Sextortion Scams Using Redacted Phone Numbers to Demand Payment

Sextortion Scams Using Redacted Phone Numbers to Demand Payment

Sextortion scammers are now using potential targets’ redacted phone numbers in an attempt to trick them into submitting payment. Perhaps after having obtained a list that ties people’s phone numbers and email addresses together, scammers are sending out sextortion emails that use redacted phone numbers to lure in victims. Here’s ... Read More
Man Gets Jail Time for Helping to “Cash Out” Ransomware Payments

Man Gets Jail Time for Helping to “Cash Out” Ransomware Payments

A man received a prison sentence for his part in helping to “cash out” ransom payments made by victims of a specific ransomware family. On 13 August, the U.S. Department of Justice (DOJ) announced the sentencing of Raymond Odigie Uadiale, 41, of Maple Valley, Washington to 18 months in jail ... Read More
‘Hack the Marine Corps’ Bug Bounty Program Announced by DoD

‘Hack the Marine Corps’ Bug Bounty Program Announced by DoD

The U.S. Department of Defense (DoD) and HackerOne together announced the creation of a new bug bounty program called “Hack the Marine Corps.” On 12 August, DoD kicked off its new vulnerability disclosure initiative at DEF CON 26 in Las Vegas, Nevada with a live hacking session. For the launch ... Read More
Hacking the Fax – Ground Breaking New Research in Cyber

Researchers Showed It’s Possible to Take Over a Network With Malicious Faxes

Researchers demonstrated the feasibility of taking over a enterprise network and abusing that access to exfiltrate data using just a fax number. On 12 August, Yaniv Balmas and Eyal Itkin of Check Point’s malware research team presented their findings on fax security at DEF CON 26 in Las Vegas. They ... Read More
Ransomware Strikes Computer Servers of Golfers’ Association

Ransomware Strikes Computer Servers of Golfers’ Association

Digital attackers targeted the computer servers of a golfers’ association with ransomware and encrypted files stored on those assets. Staff at the Professional Golfers’ Association of America (PGA) discovered the attack on 7 August. When they attempted to access certain work files that morning, those documents generated a ransom note ... Read More
Many Developers Have Yet to Take Responsibility for Code Security, Reveals DevOps Study

Many Developers Have Yet to Take Responsibility for Code Security, Reveals DevOps Study

A DevOps survey revealed that many developers have yet to take responsibility for the security of the code they produce. According to Checkmarx’s report, “Managing Software Exposure: Time to Fully Embed Security into Your Application Lifecycle,” 93 percent of respondents said it’s either highly desirable or desirable that developers take ... Read More
Semiconductor Foundry Notifies Customers of Computer Virus Incident

Semiconductor Foundry Notifies Customers of Computer Virus Incident

A semiconductor foundry notified its customers of a computer virus incident that at least partly disrupted its shipping schedule. On 5 August, Taiwan Semiconductor Manufacturing Company, Limited (TSMC) published an update about a computer virus infection that occurred on the evening of 3 August. TSMC, which is the world’s largest ... Read More

How the CIS Controls Can Help You Achieve PCI DSS 3.2 Compliance

Compliance with version 3.2 of the Payment Card Industry Data Security Standard (PCI DSS) is a must for organizations that handle, process, transmit and store payment card data. But compliance isn’t always easy to establish or maintain. Indeed, there are certain challenges along the way that can make organizations’ compliance ... Read More
Three Suspected Members of Computer Crime Group in Custody for Malware Campaigns

Three Suspected Members of Computer Crime Group in Custody for Malware Campaigns

Law enforcement personnel have arrested three suspected members of an international computer crime group for their roles in perpetrating malware campaigns against U.S. companies. On 1 August, the Department of Justice (DOJ) announced in a press release that foreign authorities had arrested three alleged members of FIN7. The arrests began ... Read More
Reddit Says Some User Data Accessed in Security Incident

Reddit Says Some User Data Accessed in Security Incident

Reddit said that a digital attacker infiltrated some of its systems and accessed user data during a recent security incident. On 1 August, the social news aggregation website revealed that an attacker had compromised a few of its employees’ accounts with its cloud and source code hosting providers sometime between ... Read More
Loading...