Scammers stole millions last Christmas. These six tips could keep you safe online this time around

The National Cyber Security Centre (NCSC) is urging people to be careful when shopping online in the run up to Christmas as cyber criminals step up campaigns to steal money, credit card information and more during the busiest time of year for retailers.

Last year’s Christmas shopping period, from November 2019 to January 2020, saw cyber criminals make off with a total of £13.5 million as a result of online shopping fraud – averaging out at £775 per incident across 17,405 cases reported by the National Fraud Intelligence Bureau.

And with even more people expected to be doing their Christmas shopping online this year because of ongoing coronavirus restrictions, the NCSC, alongside the Home Office, the Cabinet Office and the Department for Digital, Culture, Media and Sport (DCMS), has launched a ‘Cyber Aware’ campaign.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF

Read More

Dominion: What you need to know about the voting company Trump claims “stole” the election

Egged on by Trump-friendly One America News and lawyers Rudolph W. Giuliani and Sidney Powell, the president has accused Dominion of deleting votes for him with a system that is “horrible, inaccurate and anything but secure.” Trump’s advisers also claim Dominion’s software was created at the behest of former Venezuelan president Hugo Chávez to win that country’s elections.

While there’s no evidence for any of those accusations — The Post’s Fact Checker debunks the alleged ties to Venezuela in detail — they’re bringing fresh attention to the way U.S. elections are run and to private companies like Dominion that have long played a starring role in the process. They’ve also deeply unsettled cybersecurity and election administration experts, who worry that valid concerns about election integrity are now being overshadowed by claims that have no basis in reality.

The bottom line is that private companies do play a huge role in

Read More

FBI: Hackers stole source code from US government agencies and private companies

FBI

The Federal Bureau of Investigation has sent out a security alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and private businesses.

Intrusions have taken place since at least April 2020, the FBI said in an alert sent out last month and made public this week on its website.

The alert specifically warns owners of SonarQube, a web-based application that companies integrate into their software build chains to test source code and discover security flaws before rolling out code and applications into production environments.

SonarQube apps are installed on web servers and connected to source code hosting systems like BitBucket, GitHub, or GitLab accounts, or Azure DevOps systems.

But the FBI says that some companies have left these systems unprotected, running on their default configuration (on port 9000) with default admin credentials (admin/admin).

FBI officials say that threat

Read More