As a result of a hacker attack, the production line and synchronization of Garmin watches and bans were stopped.
Device owners are not able to see their workouts and other device parameters. Garmin Connect is down now for several hours, as a result of which users of smart devices cannot send their data for synchronization.

According to the information provided on the company’s social media, the website and Garmin Connect app are down, call centers are also not working, it is also impossible to contact the company’s employees via email or chat.

According to the Taiwanese ITHome website, the WastedLocker ransomware is the culprit here, which was installed by hackers from Evil Corp group on Garmin’s servers. Garmi

SMS scam is already quite common, we have written more than once about it - how fraudsters impersonate courier companies or mobile providers. This time, in addition to wiping money from the account, the fraudsters also took out a loan of 16,000 PLN on behalf of the victim, and malware was probably included in the SMS.

According to the portal legalniewsieci, the victim received an SMS from a “courier” regarding a surcharge for the parcel due to an overweight. The victim then clicked on the link provided in the message, from which it was redirected to a fraudulent PayU website, where an error appeared after selecting the ING Bank Śląski bank and entering the login details. The operation was interrupted and the victim received a text message from the

Despite the fact that since the introduction of PlayProtect in the Google Play Store the amount of malware has significantly decreased, experts from PREBYTES Security Incident Response Team have detected dangerous Cerberus malware in one of the applications.

It was the Best Cleaner app that required permissions to access photos, multimedia, make calls or access files on the phone during installation. If the consent was not given, the application could not be used.

Clicking the “Start Cleanup” button in the application initiated the attack. The application required the installation of an additional plug-in, for this purpose, the option to allow installation of apps from unknown sources had to be enabled in the device setti

You can find advertising “Biedronka: Take everything you want in 10 minutes” on Biedronka Polska profile. Both the profile and the post have nothing to do with the Biedronka store chain.

According to Dobre Programy, many people have been deceived by the advertising slogan above.
Post includes a link, where the victim is asked to complete a Google survey, which allegedly represents the first stage of the competition. Following the first stage the qualification for next stage is supposed to take place.

In the second stage, the victim learns that, in fact, it is no longer a contest for “Take everything you want in 10 minutes” but instead a 500 PLN voucher. In order to participate in the competition, you must pro

Cybercriminals are trying to extort money by impersonating Allegro, the victim may also lose login credentials for the portal.

According to the Zaufana Trzecia Strona, the victim receives a message informing that the account needs to be verified and for this purpose the account should be activated using the online payment in the amount of PLN 1.01. In addition, the recipient of the message is assured that the entire amount will be returned to the account within 3 business days, once the registration data has been verified. According to the Zaufana Trzecia Strona, the sender is admin@allegro4.pl, and the amount of  PLN 1.01 is based on the amount used in the actual Allegro account activation process.

The activation li

Allegro portal was once again used by cybercriminals, this time scammers send messages posing for those sent out by Allegro.
Potential victims are owners of Android phones that receive text messages that redirect to allegroapki.net. The goal is to trigger a download of Cerberus family malware application.

According to CERT, after installing the malware, cybercriminals have access to contacts, text messages and saved payment data stored on the phone.

Cybercriminals have launched a new phishing campaign that uses Facebook’s brand. Fraudsters mislead Facebook users by tricking them into opening an alleged updated privacy policy.

The potential victims are intimidated by a warning that unless they accept updated policy, their account will be suspended and then irrevocably deleted.

According to CERT Poland, the goal of the fake emails is to download Anubis malware to android. After installation, cybercriminals have full access to contacts, text messages, saved payment details and make phone calls on the infected device.

Beware of fake phone bills, cybercriminals are impersonating Play’s mobile network, once again.
Fraudsters send “invoices” with a phone bill, the message includes an Excel file, that once activated, installs Zloader malware on the device.

According to CERT Poland, Zloader will then attempt to install the Zeus banking Trojan on the device. Trojan can steal credentials used for your online banking.

The content of the message should raise suspicion in the person that receives it, due to the fact that it does not contain Polish characters, as well as the fact that customers of Play network can find their invoices in the client’s panel on the website or in the application.

Scammers are attempting to trick people into installing malicious application by impersonating InPost. If you receive an SMS in which 0 appears instead of “o” in the InPost name, beware of fraud.

Fraudulent SMS are signed as “INP0ST” and suggest that we will not receive a package collection code without downloading a new application.

According to Niebezpiecznik, after activating the link we are transferred to the page where users are prompted to download the application in order to receive a package collection code. We receive information that after downloading the app, we will automatically receive a text message on the device. In fact, we’re being tricked into downloading malicious .apk file.

<

Decathlon sport goods store reported a leak of data related to customer orders.
Cybercriminals have managed to generate a report on store’s activities in the February 23rd - April 24th period, as a result of which they were able to intercept customer’s phone numbers along with order numbers and pickup codes.

According to the portal Niebiezpiecznik, Decathlon sent an email to victims with apologies and extensive information about the leak.

According to Decathlon, the report did not include the client’s name, surname or address. The entire incident was reported to the President of the Office for Personal Data Protection. However, the store itself plans to implement additional security measures in their IT system.

Facebook announces the start of identity verification of popular profiles, and those whose owners cannot be verified will be blocked.

According to Cyberdefence24, this will mainly concern profiles that have reported some patterns of suspicious behavior, i.e. submitting content that quickly spreads across the site. The purpose of this is to detect people or groups running a propaganda campaign.

Account owners that refuse to verify or their identity will not coincide with their profile will be blocked or their post’s reach will be severely limited.

Currently, the verification will apply only to residents of the United States. This is related to this year’s presidential election and the goal is to

British airline EasyJet has become a victim of cyber criminals, resulting in data leak of over 9 million customers.

Hackers managed to intercept email addresses along with details of their travels. For 2,200 customers, hackers were also able to intercept credit card numbers.

Customers whose data has been stolen are to be informed immediately. According to EasyJet, there is currently no evidence that the captured data was used.

The airline reported the incident to the authorities and the National Center for Cyber Security. Meanwhile customers are to be sensitive to emails signed with EasyJet or EasyJet Holidays.

Cybercriminals organized a phishing campaign targeted at clients of two mobile networks. CERT Poland warns against fraudsters impersonating Play and Orange.

Scammers send emails with an attachment that is supposed to be the invoice for mobile services. The message itself contains a summary of the invoice, i.e. the invoice number, date of issue and invoice payment date. Cybercriminals have not forgotten to provide the correspondence address, and in the case of an invoice from Play they included a note, which the victim can use to manually check the authenticity of the invoice in the Play application.

The attachment is in .xlsm format and contains the well-known DanaBot banking Trojan, which is then used to steal funds from the

Beware of fake SMS from the sender Pogodynka, which are sent to owners of mobiles phones all over Poland. An SMS informs you that you have purchased a costly weather alarm service.

According to the portal Niebiezpiecznik, the sender of the SMS threatens with a high fee for the subscription and informs about the possibility of canceling it.

SMS content:
“WEATHER service has been activated! Every day you will receive 1 SMS with weather for the next day. The cost is PLN 30.77 / SMS. To opt out go to www.p***damateo.net?r=Y9N”

In fact, the goal is to get the recipient to cancel the alleged subscription in order to gain access to online banking.

A tempting offer for the Samsung Galaxy S20 flagship smartphone, which at a regular price costs almost PLN 4,000, has appeared online.

According to the Niebezpiecznik website, a Facebook post appeared online which claimed that there is a pricebug in Samsung online store, as a result of which the Galaxy S20 smartphone can be bought for 2 euros. In order to find this tempting offer, you had to enter the phrase SGAL2077B in Google.

The person who was tempted by the offer was directed to the fabricated website, in which the data had to be provided in a specially prepared form. The form concerned a lottery in which you could win a Samsung Galaxy S20 smartphone for 2 euros.

If someone did not read the te