Download TechShotsApp

App Store

Google Play

Tag: information security (page 1 of 8)

2G mobile data encryption standard has a security flaw

Cybersecurity researchers have found a flaw in the encryption algorithm used for GPRS or 2G cell phones. This may have allowed hackers to gather information on data traffic for over 20 years. Experts suggest that the flaw in GEA-1 was created intentionally to allow a backdoor for law enforcement agencies. The GEA-1 algorithm was supposed to be removed from smartphones back in 2013 but researchers have found them in android and iOS devices, as well.

Click here to read the full story

Rishi Mehta is new CISO of Cyble

Cyber threat intelligence company, Cyble has hired Rishi Mehta as their new CISO. The company specialises in empowering global organisations with dark web, cybercrime monitoring and mitigation services. Mehta is a veteran with experience of over two decades. He formerly worked with Target for six years as Senior Director, Technology. He has also worked with Religare, CitiFinancial, and Genpact. At Cyble he is expected to manage infosec functions.

Click here to read the full story

VW vendor’s data breach affected 3.3 mn customers in North America

Volkswagen, in a statement, said a data breach at a vendor has affected 3.3 mn customers and potential buyers in North America. Almost all of them were customers or potential buyers of Audi. The vendor had left sales and marketing information from 2014-19 in an e-file unsecured. Limited personal information about customers and potential buyers was exposed to hackers. VW will offer free credit protection services to the 90,000 customers affected by the leak.

India and Australia to work on improving cybersecurity 

India and Australia have come to an agreement to improve the digital economy and cyber-enabled technologies. They feel the need to strengthen the security of 5G telecom networks and other critical information infrastructure. A five-year plan has been laid down by both countries on cyber-enabled critical tech cooperation. Both sides will share cybersecurity threat assessments along with information on legislation and national cyber strategies.

Meatpackers JBS pays $11mn as ransom to cyberattackers

JBS USA paid a sum of $11mn after its system was hacked and its operations in North America and Australia were affected. Last week, post cyberattack, cattle slaughtering at all of its plants in the US were stopped for a day, which threatened to increase the prices. Investigations are being carried out and till now no company, employee, or customer data has been leaked. Russian groups REvil and Sodinokibi have been identified as the attacker.

US recovers $2.3mn paid to Colonial pipeline ransomware attackers

The US justice department said it has recovered cryptocurrency worth $2.3 mn which was paid by the Colonial pipeline to the ransomware attackers. 63.7 bitcoins worth $2.3 mn have been seized were part of the $5 mn ransomware Colonial paid to the hackers to gain access to IT infrastructure. The White House has urged companies to improve cybersecurity. The cyberattack will also be discussed this month in the meeting between the presidents of the US and Russia.

Click here to read the full story

Chrome users soon to be warned by Google for risky downloads

Google is in the works to launch new safety features along with a new scanning tool for risky downloads. This will be done to safeguard users from phishing attempts. ‘Enhanced safe browsing’ launched in 2020, will provide additional protection. Google claims, ‘Enhanced safe browsing’ users are 35% less phished than other users. Last year after the Chrome web store was integrated with Google safe browsing, chrome disabled 81% of extensions to protect users.

 APT group hacks local govt office, FBI issues a warning

An APT group attacked a local govt office using Fortinet vulnerabilities. The FBI didn’t name the office but has issued a warning as Fortinet’s vulnerabilities being exploited by cybercriminals. APT actors created an account by the name of ‘elie’ to increase activity on networks. In April FBI had warned that the ports 4443, 8443, and 10443 for Fortinet FortiOS CVE-2018-13379, and enumerated devices for FortiOS CVE-2020- 12812 and FortiOS CVE-2019-5591, had been compromised.

Click here to read the full story

DDoS hacking attempts drop in Q1 2021, says Kaspersky

A Kaspersky DDoS Prevention report said that in the Q1 of 2021, the DDoS attack witnessed a drop of 29 % when compared to Q1 of 2020. However, a 47 % increase is seen in the Q4 of 2020. The growth is due to the abnormal spike in Jan which accounted for 43 % of the total number of attacks in the three months, the rest of the two months remained normal. The report painted the overall  DDoS situation as stable.

Click here to read the full story