Posts

Israeli firm allegedly behind unique hacking tool for Apple iPhones, Latest World News

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


NEW YORK: A cyber surveillance company based in Israel developed a tool to break into Apple iPhones with a never-before-seen technique that has been in use since at least February, Internet security watchdog group Citizen Lab alleged on Monday.

The discovery is important because of the critical nature of the vulnerability, which requires no user interaction and affects all versions of Apple’s iOS, OSX, and watchOS, except for those updated on Monday.

The tool allegedly developed by the NSO Group defeats security systems designed by Apple in recent years. Apple said it fixed the vulnerability in Monday’s software update.

“After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users,” said Mr Ivan Krstic, head of Apple Security Engineering and Architecture.

“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers…” he added.

NSO did not confirm or deny that it was behind the technique, saying only that it would “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime”. – REUTERS

Source…

Apple fixes latest iPhone security flaw exploited by cyber arms dealer

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360



Apple released a critical software patch to fix a security vulnerability that researchers said could allow hackers to directly infect iPhones and other Apple devices without any user action.

Source…

HMRC WARNS STUDENTS OF LATEST MONEY-STEALING SCAMS – Island Echo

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


University students taking part-time jobs are at increased risk of falling victim to scams, HM Revenue and Customs (HMRC) is warning.

Higher numbers of students going to university this year means more young people may choose to take on part-time work. Being new to interacting with HMRC and unfamiliar with genuine contact from the department could make them vulnerable to scams.

In the past year, almost 1 million people reported scams to HMRC. Nearly half of all tax scams offer fake tax refunds, which HMRC does not offer by SMS or email. The criminals involved are usually trying to steal money or personal information to sell on to others. HMRC is a familiar brand, which scammers abuse to add credibility to their scams.

Article continues below this advertisement

Links or files in emails or texts can also download dangerous software onto a computer or phone. This can then gather personal data or lock the recipient’s machine until they pay a ransom.

Between April and May this year, 18 to 24-year olds reported more than 5,000 phone scams to HMRC.

Mike Fell, Head of Cyber Security Operations at HMRC, said:

“Most students won’t have paid tax before, and so could easily be duped by scam texts, emails or calls either offering a ‘refund’ or demanding unpaid tax.

Article continues below this advertisement

“Students, who will have had little or no interaction with the tax system might be tricked into clicking on links in such emails or texts.

“Our advice is to be wary if you are contacted out of the blue by someone asking for money or personal information. We see high numbers of fraudsters contacting people claiming to be from HMRC. If in doubt, our advice is – do not reply directly to anything suspicious, but contact HMRC through GOV.UK straight away and search GOV.UK for ‘HMRC scams’.”

In the last year (September 2020 – August 2021) HMRC has:

  • responded to 998,485 referrals of suspicious contact from the public. Nearly 440,730 of these offered bogus tax rebates
  • worked with the telecoms industry and Ofcom to remove 2,020 phone numbers being used to commit HMRC-related phone scams
  • responded to 413,527 reports of phone scams in total, an increase of 92% on the…

Source…

FirstEnergy hack is cyber-thieves’ latest effort to swipe personal info

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


CLEVELAND, Ohio – Recycling paper, bottles and cans is good. Recycling computer passwords is not.



a car parked in front of a building: First Energy, Ohio Edison, West Market St., in Akron, Ohio (Chuck Crow/The Plain Dealer). ORG XMIT: CLE1804031708204034


© Chuck Crow/The Plain Dealer
First Energy, Ohio Edison, West Market St., in Akron, Ohio (Chuck Crow/The Plain Dealer). ORG XMIT: CLE1804031708204034

The fact that so many people use identical usernames and passwords for multiple websites has led to an explosion of hacking incidents over the past decade, in which criminals take username and password combinations collected from one website and test them other websites to see if they unlock anything the hackers can use for financial gain.

Akron-based FirstEnergy is the latest company to report suspicious activity involving “numerous attempts to log into customer accounts” using credentials obtained from a source outside of the company. The company announced Sunday that it disabled six million customers’ online accounts and told them to reset their passwords. Other big companies that have reported mass hackings in recent years include Capital One bank, Target, LinkedIn, and Myspace.



a car parked in front of a building: First Energy, Ohio Edison, West Market St., in Akron, Ohio on April 3, 2018.  (Chuck Crow/The Plain Dealer). ORG XMIT: CLE1804031708204034


© Chuck Crow/The Plain Dealer
First Energy, Ohio Edison, West Market St., in Akron, Ohio on April 3, 2018. (Chuck Crow/The Plain Dealer). ORG XMIT: CLE1804031708204034

Brian E. Ray, who heads the Center for Cybersecurity and Privacy Protection at Cleveland Marshall College of Law says large hacks of customer data from the internet have escalated in the past four or five years, with ransomware as the latest wrinkle in the evolving cat-and-mouse game of fighting cybercrime.

Loading...

Load Error

“The good guys are constantly trying to keep up with the methods and the bad guys are constantly innovating and shifting their techniques,” says Ray. “The more connected we are, the more we put online, the bigger the surface area becomes and the harder it is to protect it all.”

FirstEnergy says the vast majority of the attempts to log into customer accounts were unsuccessful. Company spokesperson Jennifer Young says that easily abused customer information like complete bank account or credit card numbers aren’t available through the company’s online account access.

“There was and is no threat or impact to electric service…

Source…