Lifeboat Foundation

A notorious hacking group is finding new ways to put your credit cards at risk.

by

• Alfred Ng

We write often here about the security vulnerabilities of Android devices that are due, at least in part, to how much of a delay there can be in the latest software updates making the rounds. Which can leave some handsets dangerously vulnerable if the device manufacturer is slow on the uptake.

Which means we’re constantly writing posts like this one: Researchers from Nightwatch Cybersecurity this week put out an advisory about an Android vulnerability that purportedly exposes information about a user’s device to all applications running on the device. There’s a fix for it, but not if you’re running a too-old version of Android.

According to the advisory, the information includes “the Wi-Fi network name, BSSID, local IP addresses, DNS server information and the MAC address. Some of this information (MAC address) is no longer available via APIs on Android 6 and higher, and extra permissions are normally required to access the rest of this information. However, by listening to these broadcasts, any application on the device can capture this information thus bypassing any permission checks and existing mitigations.”

Business email compromise attacks have led to billions in fraud losses in recent years, according to a Barracuda report. Here’s how to avoid them.

The Cobalt Group is suspected of vast numbers of attacks which have caused over a billion in damages — and they’re not done yet.

Wealthy Singapore is hyper-connected and on a drive to digitise government records and essential services, including medical records which public hospitals and clinics can share via a centralised database.

But authorities have put the brakes on these plans while they investigate the cyberattack. A former judge will head a committee looking into the incident.

While the city state has some of the most advanced military weaponry in the region, the government says it fends off thousands of cyberattacks every day and has long warned of breaches by actors as varied as high-school students in their basements to nation states.

Continue reading “Singapore hit by ‘most serious’ cyberattack, resulting in theft of health data of 1.5 million people – including the prime minister” »

MADRID (Reuters) — The Bank of Spain’s website has been hit since Sunday by a cyber attack which has temporarily disrupted access to the site, a spokesman for the central bank said on Monday.

When it comes to the individual citizen, whose responsibility is it to guard against cybercrime? Research we’ve conducted suggests that governments have a crucial role to play. They need to support individual citizens, as well as businesses, in a more practical and proactive way, to manage this particular society risk.

For instance, they could provide individuals with free face-to-face assistance and cybersecurity support. They could give clear guidelines and provide government sanctioned security software for people to install, and make sure it’s easy to get hold of. New York has recently started providing this kind of support to its residents. Based on our research, we believe there’s scope for all governments, including those in Southern Africa, to do the same.

T-Mobile disclosed an “incident” in which hackers accessed “some” customers’ personal information—but no financial data or passwords.

Your phone number is increasingly tied to your online identity. You need to do everything possible to protect it.