News
Cryptojacking attacks spiked in first half of 2018
Cryptojacking attacks, fileless malware, and malware with small file sizes all increased in the first half of 2018 as cyber thugs tried to use more covert tactics.
Microsoft Windows Task Scheduler zero-day and PoC exploit disclosed via Twitter
There’s a Windows zero-day in the wild, and CERT knows no practical solution until Microsoft patches.
Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding
On Monday, the Energy and Commerce Committee sent letters to MITRE Corporation and the Department of Homeland Security (DHS), recommending reforms be made to the troubled CVE program. In fact, the letters state, if the "deep-seated...
Listening-Watch wearable system provides secure 2FA
Listening-Watch, a new wearable two-factor authentication system that uses browser speech sounds, is resilient to proximity and remote attacks.
Don't abandon that domain name
Penny-wise, pound-foolish: Letting old domain names expire might save a few bucks a year, but lets attackers register your old domain and pretend to be you.
Google discloses man-in-the-disk attack flaw in Fortnite Android app
Epic Games hit back after Google publicly disclosed the security vulnerability in the Fortnite Android app installer earlier than the 90-day request.
Mirai leveraging Aboriginal Linux to target multiple platforms
The Mirai botnet hasn't gone away, you don't hear about it much, but the code has been constantly updated and maintained. Recently, Symantec's Dinesh Venkatesan discovered a command and control (C&C) server hosting various types of...
Traveling to China for work? Punch through the Great Firewall and securely connect with your home office
Security is not just about confidentiality and integrity. It's also about availability. The new partnership between Wickr and Psiphon is worth a look for global enterprises with traveling employees.
Android 'Triout' spyware records calls, sends photos and text messages to attackers
Researchers identified new Android spyware with extensive surveillance capabilities being bundled into legitimate apps.
Reevaluate "low-risk" PHP unserialization vulnerabilities, researcher says
Over nearly a decade, PHP unserialization vulnerabilities have become a popular route for cyber-criminals to plant remote code execution or deliver other malware into systems. But new research, introduced at Black Hat this month,...
Microsoft disrupted Russian hacking campaign aimed at US midterm elections
Microsoft brings down the hammer on Russian hacking campaign aimed at US midterm elections.
Arista Networks PICs its spot In security
After establishing itself as an innovative network vendor, Arista has moved into the security market, addressing the challenges of 'places in cloud.'
What are Amazon Zelkova and Tiros? AWS looks to reduce S3 configuration errors
Amazon’s latest tools help identify where data might be left exposed in your AWS S3 cloud environments.
32,000 smart homes can be easily hacked due to misconfigured MQTT servers
Thanks to MQTT servers which are either misconfigured or not protected with a password, it is easy peasy to hack a smart home. Shodan shows over 49,000 misconfigured MQTT servers and more than 32,000 which don't have even so much as a...
Botnet of smart air conditioners and water heaters could bring down the power grid
If "smart" appliances that connect to the internet were to be used in a botnet, it could cause large-scale blackouts of the power grid, researchers warn.
Hack mobile point-of-sale systems? Researchers count the ways
Security researchers uncovered widespread vulnerabilities in mobile point-of-sale readers offered by Square, SumUp, PayPal and iZettle.
Vegas hotel room checks raise privacy, safety concerns at Def Con, Black Hat
Do Not Disturb means nothing at Caesars Entertainment hotels, as Def Con and Black Hat attendees had their privacy and potentially their safety threatened by hotel security busting in to search rooms.
Security flaws in police body cameras open the devices to attack
A researcher presenting at Def Con 26 said security flaws in police body cameras could enable hackers to edit and delete footage and weaponize the devices with malware.
What is digital trust? How CSOs can help drive business
Chief security officers should play a key role in building trust with customers, and that translates to better customer acquisition, greater customer loyalty, and more revenue.
Does Facebook even need a CSO?
Maybe not, says Twitter’s former CISO, but there are risks with Facebook's move from a centralized to a distributed security model in the wake of Alex Stamos's departure.
Most Popular
BrandPosts
Learn more-
Sponsored by RSA SecurID® Suite
-
Sponsored by BlueCat
-
Sponsored by Fortinet
Sponsored Links