Silensec Newsletter

Category: News

Top News

3.1 million customer records possibly stolen in Toyota hack

Personal information of some 3.1 million Toyota customers may have been leaked outside the company, the Toyota Motor Corporation (TMC) announced on Friday.

The announcement comes a few weeks after Toyota Australia said they have been "the victim of an attempted cyber attack".


Russia blocks encrypted mail service provider ProtonMail

Russian federal authorities have directed internet service providers across the country to block access to ProtonMail, an encrypted email service provider.

The block order came directly from the Russian Federal Security Service, formerly KGB, and was enforced following accusations that ProtonMail, and a group of other email service providers, facilitated the sending of bomb threats.


Major Hacks of the Week

Hackers in Ukraine are attacking Government websites

On the eve of Ukraine's presidential elections, phishing attacks were activated on Government Internet resources.

According to the Head of the Computer Forensics Laboratory, the intensity of cyber attacks has increased over the years. It is a permanent process and is not necessarily associated with the elections.

However, at the moment, the sites of the Central Election Commission, the Presidential Administration, the Cabinet of Ministers and infrastructure departments may be under attack.


Toyota Customer Information Exposed in Data Breach

Toyota Motor Corp. dealerships in Japan were hit with a cyberattack earlier this month in which information on 3 million of the carmakers' customers was stolen.

The hack hit Toyota Sales Holdings Inc., a subsidiary of Toyota Motor in Japan, and its affiliates. This marks the second attack reported by Toyota in two months - Toyota Australia reported a breach on Feb. 21 that it said didn't impact user or customer data.


Major Vulnerabilities Disclosed

Zero-day Stored XSS vulnerability allowed attackers to compromise 70,000 websites

"Social Warfare", allows cybercriminals to place malicious scripts and conquer the assailable WordPress websites. It's essentially used to accumulate more website traffic by receiving more social shares for website developers.

It was distributed across the globe to gain control of the unprotected websites, users are advised by the experts to get an update to version 3.5.3.


New Gustuff Android malware targets cryptocurrency & messaging apps

Security researchers discovered a new breed of Trojan horse malware called Gustuff, which specifically targets Android phones to steal banking credentials and digital assets of users. The malware targets customers of cryptocurrency exchanges and mainstream international banks.

According to their analysis, the malware is equipped with a unique, automated function that can distribute mass infections to earn maximum profit for the attackers.


Legal, Regulatory and Corporate
Security and Beyond

Brit founder of Windows leaks website BuildFeed, infosec bod spared jail over Microsoft hack

The Brit who ran the BuildFeed website of Windows leaks has been handed a suspended prison sentence – along with a former Malwarebytes bod who hacked into Microsoft's internal OS development networks.

Thomas Hounsell, 26, of Station Road, Sleaford, Lincolnshire, and former Malwarebytes researcher Zammis Clark, 24, of Agar Crescent, Bracknell, Berkshire, were convicted of computer misuse offences yesterday.


Georgia Man Admits to Hacking Accounts of Athletes and Musicians

A Georgia man admitted to hacking into the Apple accounts of high-profile professional athletes and musicians and to stealing the credit card information of some of them.

The man, Kwamaine Jerell Ford, 27, of Dacula, tricked victims into revealing their Apple account passwords and accessed the accounts to steal sensitive data. He also stole credit card numbers of several victims and spent thousands of dollars on personal expenses charged to the athletes'Â accounts.

According to information presented in court, Ford leveraged a phishing scheme to obtain Apple account credentials.


Security Awareness Tip

Think inside the box to bridge the #cybersecurity skills gap.

While the cybersecurity skills gap isn’t new, organizations are still struggling to recruit and retain qualified security professionals.

How can cybersecurity leaders start gaining ground on the growing challenge before the industry reaches its tipping point?

Check out these 3 Inside-the-Box strategies that can be used to close the Cybersecurity Skills Gap:Â

  1. Create a Mentor Program
  2. Join a Professional Organization
  3. Share Best Practices in a User Community


Silensec Editorial Team

Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor

Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.

Digital Editor: Salome Omondi (B.Com)
Salome Omondi leads the Silensec Marketing Department. She holds a Bachelors of Commerce and Management from Strathmore University. Miss Omondi publishes the weekly Silensec Newsletter, keeping you up to date with the latest infosec news as well as improving information security awareness.

Please feel free to share this with interested parties via email, and social media. For a free subscription, please subscribe to our Mailing list and feed-image Feed .

For any questions please click on the following contact us link

Silensec HQ (Cyprus)

Silensec Africa

Silensec UK


Silensec Corp. (USA)

  • Address: 251 Little Falls Drive, Wilmington, New Castle County, DE 19808, USA
  • Email:
  • Tel.: 1-800-959-0163 (toll-free)
  • Web: 

News Feed