Author: Josh Breaker-rolfe

Academics from the University of Oxford and Armasuisse S+T have identified a novel attack technique targeting the widely-used Combined Charging System (CCS). They say the method could potentially disrupt the ability to charge electric vehicles at scale.

The “Brokenwire” attack method meddles with the control communications between the vehicle and charger, wirelessly aborting charging from as far as 47m away.

Researchers explained: “While it may only be an inconvenience for individuals, interrupting the charging process of critical vehicles, such as electric ambulances, can have life-threatening consequences.”

The post New attack method could disrupt electric vehicle charging appeared first on IT Security Guru.

Iberdrola, a Spanish energy provider, has suffered a data breach affecting over one million customers, local reports suggest.

The company is headquartered in Bilbao and is the parent company of Scottish Power. They have reported that the attack took place on March 15 this year.

The breach reportedly resulted in the theft of customer ID numbers, phone numbers and home and email addresses. Fortunately, it does not seem as if financial information was stolen.

Iberdola has warned customers to watch out for phishing attempts in the wake of the breach.

The company has claimed that the attack was remediated in a day, with further attempts failing.

 

The post Spanish energy giant hit by data breach appeared first on IT Security Guru.

Trezor, who manufacture hardware devices designed to store digital currency, has warned its customers not to reply to official-looking emails after identifying a convincing phishing campaign.

Several customers complained to Trezor’s twitter account over the weekend to complain about a scam email claiming that a data breach had hit over 100,000 customers.

The email reportedly told customers that a “malicious actor” had successfully compromised Trezor Suite servers and accessed their wallets.

In the email, scammers urged customers to download the latest version of the application to “protect” their crypto assets. This download would then enable threat actors to steal the user’s recovery code used to recover wallets in the event that a device is lost or stolen.

 

 

The post Trezor customers phished following MailChimp breach appeared first on IT Security Guru.

New research from Imperva has revealed that 70% of EMEA organisations have no insider risk strategy, despite 59% of data security incidents being caused by employees.

The shocking revelation comes as part of a wider study carried out by Forrester: Insider Threats Drive Data Protection Improvements. The study involved interviewing 150 security and IT professionals in EMEA.

An insider threat is defined by Imperva as originating from “inappropriate use of legitimate authorised user accounts” by either their rightful owner or a threat actor who has managed to compromise them.

The study found that insider threats were responsible for 59% of incidents impacting sensitive data in the past 12 months. This supports a previous Imperva analysis of the most significant breaches of the past five years, revealing that 24% were caused by either human error or compromised credentials.

 

The post Majority of data security incidents caused by insiders appeared first on IT Security Guru.

Jeremy Fleming, the head of GCHQ, has praised the new government counter-disinformation cell focused on Kremlin propaganda.

Fleming spoke at the Australian National University in Canberra yesterday, arguing that President Putin had massively miscalculated his invasion Ukraine. He revealed that Russian soldiers are “refusing to carry out orders, sabotaging their own equipment and even accidentally shooting down their own aircraft.”

Fleming has also argued that Ukraine’s social-savvy President Zelensky has inspired information campaigns worldwide with his messages of hope and resistance.

“In the UK, it’s focused in a new Government Information Cell which identifies and counters Kremlin disinformation targeted at UK and international audiences. It brings together expertise from across government to challenge false narratives. It deals in facts, not falsehoods; making sure that the truth is told well,” he explained.

The GCHQ head has also dismissed suggestions that Russia plans to carry out a massive, destructive cyber-campaign in Ukraine. While several variants of disk-wiping malware have been identified, there is no evidence of a knock out blow being delivered.

The post UK spy chief praises fake news counter cell appeared first on IT Security Guru.

Hackers breached the IT systems of  Illuminate Education in January, gaining access to the personal data of around 820,000 current and former New York City public school students.

Illuminate Education is a taxpayer funded software based in California. It is best known for creating the widely-used IO classroom,Skedula and PupilPath platforms, current used by New York City’s Department of Education to log attendance and grades.

The Department announced the hack on Friday, revealing that information dating back to the 2016-17 school year was exposed.

Compromised data included students’ names, birthdates, ethnicities, home languages and student ID numbers.

It has also been revealed that attackers exfiltrated class and teacher schedules, alongside data regarding which student received free lunches or special education services.

Doug Levin, The national director of K12 Security Information Exchange, a group that has tracked cyber-attacks targeting schools and education platforms since 2016,  said: “I can’t think of another school district that has had a student data breach of that magnitude stemming from one incident.”

The post 820,000 NYC students have their personal data exposed appeared first on IT Security Guru.

A new critical remote code execution bug, dubbed “SpringShell” by some in the community, has been identified by security researchers.

The vulnerability impacts the spring-core artifact, a popular framework used extensively in Java applications, specifically with JKD9 or newer.

Sonatype explained, “the vulnerability affects anyone using spring-core, a core part of the Spring Framework, to perform logging, and anyone using software built on Spring, which is a large population of enterprise Java software.”

“It stems from a previously exploited issue (CVE-2010-1622) in Spring that was patched in the past, but became vulnerable again when used with JDK9,” it continued.

 

The post Unpatched SpringShell bug threatens web app security appeared first on IT Security Guru.

Researchers at Lacework have revealed that the Log4Shell vulnerability was exploited as an initial attack vector in 31% of cases monitored by the company over the past six months.

The software vendor’s latest Lacework Cloud Threat Report highlights typical risks in today’s digital landscape. The findings confirm what security experts suspected, that the Log4j bug was used extensively by threat actors since its emergence in December last year.

“Over time, we watched scanning activity evolve into more frequent attacks, including some that deployed crypto-miners and Distributed Denial of Service (DDoS) bots to affected systems,” Lacework explained.

The post A third of malware infections use Log4Shell appeared first on IT Security Guru.

The National Cyber Security Centre (NCSC) of the UK has urged organisations to reconsider the risks associated with “Russian-controlled” parts of their supply chains.

Ian Levy, technical director of the NCSC argued that “Russian law already contains legal obligations on companies to assist the Russian Federal Security Service (FSB), and the pressure to do so may increase in a time of war. We also have hacktivists on each side, further complicating matters, so the overall risk has materially changed.”

Levy has suggested that while there is currently nothing to suggest that the Russian state intends to force commercial providers to sabotage UK interests, that doesn’t mean it will not happen in the future.

The post NCSC suggests rethinking Russian supply chain risks appeared first on IT Security Guru.

Sky Mavis’ Ronin Network, which supports its Axie Infinity game, has suffered the largest cryptocurrency theft in history.

The organisation announced yesterday that the Ronin network had been hacked to the tune of 173,000 Ethereum, or roughly $594 million, and $25 million in US dollars.

Comparitech has ranked the incident as the largest crypto-heist of all time.

The post Ronin blockchain hit with $620 million crypto heist appeared first on IT Security Guru.