News

vulnerable cryptojacking hacking breach security

Cryptojacking attacks spiked in first half of 2018

Cryptojacking attacks, fileless malware, and malware with small file sizes all increased in the first half of 2018 as cyber thugs tried to use more covert tactics.

broken window with windows logo in clouds

Microsoft Windows Task Scheduler zero-day and PoC exploit disclosed via Twitter

There’s a Windows zero-day in the wild, and CERT knows no practical solution until Microsoft patches.

congress evening

Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding

On Monday, the Energy and Commerce Committee sent letters to MITRE Corporation and the Department of Homeland Security (DHS), recommending reforms be made to the troubled CVE program. In fact, the letters state, if the "deep-seated...

wearables workers

Listening-Watch wearable system provides secure 2FA

Listening-Watch, a new wearable two-factor authentication system that uses browser speech sounds, is resilient to proximity and remote attacks.

7 safe browswer search legitimate url domains surfing the internet

Don't abandon that domain name

Penny-wise, pound-foolish: Letting old domain names expire might save a few bucks a year, but lets attackers register your old domain and pretend to be you.

fortnite

Google discloses man-in-the-disk attack flaw in Fortnite Android app

Epic Games hit back after Google publicly disclosed the security vulnerability in the Fortnite Android app installer earlier than the 90-day request.

20160224 stock mwc internet of things iot sign

Mirai leveraging Aboriginal Linux to target multiple platforms

The Mirai botnet hasn't gone away, you don't hear about it much, but the code has been constantly updated and maintained. Recently, Symantec's Dinesh Venkatesan discovered a command and control (C&C) server hosting various types of...

Globe with orbiting speech bubbles containing world flags, sitting on the edge of a laptop.

Traveling to China for work? Punch through the Great Firewall and securely connect with your home office

Security is not just about confidentiality and integrity. It's also about availability. The new partnership between Wickr and Psiphon is worth a look for global enterprises with traveling employees.

An Android mascot carrying an umbrella in the rain. / firewall / security / coverage / service

Android 'Triout' spyware records calls, sends photos and text messages to attackers

Researchers identified new Android spyware with extensive surveillance capabilities being bundled into legitimate apps.

bucket with holes breach security vulnerability

Reevaluate "low-risk" PHP unserialization vulnerabilities, researcher says

Over nearly a decade, PHP unserialization vulnerabilities have become a popular route for cyber-criminals to plant remote code execution or deliver other malware into systems. But new research, introduced at Black Hat this month,...

phishing hacker binary keyboard privacy security breach

Microsoft disrupted Russian hacking campaign aimed at US midterm elections

Microsoft brings down the hammer on Russian hacking campaign aimed at US midterm elections.

cloud security lock

Arista Networks PICs its spot In security

After establishing itself as an innovative network vendor, Arista has moved into the security market, addressing the challenges of 'places in cloud.'

10 cloud security breach virtualization wireless

What are Amazon Zelkova and Tiros? AWS looks to reduce S3 configuration errors

Amazon’s latest tools help identify where data might be left exposed in your AWS S3 cloud environments.

internet of things smart home

32,000 smart homes can be easily hacked due to misconfigured MQTT servers

Thanks to MQTT servers which are either misconfigured or not protected with a password, it is easy peasy to hack a smart home. Shodan shows over 49,000 misconfigured MQTT servers and more than 32,000 which don't have even so much as a...

candle laptop blackout

Botnet of smart air conditioners and water heaters could bring down the power grid

If "smart" appliances that connect to the internet were to be used in a botnet, it could cause large-scale blackouts of the power grid, researchers warn.

credit cards

Hack mobile point-of-sale systems? Researchers count the ways

Security researchers uncovered widespread vulnerabilities in mobile point-of-sale readers offered by Square, SumUp, PayPal and iZettle.

thinkstock privacy please

Vegas hotel room checks raise privacy, safety concerns at Def Con, Black Hat

Do Not Disturb means nothing at Caesars Entertainment hotels, as Def Con and Black Hat attendees had their privacy and potentially their safety threatened by hotel security busting in to search rooms.

072315blog body camera

Security flaws in police body cameras open the devices to attack

A researcher presenting at Def Con 26 said security flaws in police body cameras could enable hackers to edit and delete footage and weaponize the devices with malware.

security trust

What is digital trust? How CSOs can help drive business

Chief security officers should play a key role in building trust with customers, and that translates to better customer acquisition, greater customer loyalty, and more revenue.

Facebook / network connections / privacy / security / breach / wide-eyed fear

Does Facebook even need a CSO?

Maybe not, says Twitter’s former CISO, but there are risks with Facebook's move from a centralized to a distributed security model in the wake of Alex Stamos's departure.

Load More