Spear-phishing attacks are making a comeback: BEC scam with a value of £380 million.
With one of the most profitable spear-phishing campaigns to date whose targets include a Premier Football team and a US law firm. The method of choice? Business Email Compromise Fraud. The apprehended perpetrator is Ramon Abbas, who wasn’t discrete with his amass of funds. Abbas exhibited his extravagant lifestyle on social media with a suite of luxury cars and even a private jet.
Yahoo ex-employee avoids jail for compromising 6000 yahoo accounts.
In September 2019, Reyes Daniel Ruiz, a Software Engineer employed by Yahoo, pled guilty to hacking into customer accounts. Over three years, he primarily targeted the accounts of mostly young women trying to uncover personal private pictures. He was convicted this week and narrowly avoided jail time and was handed a five-year probation sentence.
Unpatched home routers exposes further working from home risks during pandemic
A jaw-dropping study by the Fraunhofer Institute for Communication, Information Processing and Ergonomics has declared that every home router is likely to have vulnerabilities. Out of 127 routers studied, flaws were found in all of them. What was most worrying was the fundamental issues and inability of manufacturers to address the problems in updates. Particular emphasis is placed on Linux OS, which comprised 91% of the routers sampled.
An accumulation of crackable passwords, lack of patching, questionable cryptography, and inconsistent updates were some of the many critiques.
With home and business life coming together, this proves a genuine risk for firms today.
Massive increase in Stalkerware apps since March
It would seem some people have far too much time on their hands during the lockdown. While many of us try to learn a new instrument or improve on our fitness, others would rather install unauthorised tracking software on spouses and ex-spouses phones.
Not to be confused with Spyware, the main difference is that stalkerware is deliberately installed and is readily advertised for this very purpose, often under the guise of parental control usage.
What can stalkerware do?
UK Anti-malware study has shown an increase of 83% of stalkerware installation since March this year. In line with a massive increase in domestic abuse cases during the same period.
Up to 6000 F5 devices exposed
This severe security flaw within the configuration interface is an application delivery controller vulnerability. To make matters worse, the mitigation measures can be bypassed and have been “exploited in the wild.”
48 out of 50 Fortune are F5 customers – not a good look. F5 has issued an apology and recommends users restrict access to the management interface. Both patching and applying mitigation measures are advised.