One of the things we advise people to do on our Phishing and Social Engineering training, is to be very aware of the look and feel of any login pages and web sites they are directed to, as bad actors may not get it completely right – so if they …
Bluetooth security flawed but fixed
The Ellume – COVID-19 Home Test (ellumehealth.com) was tested and found to not be very secure. Worse compromised data was passed onto an agency vetting people entering into the USA depending on their COVID-19 status. Of course a Bluetooth-using home COVID test was cracked to fake results • The Register
Police National Computer not compromised
The Home Office is insisting that the Police National Computer was not compromised, via an attack on Dacoll (an MSP). Police National Computer not pwned by Clop ransomware crims • The Register
More on the sharing of compromised passwords with “‘;–have i been pwned?”
I wrote about this yesterday: UK National Crime Agency shares compromised passwords – Smart Thinking Solutions Here are two more stories about The National Crime Agency’s (NCA) donation of passwords in the wild. UK donates 225 million stolen passwords to hack-checking site – BBC News UK National Crime Agency finds …
Continue reading “More on the sharing of compromised passwords with “‘;–have i been pwned?””
US federal government agency compromised with a sophisticated attack
The United States Commission on International Religious Freedom (USCIRF) is understood to have been suffering a advanced persistent threat (APT) compromising the internal networks. US federal agency compromised in suspected APT attack – The Record by Recorded Future This agency has a role in shaping US government policy when it …
Continue reading “US federal government agency compromised with a sophisticated attack”
