Latest News

12 months ago
BBC News

TalkTalk Hackers Jailed for a Combined 20 Months for Massive 2015 Data Breach

UK hackers Matthew Hanley and Connor Allsopp admitted their roles in the massive 2015 data breach of telco TalkTalk, which affected 1.6 million accounts, and have now been jailed for a combined 20 months, with Hanley slated to serve for 12 months and Allsopp for eight months. In addition to exposing personal details on millions of customers, the TalkTalk hack cost the company  £77 million, or nearly $100 million, and the two hackers subjected then-CEO Dido Harding to blackmail efforts.

12 months ago
Natasha Lomas / TechCrunch

Vision Direct Reveals Credit Card Data-Skimming Breach, Fake Google Analytics Script Running on Site

European online contact lens supplier Vision Direct said it had been hit with a data breach that compromised full credit card information and other personal data. The breach occurred between 12.11am GMT November 3, 2018, and 12.52pm GMT November 8, with any logged in users who were ordering or updating their information on in that time window potentially being affected. The personal data stolen during this window includes full name, billing address, email address, password, and telephone number. The data appears to have been compromised via a Javascript keylogger running on the Vision Direct website and according to security researcher Troy Mursch was due to a fake Google Analytics script had been running on Vision Direct’s UK website. Security researcher Willem de Groot said the malware used in this attack was the Magecart card-skimming malware used in a string of recent major attacks on British Airways and other sites.

12 months ago
Press Association / The Guardian

UK Parliament Blasts Government for ‘Absence of Political Leadership’ on Cyberthreats, Calls for Appointment of Cabinet-Level Cybersecurity Minister

UK ministers are failing to act with “a meaningful sense of purpose or urgency” when it comes to cyberthreats to the UK critical national infrastructure according to a report issued by parliament’s Joint Committee on the National Security Strategy. The report calls for Prime minister Theresa May to appoint a cybersecurity minister in the cabinet to take charge of the efforts to build national cybersecurity resilience. The report states that the cyberthreat to the UK’s critical national infrastructure “is as credible, potentially devastating and immediate as any other threat faced by the UK” and blasts the government for the “absence of political leadership at the centre of Government in responding to this top-tier national security threat.”

12 months ago
Mike Allen, Ina Fried / Axios

Apple CEO Says It’s ‘Inevitable’ There Will Be ‘Some Level of Regulation’ When It Comes to Internet Privacy

Apple CEO Tim Cook said in an interview with Axios on  HBO that some regulation of the data-oriented Internet industries is inevitable. “I’m a big believer in the free market. But we have to admit when the free market is not working. And it hasn’t worked here. I think it’s inevitable that there will be some level of regulation,” Cook said.


12 months ago
The Cyberlaw Podcast

If Paris Calls, Should We Hang Up?

Matthew Heiman, Megan Reiss, Maury Shenk, and Stewart Baker discuss the week’s news including a letter Russia sent in the DNC’s hacking case against Putin’s intelligence agents, apparent criminal charges against Julian Assange, the Paris Call for Trust and Security in Cyberspace and more. Mieke Eoyang joins the podcast, the interview about Third Way’s “To Catch a Hacker” report.

12 months ago
CYBER / Motherboard

America’s Voting Machines Are Vulnerable to Election Hacking

When you say “election hacking” it means something different than the Kremlin’s disinformation campaigns. On this episode of CYBER, Motherboard contributor Kim Zetter, who just wrote a piece for New York Times Magazine called “The Crisis of Election Security,” talks about election hacking. Kim says the real vulnerability in our system is something of our own making: the outdated voting machines we use to carry out our key civic duties.

12 months ago
ISC StormCast

PCAP Analysis Tool; Lookyloo; Spoofing From in GMAIL

Johannes Ullrich talks about Multipurpose PCAP Analysis Tool, Quickly Investigating Websites with Lookyloo, From Field Spoofing in GMail.

12 months ago
The Shared Security Podcast

USPS Informed Delivery Vulnerabilities, Holiday Credit Card Fraud, Huge SMS Database Leak – WB43

News wrap-up includes recent warning from the US Secret Service which was sent to law enforcement across the country earlier this month about the US Postal Service’s “Informed Delivery” feature, a report from Gemini Advisory showed that credit card fraud is still increasing in the US despite the use of new EMV chip-enabled cards and a report from ACI Worldwide shows that there will be a 14% increase in fraud attempts this holiday season.

12 months ago
Paul’s Security Weekly #583

Spectre, ATMs, and Japan’s Minister

7 new Spectre/Meltdown attacks, Hacking ATM’s for free cash is easier than Windows XP, AI can now fake fingerprints fooling ID scanners, and Japan’s cybersecurity minister admits he’s never used a computer.

Cybersecurity Events

Nov. 4-9SANS Paris November 2019ParisFrance
Nov. 7-9POC2019SeoulKorea
Nov. 9BSides CharlestonCharleston, SCUSA
Nov. 11-16SANS London November 2019LondonUK
Nov. 15-17SecureWV 2019 Hack3rCon XCharleston, WVUSA
Nov. 16-28SANS Gulf Region 2019DubaiUAE
Nov. 17-20FS-ISAC Fall SummitWashington, DCUSA
Nov. 18SANS AustinAustin, TXUSA
Nov. 18Securing Mobility SummitLos Angeles, CAUSA
Nov. 18-25Pen Test HackFest Summit & TrainingBethesda, MDUSA
Nov. 18-20NICE ConferencePhoenix, AZUSA
Nov. 18-23SANS Munich November 2019MunichGermany
Nov. 20-21Infosecurity North America and ISACANew York, NYUSA
Nov. 20-21ISC EastNew York, NYUSA
Nov. 21CyberwarconArlington, VAUSA

Listen to Metacurity on Alexa

Metacurity now has over 500 monthly listeners, and thousands of plays for our ongoing summaries on Amazon Alexa.

Sign up on Alexa today and just ask “Alexa, what’s the latest in cybersecurity news!

Support Us!

If you enjoy Metacurity, let us know by becoming a patron. For less than the price of a cup of coffee per day, you can ensure that we continue to deliver you the best of information security news from across the web. We need help in support our growing hosting charges and have great plans for delivering even more dynamic and useful information.Become a Patron!