Search Results for “BBC News”


May 19, 2020
Jasper Jolly / The Guardian

Jasper Jolly / The Guardian  
EasyJet Says Personal Data on Nine Million Customers Were Accessed in ‘Highly Sophisticated’ Cyberattack, Over Two Thousand Customers’ Credit Card Details Stolen

European budget airlines EasyJet has revealed that the personal information of 9 million customers was accessed in a “highly sophisticated” cyberattack on the airline. The company said that email addresses and travel details were accessed, and it would contact the customers affected. Of the 9 million people affected, 2,208 had credit card details stolen, but no passport details were uncovered. Those customers whose credit card details were taken have been contacted, while everyone else affected will be contacted by 26 May. EasyJet offered no details of the hack but said it had “closed off this unauthorized access” and reported the incident to the National Cyber Security Centre and the Information Commissioner’s Office (ICO), the data regulator.

Related: BBC News, TechCrunch, Associated Press Technology, Financial Times Technology, Bloomberg, CNBC Technology, Information Age, Evening Standard, Graham Cluley, Channel News Asia, France 24, IT Pro, PerthNow, Thomas Brewster – Forbes, RT News, MediaNama: Digital Media in India, POLITICO EU, Computer Business Review, The Sun, BetaNews, Voice of America, The State of Security, The Loadstar, RTE, Sky News, Independent

Tweets:@lukOlejnik @dcuthbert @joetidy @racheltobac @zsk @jc_stubbs

BBC News : EasyJet admits nine million customers hacked
TechCrunch: Europe to Facebook: Pay taxes and respect our values — or we’ll regulate
Associated Press Technology: EasyJet reveals ‘sophisticated’ hack of customer details
Financial Times Technology: EasyJet says hackers accessed travel details of 9m customers
Bloomberg: EasyJet Says Hackers Accessed Data of 9 Million Customers
CNBC Technology: EasyJet hack leaves 9 million customers’ details exposed
Information Age: EasyJet data breached, over 9 million customers affected
Evening Standard: Millions of easyJet customers at risk after hackers access personal details
Graham Cluley: EasyJet hack impacts nine million passengers
Channel News Asia: EasyJet hit by cyber attack, hackers access 9 million customers’ details
France 24: Hackers access details of millions of easyJet passengers in cyber attack
IT Pro: Easyjet hack exposes details of nine million customers | IT PRO
PerthNow: Cyber attackers target easyJet
Thomas Brewster – Forbes: EasyJet Hacked: 9 Million Customers And 2,000 Credit Cards Hit
RT News: Hackers steal personal data of 9 million EasyJet costumers in ‘highly sophisticated’ cyber attack
MediaNama: Digital Media in India: Hackers accessed details of 9 million EasyJet customers, credit card details of 2K+ people
POLITICO EU: Easyjet cyberattack hits 9 million customers
Computer Business Review: EasyJet Hacked: 9 Million Customers Affected
The Sun: EasyJet hit by cyber attack with 9million customers details stolen
BetaNews: easyJet hit by ‘highly sophisticated’ cyberattack: 9 million customers’ details exposed
Voice of America: EasyJet Hit by Cyber Attack, Hackers Access 9 mln Customers’ Details 
The State of Security: Around 9 Million easyJet Customers’ Details Stolen in Hacking Incident
The Loadstar: SN: EasyJet: Nine million customers’ details ‘accessed’ by hackers
RTE: EasyJet hit by ‘highly sophisticated’ cyber attack
Sky News: EasyJet: Nine million customers’ details ‘accessed’ by hackers
Independent: EasyJet hacked: 9M customers’ details stolen

@lukOlejnik: Hacked EasyJet. Stolen data of 9M customers, for >2000 of them this includes credit card numbers. Users to be contacted gradually. Certainly not a good time to be an airline :)
@dcuthbert: My personal details are 99% included in this. So, let's play a game shall we? #easyjet
@joetidy: EasyJet’s stock exchange notice about the cyber attack here. Looks like they’ve taken all the correct steps (notifying ICO/ NCSC) etc but if the hack happened in Jan - why are we only learning of it now? http://otp.investis.com/clients/uk/easyjet1/rns/regulatory-story.aspx?cid=2&newsid=1391756
@racheltobac: Prepare to receive phishing emails, texts or calls pretexting as your bank looking to investigate fraud on your account, airlines attempting to cancel, rebook, or alert you to changes on your account, and much more. Contact back using 2nd form of comms ImpRobot face
@zsk: And now my inbox overfloweth with "comments" from PR people's cybersecurity clients, all of whom are scrambling trying to connect the EasyJet data breach with the Covid19 pandemic.
@jc_stubbs: Scoop >> The cyberattack disclosed by #easyJet earlier today is thought to be the work of a suspected Chinese hacking group that has targeted multiple airlines in recent months, two sources tell @Reuters


April 25, 2020
Russell Brandom / The Verge

Russell Brandom / The Verge  
Apple and Google Reveal Enhanced Privacy Practices for Coronavirus Contact Tracing App, Say It Will Be Disbanded Once Virus is Contained

Apple and Google released a set of FAQs regarding their ambitious joint coronavirus contact tracing app and outlined some of their privacy practices and pledged for the first time to disband their effort after the virus becomes contained. Under a new encryption specification, daily tracing keys will now be randomly generated rather than mathematically derived from a user’s private key and will be called temporary tracing keys. More importantly, the daily tracing key is shared with the central database if a user decides to report their positive diagnosis. The companies also developed a new system for encrypting Bluetooth transmissions such that they cannot be decoded in transit. Finally, the companies will no longer call their effort contact-tracing system but instead refer to it as an “exposure notification” system.

Related: CNET News, Engadget, AppleInsider, UPI.com, CERT-EU , CNBC Technology, Bloomberg Technology, SlashGear, TechCrunch, Android Authority, Reuters, Axios, FOX News, VentureBeat, Tech Insider, iMore, HealthITSecurity, HotHardware.com, Trusted Reviews, MobileSyrup.com, ExtremeTech, Bloomberg Technology, BBC News, PhoneArena, Security News | Tech Times, iPhone Hacks, MacRumors, Slashdot, Vox, TechTarget, The New Stack, Cult of Mac,  Apple-Google (PDF)

Tweets:@markgurman @stshank

CNET News: Apple and Google’s coronavirus tracking tool: How privacy fits in – CNET
Engadget: Google and Apple detail privacy measures ahead of coronavirus tracking tests
AppleInsider: Apple and Google evolve Exposure Notification to boost privacy, enhance encryption
UPI.com: Joint Apple-Google coronavirus tracker gets improved technology
CNBC Technology: Apple and Google are tweaking plans for tech to help officials track coronavirus exposure
Bloomberg Technology: Apple, Google Boost Privacy Protections for Contact-Tracing Tool – Bloomberg
SlashGear: Apple and Google change coronavirus contact tracing after privacy pushback
TechCrunch: Apple and Google update joint coronavirus tracing tech to improve user privacy and developer flexibility
Android Authority: Google and Apple announce new contact tracing name and security measures
Reuters: Apple, Google update coronavirus contact tracing tech ahead of launch
Axios: Apple, Google tweak contact tracing specs as launch nears
FOX News: Apple and Google will shut down coronavirus tracing app when pandemic ends, companies say
VentureBeat: Apple and Google build more privacy and flexibility into Bluetooth contact tracing tech
Tech Insider: Google and Apple are adding some key privacy boosts to their upcoming coronavirus-tracking tool, and say they’ll shut it down once the pandemic is over (APPL, GOOG, GOOGL)
iMore: Apple and Google will disable COVID-19 tracing when pandemic ends
HealthITSecurity: ACLU, Scientists Urge Privacy Focus for COVID-19 Tracing Technology
HotHardware.com: Apple And Google Clarify COVID-19 Contact Tracing Pact Following Privacy Uproar
Trusted Reviews: Can privacy survive coronavirus? Apple and Google detail contract tracing plans
MobileSyrup.com: Apple, Google update exposure notification APIs with new protections and capabilities
ExtremeTech: Apple, Google Announce Privacy Changes to Coronavirus Tracing
Bloomberg Technology: Apple, Google Boost Privacy Protections for Contact-Tracing Tool – Bloomberg
BBC News: Apple and Google accelerate coronavirus contact tracing apps plan
PhoneArena: Apple and Google make changes to their contact tracing solution to address privacy concerns
Security News | Tech Times: Apple, Google to Terminate COVID-19 Tracking Tools When Pandemic Ends, But Here’s The Catch
iPhone Hacks: Apple, Google Introduce Privacy and Accuracy Related Changes to Upcoming COVID-19 Exposure Notification App
MacRumors: Apple and Google Strengthen Privacy of COVID-19 Exposure Notification System, Targeting Next Week for Beta Release
Slashdot: Apple and Google Pledge To Shut Down Coronavirus Tracker When Pandemic Ends
Vox: Could contact tracing bring the US out of lockdown?
TechTarget: NHSX reveals full details of UK Covid-19 contact-tracing strategy
The New Stack: Safe Paths: MIT Coronavirus Contact-Tracing App Protects User Privacy
Cult of Mac: Apple and Google enhance protection for contact-tracing tool; target beta for next week
Vox: Apple and Google’s new contact tracing tool is almost ready. Just don’t call it a contact tracing tool.
Apple-Google: Exposure Notification Frequently Asked Questions (PDF)

@markgurman: Apple and Google are upping the privacy protections of its Covid-19 Contact Tracing tool (now called Exposure Notification) — adding more randomly generated keys, Bluetooth metadata encryption, exposure recording limit of 30 minutes. It’s also launching in beta next week.
@stshank: Apple and Google have updated their coronavirus contact tracing technology to try to address privacy concerns (and to make it easier for health authorities to write apps): https://cnet.com/news/google-apple-adjust-coronavirus-tracking-app-to-get-ahead-of-privacy-concerns/ from @iansherr


April 13, 2020
Rowena Mason / The Guardian

Rowena Mason / The Guardian   
UK Health Ministry Will Soon Launch Its Own Coronavirus Contact Tracing App as Concerns Swirl Over Privacy and Security of Such Apps

As security and privacy concerns swirl around the introduction of coronavirus contact tracing apps, the UK public will soon be able to find out if they may have been in the vicinity of people unwell with coronavirus via a new contact-tracing app. The NHS app, developed by NHSX, the health service’s digital transformation arm, would allow people to report their symptoms. Then the app would anonymously alert other app users that had been in contact with that person in recent days. About 60% of the population would have to sign up for the app for it to be effective.  Despite fears over the privacy of the app’s data, UK health minister Matt Hancock said the data will be handled according to the highest ethical and security standards, and would only be used for NHS care and research.

Related: IT World, Techradar, The Loop, eTeknix, CNBC, Cyware News, Telecomlive.com, Inverse, Android Authority, CNET, 9to5Mac, DIGITIMES: IT news from Asia, MacRumors, Android Central, TechNadu, Fortune, MacDailyNews, Schneier on Security, Computerworld Security, O’Grady’s PowerPage, MacRumors, Cult of Mac, Forbes, Politico, BBC News

Tweets:@fs0c131y @jatorre @schneierblog @EHRC

IT World : Cyber Security Today – COVID-19 hiring and sob story scams, Apple and Google partner on contact tracing, cops make arrests and more
Techradar: The UK government is working on a Covid-19 tracking app with Apple and Google
The Loop: UK nods to Apple/Google coronavirus API with contact tracing app plans
eTeknix: UK Confirms Plans For Coronavirus Tracing App
CNBC: Apps collecting data to help stop the virus spread must limit sharing of information, cybersecurity expert says
Telecomlive.com: Apple, Google join hands to help fight coronavirus
Inverse: Covid-19: how Apple and Google’s system could help end lockdowns
Android Authority: Google-Apple partnership may be tech-limited, and more tech news today
CNET: Tech isn’t solution to COVID-19, says Singapore director of contact tracing app
9to5Mac: Here’s how Apple and Google’s COVID-19 contact tracing API could be implemented to help reopen society
DIGITIMES: IT news from Asia: Apple and Google partner on coronavirus contact tracing technology
MacRumors: UK to Use Apple-Google API in NHS Contact Tracing App
Android Central : The UK’s NHS will add Apple and Google’s coronavirus tracing API to its app
iMore: The UK’s NHS will add Apple and Google’s coronavirus tracing API to its app
TechNadu: UK Will Be the First to Use the Google and Apple Coronavirus Tracing App
Fortune: The problem with Google and Apple’s plan to trace coronavirus via your phone
MacDailyNews: What’s wrong with the Apple-Google COVID-19 contact tracing scheme
Schneier on Security: Contact Tracing COVID-19 Infections via Smartphone Apps
Computerworld Security: Everything we know about the Google/Apple COVID-19 contact tracing tech
O’Grady’s PowerPage: Apple to partner with Google on Coronavirus contact tracing project
MacRumors: UK to Use Apple-Google API in NHS Contact Tracing App
Cult of Mac: UK’s National Health Service to use Apple-Google API in contact tracing app
Forbes: COVID-19: U.K. Government Unveils NHS Contact-Tracing Phone App As Next Step In Fighting Disease
Politico: The security issues with the Apple/Google virus tracking project
BBC News: Coronavirus: UK confirms plan for its own contact tracing app

@fs0c131y: 14/ The Apple / Google API has an other disadvantage. If a government want to publish a functional contact tracing app he is force to use this API. As a politician, when you spend your time talking about the digital sovereignty, about how bad are the GAFA, it's an issue.
@jatorre: I am getting scared of all these cryptographers now saving the world with contact tracing without privacy issues... This is going to delay solutions a lot by adding noise to decision makers. This blog post summarizes it great https://lightbluetouchpaper.org/2020/04/12/contact-tracing-in-the-real-world/
@schneierblog: Contact Tracing COVID-19 Infections via Smartphone Apps
@EHRC: “We support the use of technology to save lives during the pandemic. At the same time it must have the appropriate safeguards in place to protect people’s privacy and data.” We are ready to advise the NHS on its new Covid-19 contact tracing app. More: http://socsi.in/VrLA2


April 27, 2020
Tom Spring / Threatpost

Tom Spring / Threatpost  
Microsoft Fixed a Teams Vulnerability That Allowed a Weaponized Image to Steal Data From Targeted Systems

Microsoft has fixed a subdomain takeover vulnerability in its collaboration platform Microsoft Teams that could have allowed an inside attacker to weaponized a single GIF image and use it to steal data from targeted systems and take over all of an organization’s Teams accounts. The vulnerability was exploitable by a malicious GIF image for it to work, researchers at CyberArk reported. The CyberArk team also created a proof-of-concept (PoC) of the attack. Microsoft addressed the threat on March 23, updating misconfigured DNS records.

Related: BetaNews, Thomas Brewster – Forbes, Security Affairs, The Hacker News, The Register – SecurityTechradar, TechNadu, ZDNet Security, SecurityWeek, BBC News, ARN, Bleeping Computer, Cyberark


April 17, 2020
Paul Kunert / The Register

Paul Kunert / The Register  
Google Says It Blocks 18 Million Daily Malware and Phishing Emails Related to COVID-19

Google said that over the past week, it had blocked 18 million daily malware and phishing emails related to COVID-19 on top of more than 240 million COVID-related daily spam messages. The phishing attacks and spam the email giant has thwarted use both fear and financial incentives to create urgency to try to prompt users to respond. Among the kinds of email seen by Google are those that pose as authoritative government organizations like the World Health Organization (WHO) to solicit fraudulent donations or distribute malware, or emails that seek to exploit stay-at-home worries or those pretending to be related to economic stimulus funding requests.

Related: BBC News – Home, ZDNet, Infosecurity Magazine, Tech Insider, BusinessLine – Home, Security News | Tech Times, Bleeping Computer, The Next Web, Google Cloud

Tweets:@j_opdenakker


June 9, 2020
Ionut Ilascu / Bleeping Computer

Ionut Ilascu / Bleeping Computer  
Honda Under Likely SNAKE (EKANS) Ransomware Attack in Europe and Japan

Car manufacturing giant Honda’s computer networks in Europe and Japan have been affected by issues that are reportedly related to a SNAKE Ransomware cyber-attack. Although the company is tight-lipped about the attack, a security researcher named Milkream has found a sample of the SNAKE (EKANS) ransomware submitted to VirusTotal today that checks for the internal Honda network name of “mds.honda.com.”

Related: The Detroit Bureau, BizJournals, Reddit – cybersecurity, Sky News, Gizmodo Australia, TechNadu, ITProPortal, CyberSecurity Help s.r.o., Infosecurity Magazine, BBC News – Home, Cybersecurity Insiders, AndroidRookies, Reuters, Security – Computing, DataBreaches.net, MSSP Alert, Cyberscoop, ZDNet Security, Associated Press Technology, The Hill, Dark Reading: Vulnerabilities / Threats, The Register, TechTarget, City A.M. – Technology, ComputerWeekly: IT security, TechNadu, CISO MAG, AndroidRookies,Techerati, TechTarget, Sensors Tech Forum, Verdict, TechCrunch, Slashdot, CNET, Neowin, Engadget, Financial Times

The Detroit Bureau: Honda Halts Some Production, Struggles to Deal with Reported Ransomware Attack – Paul Eisenstein
BizJournals : Reports: Honda operations disrupted after suspected cyber attack – Dayton Business Journal
Reddit – cybersecurity: Japanese car giant Honda probes suspected cyber attack
Sky News: Japanese car giant Honda probes suspected cyber attack
Gizmodo Australia: Honda Seems To Be The Victim Of A Ransomware Attack
TechNadu: Honda Has Fallen Victim to a Ransomware Attack and Disrupted Production
ITProPortal: Honda targeted in possible ransomware attack
CyberSecurity Help s.r.o.: Japanese carmaker Honda investigates suspected cyber attack
Infosecurity Magazine: Honda Tackling Suspected Ransomware Infection
BBC News – Home: Honda’s global operations hit by cyber-attack
Cybersecurity Insiders: Suspected Ekans Ransomware attack on Honda
AndroidRookies: Honda’s entire business operation down after being hit Ekans ransomware attack
Reuters: Honda hit by cyber attack, some production disrupted
Security – Computing: Honda suffers suspected ransomware attack
DataBreaches.net: Honda probes suspected cyberattack after factories hit by network glitch
MSSP Alert: Ransomware Attacks Honda Motor; Some Manufacturing Halted
Cyberscoop: Computer network ‘disruption’ forces Honda to cancel some production
ZDNet Security: Honda confirms its network has been hit by cyber attack
Associated Press Technology: Japanese carmaker Honda hit by cyber attack
The Hill: Honda operations temporarily disrupted by cyberattack: reports
SC Magazine: Twice entangled: Fake ransomware decryptor encrypts victims’ files again; Honda victim of ransomware – SC Magazine UK
MSSP Alert: Ransomware Attacks Honda Motor; Some Manufacturing Halted
Dark Reading: Vulnerabilities / Threats: Honda Pauses Production Due to Cyberattack
The Register: Hospital-busting hacker crew may be behind ransomware attack that made Honda halt car factories, say researchers
TechTarget: Cyber security needs more women role models, says report
City A.M. – Technology: Honda forced to suspend factory activity in wake of cyber attack
ComputerWeekly: IT security: Honda investigates suspected Snake ransomware attack
TechNadu: Honda Has Fallen Victim to a Ransomware Attack and Disrupted Production
CISO MAG: Is There a “SNAKE” Under Honda’s Hood?
AndroidRookies: Honda’s entire business operation down after being hit Ekans ransomware attack
Techerati: Honda rocked by cyber attack
TechTarget: Cyber security needs more women role models, says report
Sensors Tech Forum: Snake Ransomware Shut Down Honda Facilities
Verdict: Cyberattack halts Honda production, ransomware suspected
TechCrunch: Honda global operations halted by ransomware attack
Slashdot: Honda Global Operations Halted by Ransomware Attack
CNET: Honda hit with cyberattack, US production paused at some plants
Neowin: Cyber attack forces Honda to stop production at some plants
Engadget: Cyberattack forces Honda to suspend global production for a day
Financial Times: : Carmaker Honda targeted in cyber attack


June 28, 2020
Kartikay Mehrotra / Bloomberg

Kartikay Mehrotra / Bloomberg  
University of California, San Francisco Paid Netwalker Ransomware Attackers $1.14 Million

The University of California, San Francisco (UCSF), paid ransomware hackers $1.14 million this month to resolve an attack inside the school of medicine that was detected on June 1. The attackers were using malware known as Netwalker. Although the university is among one of the leading institutions researching coronavirus-related antibody testing, the attack didn’t impede its COVID-19 work.

April 27, 2020
Douglas Busvine, Andreas Rinke / Reuters

Douglas Busvine, Andreas Rinke / Reuters  
Germany Flips From Homegrown Approach to Apple-Google Decentralized Option for Coronavirus Contact Tracing

Germany changed course on Sunday over which type of smartphone technology it wanted to use to trace coronavirus infections, backing a “decentralized approach” to coronavirus contact tracing supported by Apple and Google as opposed to a homegrown approach that would have given health authorities control over the contact tracing. Under the decentralized approach, users could opt to share their phone number or details of their symptoms, a privacy preserving option that makes it easier for health authorities to get in touch and give advice on the best course of action in the event they are found to be at risk.

Related: ZDNet Security, MacRumors, TechCrunch, BBC News – Home, IT Pro, MacDailyNews, DataBreachToday.com, The Loop, The Register – Security, GeekWire, Silicon Republic, NS Tech, Financial Times, Telecomlive.com, BGR

Tweets:@FredBenenson


June 30, 2020
Lawrence Abrams / Bleeping Computer

Lawrence Abrams / Bleeping Computer  
Hacking Campaign Brute Forces Accounts in Gaming Platform Roblox to Seemingly Promote Trump’s Campaign, At Least 1,000 Accounts Affected

A hacking campaign is targeting online gaming platform Roblox accounts to support Donald Trump in the upcoming U.S. Presidential elections in November. The campaign, started last week, involves an attacker hacking into Roblox accounts by brute-forcing weak passwords. Targeted at children, once the hacker gains access to the account, they modify the About section of the profile to read, “Ask your parents to vote for Trump this year! #MAGA2020.” The hacker will purchase two free clothing skins and add them to the hacked account’s avatar to represent what the hacker perceives as a President Trump supporter. At least 1,000 accounts now appear hacked.

June 5, 2020
Thomas Brewster / Forbes

Thomas Brewster / Forbes  
DDoS Attacks on Anti-Racism Websites Soared by 1,120 Times After Death of George Floyd

After the death of George Floyd and the subsequent protests across the U.S., DDoS attacks on anti-racism and advocacy groups spiked by 1,120 times, according to Cloudflare. It’s unclear who is behind the attacks, but they included attempts to neuter anti-racist organizations’ freedom of speech. Between April 25 and 26 to the weekend of May 30 and 31, advocacy groups went from having almost no attacks at all to attacks peaking at 20 thousand requests per second on a single site.