Delivering the opening keynote at Black Hat Europe, offensive security engineer Amanda Rousseau talked about the move from a defensive to offensive role, and how narrow that has made our thinking. In the first part of her talk, she said

Fraudsters are increasingly going back to basics in a bid to trick particularly elderly victims into handing over money, according to the Federal Trade Commission (FTC). The regulator posted two warnings on Tuesday highlighting the lengths scammers are prepared to

Researchers discovered a critical vulnerability in Microsoft Azure named “BlackDirect” that allows attackers to take over the Azure user’s accounts and creating the Token with the victim’s permissions. The vulnerability specifically affected Microsoft’s OAuth 2.0 applications that allow malicious attacker

Almost all small and medium-sized businesses in America have executives who are living in fear of a cyber-attack from foreign adversaries, according to new research published today. The Q4 Cyberthreat Index for Business Survey by Zix-AppRiver found that 93% of

The Federal Bureau of Investigation has issued a warning to holiday shoppers who are planning to swap some of their hard-earned cash for a smart TV. In a statement released by the Oregon branch of the FBI, members of the

A free holiday-themed cybersecurity conference set in a virtual North Pole is scheduled to take place for the second year running. KringleCon 2019 invites hackers and cybersecurity professionals from across the globe to hear expert speakers, watch educational demos, share

Digital skimming hackers have been in action again, this time targeting the website of a leading US gun-maker and its customers. Springfield, Massachusetts-based Smith & Wesson was attacked on Black Friday, during one of the busiest shopping weekends of the

Researchers observed a new malware family in May involved in various cyberespionage campaigns advertised as a chat app dubbed “Chatrious” downloaded from the malicious website by clicking the download button on the site. The campaign back in action again with

Tens of millions of Americans may have been caught in another data leak after business SMS provider TrueDialog left a massive database exposed online, according to researchers. The team at vpnMentor discovered the Oracle Marketing Cloud database hosted on Microsoft

Newly discovered Android vulnerability dubbed “StrandHogg” being exploited in wide by unknown hackers using weaponized malware apps that posed as a legitimate one to perform various malicious activities. The vulnerability allows attackers to infect the Android phone without root access,

A new report shows that 61% of malicious ads on the Internet targeting Windows computers to infect with malware or to steal the information. The malicious ads act as a platform to distribute malware, by attracting users and redirect them

Most of us should start to think more carefully about the data that we put online. It is becoming clear that no data we put online can ever be 100% safe, and 2019 had some of the worst data protection

Security experts disclosed a vulnerability dubbed StrandHogg that has been exploited by tens of malicious Android apps. Security experts at Promon disclosed a vulnerability, dubbed StrandHogg, that has been exploited by tens of malicious Android apps. The name StrandHogg comes

The number of cybercrimes recorded by the Scottish police has more than tripled in a year, according to Scottish newspaper The Herald. In an article published yesterday, the paper said that new statistics released by the force show that from

Over 90% of UK IT professionals believe Brexit will make chronic industry skills shortages even worse, according to new research from RedSeal. The security vendor polled 502 IT professionals to gain greater insight into the skills challenges facing the country.

The European Union Agency for Cybersecurity (ENISA) today published a report containing recommendations to establish an EU-wide cybersecurity certification scheme for cloud service providers. The report was created by the Cloud Service Provider Certification Working Group (CSPCERT WG) at the