Archive
A team of security researchers has discovered a new Spectre attack that can be launched over the network, unlike all other Spectre variants that require some form of local code execution on the target system. Dubbed “NetSpectre,” the new remote
Following Apple’s lead in banning cryptocurrency mining apps, Google has also updated its Play Store policy this week to ban apps that mine cryptocurrencies on users’ devices in the background. However, there are countless cryptocurrency mining apps, including MinerGate, AA
Researchers found 20 flaws in Samsung’s SmartThings Hub controller – opening up supported third-party smart home devices to attack. Researchers found 20 vulnerabilities in Samsung’s SmartThings Hub, allowing attackers to control smart locks, remotely monitor the home via connected cameras
The Hidden Bee cryptominer is being delivered to users via an improved drive-by download toolkit which exploits the CVE-2018-4878 Flash Player vulnerability. The Flash bug is a critical vulnerability that can potentially allow an attacker to take control of the
Tesla, VW, and dozens of other manufacturers had their sensitive information exposed due to a weak security link in their supply chains. The exposure occurred at industrial automation provider Level One Robotics via an inadequately secured rsync file transfer protocol
At least two separate threat groups have already developed automated exploitation scripts to exploit a recently patched vulnerability in Oracle WebLogic Servers and are conducting large-scale attacks after several proof-of-concepts were published. The attacks exploit CVE-2018-2893, a critical vulnerability in
Starting today with the release of Chrome 68, Google Chrome prominently marks all non-HTTPS websites as ‘Not Secure’ in its years-long effort to make the web a more secure place for Internet users. So if you are still running an
Symantec Introduces Email Threat Isolation
Symantec introduced Email Threat Isolation, a new solution targeting to protect users against spear phishing, credential theft, account takeover and ransomware attacks. The company claims that it is the first and currently only vendor to offer a complete and integrated
How is Google preventing its employees from getting hacked? By using some hardware anyone can buy: USB security keys. In 2017, the company began giving out physical security keys to all 85,000 employees. And since then, no employees have reported
Black Hat USA
Black Hat USA is the world’s leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2018 opens with four days of technical Trainings (August 4 – 7) followed by the two-day
Cybercriminals are putting a new spin on the old trick of hiding malware code in Exchangeable Image File Format (EXIF) data. Recently, attackers were observed using this technique in image files, rather than text files, and uploading them to googleusercontent.com
Singapore’s largest healthcare group, SingHealth, has suffered a massive data breach that allowed hackers to snatch personal information on 1.5 million patients who visited SingHealth clinics between May 2015 and July 2018. SingHealth is the largest healthcare group in Singapore
Every day, security researchers and hackers discover new vulnerabilities, augmenting the tens of thousands of known holes in applications, services, operating systems, and firmware. A vulnerability scanner provides automated assistance for tracking known vulnerabilities and detecting your exposure to them.
SCADA/ICS Dangers & Cybersecurity Strategies
Nearly 60% of surveyed organizations using SCADA or ICS reported they experienced a breach in those systems in the last year. Here are four tips for making these systems safer. A large number of government agencies and private organizations have
Malwarebytes researchers have detected the Magniber ransomware displaying notable improvements as its attack begin to expand within Asia after previously limiting its activity to South Korea. The malware has been active since its inception in 2013 and has been distributed
Dell EMC unveiled its latest Integrated Data Protection Appliance (IDPA), the Dell EMC IDPA DP4400, providing simple and powerful converged data protection to help mid-size organizations transform IT while combatting data sprawl and complexity. Comprehensive data protection has been a
