ThyssenKrupp, a major supplier of steel to Germany's automotive sector, has announced today that some of its trade secrets were stolen in a cyber-attack earlier in the year. The attacks were carried out in February but not spotted until April. The company, one of the world's largest steel makers, said in a statement, “It has been a professional attack, apparently from the southeast Asian region.”
The Charity Commission, the independent regulator of charities in England and Wales, is issuing an alert to charities about two prevalent scams to be aware of:
Fraudsters are sending out phishing emails to personal and business email addresses with the subject headings: ‘Crime Prevention Advice' (distributing powerful malware through a malicious email attachment) and ‘Notice of Intended Prosecution' and ‘NIP – Notice Number' followed by a combination of letters and numbers. The primary function appears to be distributing Banking Trojan malware via a malicious link embedded within the email.
Hackers are installing mining malware on victims' machines in a bid to mine a new type of crypto-currency called Zcash, a relatively new crypto-currency, launched at the end of October. According to Kaspersky, the currency appeals to criminals as unlike Bitcoin, Zcash transactions can be shielded to hide the sender, the recipient and value of all transactions. Zcash billed itself as being the “HTTPS” version of Bitcoin. Alexander Gostev, chief security expert at Kaspersky, said that Zcash mining remains among the most profitable compared to other crypto-currencies.
As the smoke clears from the attack on Tesco Bank, Sarb Sembhi, director of Storm Guidance told delegates, "There's a lot that's known about and at the same there's a lot that's not known about it and a lot that's not clear."
According to some reports, based on dark web conversations, online criminal activity targeting the bank had been known about since September and the organisation may have been exploited by a weakness in banking applications. What we do know is that Tesco Bank was attacked on the weekend of 5 November and that 9000 accounts were breached resulting in the loss of £2.5 million. Most of that was refunded to customers and things appeared largely back to normal by Tuesday.
Skills shortage and business reliance on technology is putting pressure on IT teams and causing some to cut corners with workplace security. Almost a third (29 percent) of IT professionals will be too busy to take time off during the holiday season this year and of those that can - half (50 percent) will spend their time off worrying about work according to new research conducted by Unified Security Management and crowdsourced threat intelligence company, AlienVault.