Author: Admin

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Threat actors are actively exploiting the CVE-2018-13379 vulnerability in Fortinet VPNs to deploy a new piece of ransomware, tracked as Cring ransomware (also known as Crypt3r, Vjiszy1lo, Ghost, Phantom), to organizations in the industrial sector. The CVE-2018-13379 is a path traversal vulnerability in the FortiOS SSL VPN web portal that could be exploited by an unauthenticated attacker to download FortiOS system…

A substantial proportion of Brits choose passwords that are easy for cyber-criminals to predict, leaving them vulnerable to hacking. This is according to an independent survey carried out on behalf of the UK’s National Cyber Security Centre (NCSC). This found that when protecting their online accounts, people regularly use predictable passwords. These include pet names (15%), family members’ names (14%), a significant date (13%) and a favorite sports team (6%). Additionally, 6% of respondents admitted…

The security lessons organizations can take from insider attack trends were discussed by Neil Daswani, Co-Founder and Co-Director, Stanford Advanced Cybersecurity Program, during a RSAC 365 webcast. Daswani, author of the recently published book Big Breaches: Cybersecurity Lessons for Everyone, began by outlining trends there have been in regard to the volume of insider data breaches. From the period 2005-2009, the average number per year was under 25, but this figure subsequently surged during 2010-2014,…

Surging levels of fraud and financial crime during the pandemic threaten to overwhelm banking teams working from home with disjointed internal systems, according to new research from FICO. The predictive analytics company commissioned Omdia to poll 110 senior executives supporting financial crime-fighting efforts in banks across the US, UK, Brazil, Germany, the Nordics and Canada. In the UK, the vast majority (79%) of respondents cited remote working as having a “high” or “major” impact on the…

Thousands of cyber-criminals have had their personal data leaked online after a popular carding forum was hacked, according to Group-IB. The Singapore-based security firm said it discovered that data belonging to users of the Swarmshop site was leaked to another underground forum on March 17. “The database was posted on a different underground forum and contained 12,344 records of the card shop admins, sellers and buyers including their nicknames, hashed passwords, contact details, history of…

There was no let up for UK businesses in the first three months of 2021, with commercial organizations suffering an 11% year-on-year increase in cyber-attacks during the period, according to Beaming. The business ISP compiled the stats from analysis of traffic flowing to thousands of its corporate customers nationwide. It claimed UK firms were hit by over 172,000 attacks each on average during the first quarter, the equivalent of 1912 per day and one intrusion…