Month: January 2018

Kaspersky Lab Seeks Injunction Against US Government Ban

Read full post Revenues and reputation have taken a hit in the wake of the US Department of Homeland Security’s decision to prohibit use of its products and services by the feds, the company says.

/ January 19, 2018

Up to 40K Affected in Credit Card Breach at OnePlus

Read full post The smartphone manufacturer has sent an email to anyone who may have been affected in the breach.

/ January 19, 2018

Google Pays Researcher Record $112,500 for Android Flaw

Read full post The bug bounty reward, given to a researcher who submitted a working remote exploit chain, is Google’s highest for an Android bug.

/ January 19, 2018

You Break It, They Buy It: Economics, Motivations Behind Bug Bounty Hunting

Read full post Some bug hunters make 16 times the median salary of software engineers in their home countries.

/ January 19, 2018

Cyber News Rundown: Healthcare Ransomware

Read full post The Cyber News Rundown brings you the latest happenings in cybersecurity news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any questions? Just...

/ January 19, 2018

OnePlus confirms hack exposed credit cards of phone buyers

Read full post The company put a hold on payments through its site after fraud reports emerged.

/ January 19, 2018

Understanding Supply Chain Cyber Attacks

Read full post While the attack surface has increased exponentially because of the cloud and everything-as-a-service providers, there are still ways in which host companies can harden supply chain security.

/ January 19, 2018

The Google Play “Super Antivirus” that’s not so super at all… [REPORT]

Read full post SophosLabs has published a technical report digging into the details of a not-so-super “Super Antivirus” charade on Google Play.

/ January 19, 2018

90% of Gmail users could improve their security easily, but don’t

Read full post There’s something alarming about the world’s one billion regular Gmail users – barely any have turned on two-step verification.

/ January 19, 2018

Virtual reality porn app SinVR exposes details of 20,000 customers

Read full post Personal details of adult virtual reality game SinVR customers were accidentally exposed for two weeks, while security researchers tried to get the company’s attention

/ January 19, 2018

“Give me a job or else!” approach fails to land IT job

Read full post Sending an application letter to your prospective employer is a good idea, an extortion letter, not so much

/ January 19, 2018

Does your credit card need a tinfoil hat to keep it safe on the train?

Read full post Can the person squashed up against you on the train read your credit card without you realising? If so, what can you do about it?

/ January 19, 2018

Triton exploited zero-day flaw to target industrial systems

Read full post Schneider Electric has revealed how the Trojan managed to disrupt core industrial systems in the Middle East.

/ January 19, 2018

Are mobile devices insecure by nature?

Read full post It is no easy feat to recall going through life without the vast variety of mobile devices that are now part of our day-to-day. What is more, it is downright impossible to imagine a future without these...

/ January 19, 2018

Dridex banking Trojan compromises FTP sites in new campaign

Read full post The Trojan is back with a new technique to avoid detection by email gateways.

/ January 19, 2018

Safe Deposit: How to Keep Your Cryptocurrency Secure

Read full post “How to buy Bitcoin” dominated Google how-to searches in 2017, ranking third overall. With the hype surrounding cryptocurrency at a palpably all-time high, now is a better time than ever to cover the essentials of keeping cryptocurrencies...

/ January 18, 2018

Rogue Chrome, Firefox Extensions Hijack Browsers; Prevent Easy Removal

Read full post Malwarebytes describes malicious extensions as ‘one of a kind’

/ January 18, 2018

BEC Attacks to Exceed $9B in 2018: Trend Micro

Read full post Business email compromise is projected to skyrocket as attackers adopt sophisticated techniques to dupe their victims.

/ January 18, 2018

Congress demanded NSA spying reform. Instead, they let you down

Read full post Both the House and Senate reauthorized the controversial surveillance powers, without any meaningful debate, amendments, or privacy reforms.

/ January 18, 2018

Tax Reform, Cybersecurity-Style

Read full post How the security industry can be more effective and efficient by recognizing four hidden “taxes” in the buying and selling process.

/ January 18, 2018

Feds Team with Foreign Policy Experts to Assess US Election Security

Read full post Expert panel lays out potential risks for the 2018 election cycle and beyond

/ January 18, 2018

Applying Defense-in-Depth to the Digital Battlefield

Read full post How a layered security strategy can minimize the threat and impact of a data breach.

/ January 18, 2018

California Predicted to Lose $329M to Cybercrime in 2018

Read full post The Golden State will be hit hardest but New York will lose the most money per incident.

/ January 18, 2018

Oman’s stock exchange was easily hackable for months

Read full post The security flaw made the securities market an easy target and was only fixed after a security researcher sent more than half-a-dozen warning emails.

/ January 18, 2018

How to Keep Blue Teams Happy in an Automated Security World

Read full post The creativity and intuition of your team members must be developed and nurtured.

/ January 18, 2018

Man Admits to Directing DDoS Attacks Across the US

Read full post New Mexico man pleads guilty to directing cyberattacks against his prior employers, business competitors, and law enforcement agencies.

/ January 18, 2018

Schneider Electric: TRITON/TRISIS Attack Used 0-Day Flaw in its Safety Controller System, and a RAT

Read full post ICS/SCADA vendor discloses in-depth analysis of a recent targeted attack against one of its customers.

/ January 18, 2018

The Startup Challenge: Safe in the Cloud from Day One

Read full post How a Seattle travel company built a rock-solid mobile app without sacrificing performance or security.

/ January 18, 2018

CES 2018 cybersecurity: Now in every single ‘whatchamacallit’

Read full post Not content anymore to just have a bed made of soft plushy stuff, now you can adjust everything about the bed, from electronically sitting up in bed to the lighting surrounding your nap: connected digital technology everywhere....

/ January 18, 2018

Yes, Hawaii emergency management stuck a password on a sticky note

Read full post … and nobody bothered to vet the photo taken of that sticky note and distributed by AP.

/ January 18, 2018

Hijackers DM @realDonaldTrump from former Fox News hosts’ accounts

Read full post The hackers tweeted out love for Turkish President Recep Tayyip Erdoğan: “We love turkish soldiers, we love Erdogan, we love Turkey.”

/ January 18, 2018

Google awards researcher over $110,000 for Android exploit chain

Read full post The bug bounty highlighted serious security issues in the Pixel smartphone.

/ January 18, 2018

BlackWallet cryptocurrency site loses users’ money after DNS hijack

Read full post Another site in the booming cryptocurrency wallet sector has been hacked after what looks like a simple DNS hijacking attack.

/ January 18, 2018

Trends 2018: Personal data in the new age of technology and legislation

Read full post The depth of data collected from our online habits could easily allow profiles to be constructed, showing what may be considered extremely personal interests, drawing on information that we don’t realize someone is collecting. The post Trends...

/ January 18, 2018

WatchGuard snaps up DNS security firm Percipient Networks

Read full post The deal is designed to offer better security solutions for SMBs.

/ January 18, 2018

Man pleads guilty to launching DDoS attacks against former employers

Read full post A man had admitted to disrupting domains belonging to former employers, competition, and law enforcement agencies.

/ January 18, 2018

SkyGoFree malware spies on your Android phone and your messages

Read full post The Android malware “SkyGoFree” pretends to be a security update, but it’s actually a powerful spyware and remote control tool.

/ January 18, 2018

Threats from Russia, North Korea Loom as Geopolitics Spills into Cyber Realm

Read full post Threat actors from both nations ramped up their activities sharply in 2017, Flashpoint says in a new threat intelligence report.

/ January 17, 2018

Where to Find Security Holes in Serverless Architecture

Read full post Serverless architectures take away business responsibility for server management, but security should still be top of mind.

/ January 17, 2018