Archive
Delivering the opening keynote at Black Hat Europe, offensive security engineer Amanda Rousseau talked about the move from a defensive to offensive role, and how narrow that has made our thinking. In the first part of her talk, she said
FTC: Fraudsters Go Low-Tech to Trick the Elderly
Fraudsters are increasingly going back to basics in a bid to trick particularly elderly victims into handing over money, according to the Federal Trade Commission (FTC). The regulator posted two warnings on Tuesday highlighting the lengths scammers are prepared to
Critical Vulnerability in Microsoft Azure Let Hackers Take Over the Complete Control of the Azure Accounts
Researchers discovered a critical vulnerability in Microsoft Azure named “BlackDirect” that allows attackers to take over the Azure user’s accounts and creating the Token with the victim’s permissions. The vulnerability specifically affected Microsoft’s OAuth 2.0 applications that allow malicious attacker
Almost all small and medium-sized businesses in America have executives who are living in fear of a cyber-attack from foreign adversaries, according to new research published today. The Q4 Cyberthreat Index for Business Survey by Zix-AppRiver found that 93% of
FBI Issues Smart TV Cybersecurity Warning
The Federal Bureau of Investigation has issued a warning to holiday shoppers who are planning to swap some of their hard-earned cash for a smart TV. In a statement released by the Oregon branch of the FBI, members of the
Festive Virtual Hacker Conference Returns
A free holiday-themed cybersecurity conference set in a virtual North Pole is scheduled to take place for the second year running. KringleCon 2019 invites hackers and cybersecurity professionals from across the globe to hear expert speakers, watch educational demos, share
Digital skimming hackers have been in action again, this time targeting the website of a leading US gun-maker and its customers. Springfield, Massachusetts-based Smith & Wesson was attacked on Black Friday, during one of the busiest shopping weekends of the
Researchers observed a new malware family in May involved in various cyberespionage campaigns advertised as a chat app dubbed “Chatrious” downloaded from the malicious website by clicking the download button on the site. The campaign back in action again with
Tens of Millions Exposed by SMS Data Leak
Tens of millions of Americans may have been caught in another data leak after business SMS provider TrueDialog left a massive database exposed online, according to researchers. The team at vpnMentor discovered the Oracle Marketing Cloud database hosted on Microsoft
StrandHogg – Hackers Aggressively Exploiting New Unpatched Android OS Vulnerability in Wide Using Malware
Newly discovered Android vulnerability dubbed “StrandHogg” being exploited in wide by unknown hackers using weaponized malware apps that posed as a legitimate one to perform various malicious activities. The vulnerability allows attackers to infect the Android phone without root access,
Windows Users Beware! – More than 60% of Malicious Ads Targeting Windows Computer Systems
A new report shows that 61% of malicious ads on the Internet targeting Windows computers to infect with malware or to steal the information. The malicious ads act as a platform to distribute malware, by attracting users and redirect them
Most of us should start to think more carefully about the data that we put online. It is becoming clear that no data we put online can ever be 100% safe, and 2019 had some of the worst data protection
Security experts disclosed a vulnerability dubbed StrandHogg that has been exploited by tens of malicious Android apps. Security experts at Promon disclosed a vulnerability, dubbed StrandHogg, that has been exploited by tens of malicious Android apps. The name StrandHogg comes
Cybercrime Triples in Scotland
The number of cybercrimes recorded by the Scottish police has more than tripled in a year, according to Scottish newspaper The Herald. In an article published yesterday, the paper said that new statistics released by the force show that from
Over 90% of UK IT professionals believe Brexit will make chronic industry skills shortages even worse, according to new research from RedSeal. The security vendor polled 502 IT professionals to gain greater insight into the skills challenges facing the country.
The European Union Agency for Cybersecurity (ENISA) today published a report containing recommendations to establish an EU-wide cybersecurity certification scheme for cloud service providers. The report was created by the Cloud Service Provider Certification Working Group (CSPCERT WG) at the