Archive
Law enforcement agencies across the country spent the better part of yesterday evening investigating a slew of bomb threats delivered by email to businesses and universities across the US and Canada. The hoax email warning that an explosive device was
Researcher Terence Eden discovered that the permissions dialog when authorizing certain apps to Twitter could expose direct messages to the third-party. The flaw is triggered when apps that require a PIN to complete the authorization process instead of the using
McAfee uncovered a campaign tracked as Operation Sharpshooter that hit at least 87 organizations in global defense and critical infrastructure. Security experts at McAfee uncovered a hacking campaign, tracked as Operation Sharpshooter, aimed at infrastructure companies worldwide. The threat actors
Oil services company Saipem, based in Milan, Italy, was the victim of a cyber-attack that appears to be targeting servers in the Middle East, according to reports from Reuters. The attack targeted servers in Saudi Arabia, the United Arab Emirates
Takuya Yoshida from Toyota’s InfoTechnology Center and his colleague Tsuyoshi Toyama are members of a Toyota team that developed the new tool, called PASTA (Portable Automotive Security Testbed). PASTA is an open-source testing platform specifically designed for car hacking, it
In a newly developed partnership with HackEDU, HackerOne announced that it has released a free web hacker training, adding to its Hacker101 offerings. Based on five popular, publicly disclosed vulnerability reports for which top bug bounty hackers initially earned up
Privacy a Key Concern for Telecoms and Consumers
Two recently published surveys about the telecom industry revealed that privacy as it relates to security and the internet of things (IoT) has become a top concern for both businesses and consumers. Allot Telco’s security trends report for 2018’s third
Two-Fifths of Firms Have Suffered ‘BPC’ Attacks
Over two-fifths of organizations have fallen victim to a so-called Business Process Compromise (BPC) attack, despite widespread ignorance from senior execs about the threat, according to Trend Micro. The security giant polled over 1100 IT decision makers responsible for security
Researchers Take an AI Approach to Text CAPTCHAs
Researchers at Lancaster University in the UK and Northwest University and Peking University in China have found a way to get around CAPTCHA security with new artificial intelligence, according to research published in a paper titled Yet Another Text Captcha
Undervalued Assets Put Business at Risk
New research from the Ponemon Institute, in partnership with DocAuthority, found that IT security departments are underestimating the value of business documents by hundreds of thousands of dollars. In a newly published report, the Ponemon Institute found that despite being
DanaBot Trojan Expands Beyond Banking
Banking Trojan DanaBot has reportedly resurfaced with some new tricks. According to malware analysts at ESET, the Trojan has evolved beyond banking and is now being used to send spam directly to a victim’s inbox. Researchers found that by injecting
GDPR Implementation Slow But Improving
According to the EU GDPR (General Data Protection Regulation) Implementation Review Survey conducted by IT Governance, six months after the GDPR went into effect, the majority of organizations are failing to implement the mandatory regulations. The study included 210 responses
Security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. According to a study conducted by experts from Trend Micro and the Polytechnic University of Milan.
IoT Backbone is Riddled with Security Issues
Two popular IoT communications protocols are riddled with vulnerabilities and systemic issues which are exposing countless global organizations to industrial espionage, targeted attacks and DoS, according to Trend Micro. The security giant’s latest report, The Fragility of Industrial IoT’s Data
Emotet and Trickbot Are the Future of Malware
Malware authors have been incorporating new infection methods that have resulted in a whole new category of attacks that are likely to represent the future of malware, according to a new research report from Malwarebytes. Released today, the research report
Magecart Delivers Malware to 1-800-FLOWERS
Once again payment card data has been lifted from an e-commerce site, with the Canadian online outpost of 1-800-FLOWERS falling victim to Magecart. What’s alarming about this most recent disclose, though, is that the incident has lasted for over four