UK knew in 2016 of Trump’s ‘suspicious links’ to Russia, book claims – Security news

0
151


  • No 10 did not ‘push matter’ to avoid offending US president, say commissioners of Steele dossierThe UK’s intelligence agencies were aware that Donald Trump may have been compromised by the Kremlin but Theresa May’s government – including then-foreign secretary Boris Johnson – chose not to pursue the matter for fear of offending the US president, a new book claims.According to Crime in Progress, to be published next week in the US and UK, MI6 was “already



  • Church’s Chicken Warns of Possible Data Breach An American restaurant chain has warned of a possible data breach after detecting unauthorized activity in a computer system used to process payments.Church’s Chicken launched an investigation after noting the suspicious behavior at the end of October. The company has stated that any previous unauthorized third-party access that may have occurred has been halted. “Although our investigation is ongoing, what we currently know suggests that

  • US Jails NeverQuest Malware Creator for 4 YearsA Russian hacker who created a piece of malware to steal money from bank accounts has been jailed for four years by a United States court. Stanislav Vitaliyevich Lisov was arrested by Spanish authorities at Barcelona–El Prat Airport on January 13, 2017, at the request of the FBI, then extradited to the United States on January 19, 2018. Lisov is the creator of banking Trojan NeverQuest and part of a criminal enterprise that used the

  • Target Sues Insurer Over Data Breach Costs Target is suing its insurer for costs of up to $74M that were incurred as a result of a data breach.  America’s eighth-largest retailer claims ACE American Insurance Co. failed to pick up the tab for issuing customers with new plastic payment cards after their existing cards were compromised in the November 2013 incident.New cards had to be issued after a hacker installed software on Target’s computer network and gained access to the pers



  • Google’s Updated Political Ads Policy Puts Pressure on FacebookGoogle has announced plans to restrict political advertising on its platforms ahead of the UK General Election and next year’s US Presidential election, in a move which will further turn the heat up on Facebook.Although the web giant claimed that it never allows controversial micro-targeting of election ads, it announced a further clarification of its policy on Wednesday to limit election ad targeting to “age, gende

  • French Hotel Giant Leaks 1TB+ of Client Data A leading European hotel booking platform has leaked over 1TB of data on customers, clients and partners thanks to an unsecured Elasticsearch database, exposing them to account takeover, identity theft and financial fraud.Researchers at vpnMentor discovered the database in question on an unsecured and unencrypted server. It belonged to French B2B hotel booking firm Gekko Group, which is said to have a client list of 600,000 global hotels and is a subs

  • Nominet Tackles Cybercrime with 29,000 .UK Domain SuspensionsNominet suspended nearly 29,000 .uk domains over the past year in its ongoing bid to clean up Britain’s domain name space.The .uk registry said that between November 1, 2018 and October 31, 2019 it took down 28,937 domains as a result of criminal activity.The figure is down slightly from the previous year’s 32,813 and represents just 0.22% of the more than 13 million .uk domains currently registered, which Nominet claimed w

  • Remote Islands to Enter Cybersecurity Industry in 2020The US Commonwealth of the Northern Mariana Islands (CNMI) is to welcome its first ever cybersecurity business next year.In a statement released today and published in the Marianas Variety, the CNMI Departments of Commerce and Labor announced that an unnamed US-based cybersecurity firm will open its newest Security Operations Center on CNMI’s largest island, Saipan, in January 2020.In addition to placing the CNMI on the cybersecurit



  • Dutch Company Launches Private Unprofiled News Tab Startpage.com has created a private News tab that allows users to search the internet without logging in or sharing any personal information. The Dutch company launched the News tab today as an additional feature of its existing private browsing extension. The tab allows users to keep up with the latest news stories in complete anonymity, and prevents users from becoming trapped in a limited bubble of search results tail

  • Cybersecurity Protocol for International Arbitration Published A detailed set of guidelines on what cybersecurity measures to take when handling arbitration was released today as part of New York Arbitration Week.The Cybersecurity Protocol for International Arbitration (2020) is the culmination of two years of work by a working group on cybersecurity consisting of representatives of the International Council for Commercial Arbitration (ICCA), the New York City Bar Association (Cit

  • #InfosecNA: How to Communicate Risk and Security to ExecutivesSpeaking at Infosecurity ISACA North America Expo and Conference in New York, Tony Rock, chief operating officer at Lockpath, discussed the challenges many security departments face in building a business case to communicate their risk management and security programs.“Our [infosec pros] jobs are hard, when you think about the world that we live in: no resources, changing priorities, no funding, compliance [etc.],” Ro

  • #InfosecNA: The Benefits of Training Employees to HackFor most corporate denizens, security training is an unpleasant but necessary evil, but does it have to be? Not according to Kris Martel, CISO of Imagine IT, who uses a highly interactive approach to create an engaging, entertaining learning environment that makes security meaningful and interesting to the average employee.Speaking at Infosecurity ISACA North America Expo and Conference in New York, Martel shared some of the things he uses in

  • #Irisscon: Ransomware Shifts to use Affiliate Distributors, and Infect via RDPSpeaking at Irisscon in Dublin, McAfee chief scientist Raj Samani said that ransomware has evolved from a one to one “relationship” between the author of the malware and the victim, to using more affiliates to distribute the malware.Citing the WannaCry ransomware epidemic of 2017, Samani said that was further proof that “cybersecurity is about more than just computers” as people were turned away

  • Breaches Hit Over Two Million Gamers and Crypto Wallet UsersOver two millions users of a gaming company and a cryptocurrency specialist have become the latest “netizens” to have their personal data compromised by attackers.The haul includes 1.4 million accounts from users of cryptocurrency wallet service GateHub, which were posted to a popular hacking forum, according to the breach notification site HaveIBeenPwned?The firm had previously acknowledged a June breach, although a “final s

  • #Irisscon: Ireland Faced 43,000 Incidents So Far in 2019Opening the 11th Irisscon conference in Dublin, Brian Honan, CEO of BH Consulting and head of the Irish Reporting and Information Security Service (IRISS), said that it is the same issues that continue to be a problem for businesses.Focusing on statistics gathered by IRISS and from other Computer Emergency Readiness Teams (CERT) around the world which identify compromised systems in Ireland, Honan said that 43,000 incidents were detect

  • Microsoft Denies Bluekeep Ransomware RumorsMicrosoft has taken the unusual step of issuing a statement to deny what it claims to be misleading reports about a recent ransomware campaign.Stories emerged earlier this month that a number of organizations in Spain had been infected with the DoppelPaymer ransomware, with some rumors claiming links to Microsoft’s Teams platform and the infamous Bluekeep vulnerability.However, a statement penned yesterday by senior security program managers at th

  • French Hospital Crippled by RansomwarePatient care at a large hospital in northern France has suffered considerably after a major ransomware attack at the weekend, according to local reports.The University Hospital Center (CHU) of Rouen was hit by the malware last Friday and severely disrupted all weekend, with national investigators called in.A communications director from the hospital, which has over 1300 beds and 8000 staff, told AFP that the incident had forced staff back to using pen and pa

  • #InfosecNA: The Impact of AI, IoT and Emerging TechThe Infosecurity ISACA North America Expo and Conference got off to a suitably heady start today with its opening keynote, given by the noted cybersecurity expert and visionary Theresa Payton. Payton provided a lively analysis of the current state of security, practical advice for coping with threats and predictions for the year ahead.In between stories about exploring the Dark Web and tracking down cyber-criminals from her kitchen tab

  • #InfosecNA: How IoT Gadgets Can Spy on Your ChildrenAt Infosecurity ISACA North America Expo and Conference in New York this week Ken Munroe, CEO of Pen Test Partners, took visitors on what he referred to as a “scary, creepy tour” of IoT-related security issues. Munro explained that a child’s doll, marketed as ‘My Friend Cayla,’ is just one example of the growing number of IoT-enabled consumer and commercial products on the market, and the lack of proper security in their

  • Midwest Gets First Cybercrime-Fighting DogPolice in Nebraska have recruited a highly trained dog to assist them in the fight against cybercrime.Two-year-old black Labrador Quinn has joined the Bellevue Police Department as the Midwest’s first-ever electronic storage device K-9 officer.Unlike most sniffer dogs, who are taught to detect drugs, Officer Quinn has been specially trained to sniff out a particular chemical used in electronic devices like SIM cards, cell phones, and micro SD c

  • 100K People Targeted by Spoof IRS WebsitesOver 100,000 people were targeted by a large-scale summer threat campaign using fake IRS websites. The extensive phishing campaign was discovered by researchers at cloud security solutions provider Akamai.Akamai’s research team recorded threat actors using hundreds of different domains and URLs to impersonate the Internal Revenue Service of the United States over a two-month period beginning in mid-August 2019. Users were all directed to t

  • Vishing Attacks to Become Commonplace in 2020Cybersecurity experts predict that voicemail phishing attacks, otherwise known as vishing, could become a daily occurrence in 2020. Threat research conducted by Mimecast found that malicious voicemail messages were not just on the rise, but were “evolving and more nuanced than ever before.” In the “Quarterly Threat Intelligence Report: Risk and Resilience Insights” report released by Mimecast today, researchers warned that in 2020,

  • #InfosecNA: How to Know If You’ve Been CompromisedSpeaking at Infosecurity ISACA North America Expo and Conference in New York, Marc Keating, senior sales engineer at Arctic Wolf Networks, outlined steps organizations can take to gauge whether or not they have suffered a data compromise.Keating said that cyber-threats are evolving quickly: “What we are up against today in this world are people who go to work to break into your company,” he said. “They are being funded by

  • Labour’s leader draws fire because he doesn’t go along with the double standards ruling the UK’s relations with foreign powersLast week Jeremy Corbyn was branded a “terrorist sympathiser” by a heckler in Glasgow, who demanded to know where his “Islamic jihad scarf” could be found.The moment, gleefully covered by the rightwing press, lost some of its lustre when it emerged that the heckler, a Church of Scotland minister called Richard Cameron, allegedly h

  • Researchers Publish PoC for Docker Escape BugSecurity researchers are urging Docker customers to upgrade to the latest version after detailing a proof-of-concept (PoC) attack exploiting a critical vulnerability, which could lead to full container escape.The CVE-2019-14271 flaw was fixed in Docker version 19.03.1, but if left unpatched could give an attacker full root code execution on the host.“The vulnerability can be exploited, provided that a container has been compromised by a pre

  • US Man Charged with ISIS Coding PlotA Chicago man has been arrested and charged with attempting to provide technology to ISIS to support the terror group’s propaganda efforts.Thomas Osadzinski, 20, was arrested on Monday and charged with one count of attempting to provide material support and resources to a foreign terrorist organization.The complaint alleged that he designed a process that helps computer users more easily access and share ISIS propaganda on social media.Osadzinski was cau

  • Anti-Stalkerware Alliance Sets Sights On Malicious Spying AppsThe anti-virus industry has teamed up with victim support groups in a new anti-stalkerware alliance focused on shutting down the malicious surveillance apps.The Coalition Against Stalkerware features Kaspersky, Norton, Avira, G Data and Malwarebytes alongside the Electronic Frontier Foundation (EFF), the National Network to End Domestic Violence, Operation: Safe Escape and other domestic violence groups.Its focus will be on providing

  • Windy City to Welcome 2,000 New Jobs in Cybersecurity and Technology Cybersecurity and technology firms have revealed plans to create 2,000 new jobs in Chicago, Illinois, next year.The encouraging news was revealed yesterday when representatives of 15 different businesses joined the Chicago mayor, Lori Lightfoot, to celebrate the city’s third annual Tech Day. The event was held at the headquarters of software company Relativity. Chicago’s first African American–owned cybers

  • Only 12.5% of Top US Retailers Protect Customers from Email Fraud A study conducted by cloud-based email security company Red Sift has found that only 12.5% of America’s top 100 retailers have taken steps to prevent fraudulent emails from landing in their customers’ inboxes.The worrying finding emerged after Red Sift researchers looked into the DMARC status of companies featured in STORES Magazine’s Top 100 Retailers for 2019, along with their subsidiaries.&nb

  • PayMyTab Exposes Data of US Restaurant Goers A mobile payments provider exposed the data of thousands of US restaurant goers for 16 months by failing to follow security protocols. PayMyTab didn’t change the security settings to “private” on an Amazon Web Services (AWS) S3 bucket that the company has been using to store customer data since July 2, 2018.Data exposed included personally identifying information (PII) of customers who had paid for restaurant meals using the PayMyTab se



  • Source link