 37-year-old data scientist from Iowa, revealed yesterday that it was she who leaked internal research carried out by Facebook to the Wall Street Journal. This research formed the
0 Comments
Today marks the start of the 18th Annual Cybersecurity Awareness Month in America, and this year’s theme is “Do Your Part. #BeCyberSmart.” The digital safety initiative was launched back in October 2004 by the National Cyber Security Alliance and the United States Department of Homeland Security to help the public stay safe and secure while
0 Comments
by Paul Ducklin [00’22”] Guess what? iOS 12 wasn’t dead, it was just resting. [03’04”] Let’s Encrypt brings HTTPS to everyone. [12’12”] Researchers rediscover an Outlook data leakage issue. [25’34”] VMware keeps it real. [28’47”] Oh! No! When the mouse is away, the cat will play. With Paul Ducklin and Doug Aamoth. Intro and outro
0 Comments
The owner of two chains of American luxury department stores has warned 4.6 million Neiman Marcus customers that their personal data may have been exposed in a security incident that happened 17 months ago.  Neiman Marcus Group, which owns the Neiman Marcus and Bergdorf Goodman department stores, as well as the high-end home goods line