Headlines

Newly discovered Google Play applications infected with the Ztorg Trojan family no longer request root privileges on compromised devices, Kaspersky Lab security researchers reveal. Late last year, Kaspersky warned of the high popularity Ztorg-infected applications had in Google Play, where one of them gathered over 50,000 downloads within a single day. [...]
Sat, Jun 24, 2017 1:35:00 PM, Continue reading at the source
A new WikiLeaks release of documents believed to have been stolen from the CIA show the intelligence agency’s capability to infect air-gapped computers and networks via booby-trapped USB sticks. The Brutal Kangaroo project The agency would start by infecting an Internet-connected computer inside the target organizations with malware, which would [...]
Fri, Jun 23, 2017 6:55:00 PM, Continue reading at the source
Federal authorities charged a consultant with espionage for transmitting top secret and secret documents to China. [...]
Fri, Jun 23, 2017 6:49:00 PM, Continue reading at the source
Attackers that have set up a malicious site can use users’ account registration process to successfully perform a password reset process on a number of popular websites and messaging mobile applications, researchers have demonstrated. The Password Reset MITM attack The Password Reset Man in the Middle (PRMITM) attack exploits the [...]
Fri, Jun 23, 2017 6:13:00 PM, Continue reading at the source
Zscaler researchers discover a new variant of the Android Marcher malware, which aims to steal online banking credentials and credit card information. [...]
Fri, Jun 23, 2017 6:08:00 PM, Continue reading at the source
Siemens patched two vulnerabilities in products, SIMATIC CP and XHQ, commonly found in industrial control system setups this week [...]
Fri, Jun 23, 2017 6:07:00 PM, Continue reading at the source
The FBI's Internet Crime Complaint Center (IC3) identified ransomware as one of 2016's top threats, but a relatively small number of attacks were reported. [...]
Fri, Jun 23, 2017 5:34:00 PM, Continue reading at the source
Your daily round-up of some of the other stories in the news [...]
Fri, Jun 23, 2017 4:18:00 PM, Continue reading at the source
Three-quarters of the total fraud losses for 2016 arose from victims who had been victims of a data breach within the previous six years. [...]
Fri, Jun 23, 2017 4:00:00 PM, Continue reading at the source
Hughes Network Systems is a leading managed network service provider for highly distributed enterprises that need to operate and deliver uniform performance across large numbers of branch locations. They have been a long-time Fortinet partner, delivering innovative managed network solutions that leverage Fortinet platforms by combining Fortinet’s security capabilities with [...]
Fri, Jun 23, 2017 4:00:00 PM, Continue reading at the source
Mike Mimoso and Chris Brook discuss the news of the week, including Citizen Lab's latest report, WannaCry hitting Honda, GhostHook, and Fireball. [...]
Fri, Jun 23, 2017 3:30:00 PM, Continue reading at the source
A small number of Remote Administration Tools have vulnerabilities which can enable attack targets to turn the tables on threat actors. [...]
Fri, Jun 23, 2017 3:08:00 PM, Continue reading at the source
Through its website, the FBI’s Internet Crime Complaint Center (IC3) accepts complaints about Internet-facilitated criminal activity, and forwards them to the appropriate law enforcement agencies (both in and outside the US) to investigate. The only condition that has to be satisfied in order for a report to be considered and [...]
Fri, Jun 23, 2017 3:07:00 PM, Continue reading at the source
Explaining risk can be difficult since CISOs and execs don't speak the same language. The key is to tailor your message for the audience. [...]
Fri, Jun 23, 2017 3:00:00 PM, Continue reading at the source
The spirit of cooperation seems to be taking hold as demonstrated by the growing number of thriving services and organizations whose sole purpose is to analyze specific threats against specific communities. [...]
Fri, Jun 23, 2017 3:00:00 PM, Continue reading at the source
Fighting attackers needs a new approach that leverages a public-private data sharing framework, enabling immediate and collective responses. [...]
Fri, Jun 23, 2017 2:04:00 PM, Continue reading at the source
API Behavioral Security: Detecting and blocking attacks targeting API infrastructures Elastic Beam unveiled its flagship solution, API Behavioral Security (ABS), the first AI-powered software platform able to detect and block cyberattacks that target APIs to compromise corporate data and systems – in public clouds, hybrid clouds, or on premise. ABS [...]
Fri, Jun 23, 2017 2:03:00 PM, Continue reading at the source
Homeland Security official declines to reveal more to Senate hearing as details emerge of hacking attempts in Illinois and Arizona [...]
Fri, Jun 23, 2017 1:52:00 PM, Continue reading at the source
High-impact tools for white hats that will be revealed and released next month at Black Hat USA in Las Vegas. [...]
Fri, Jun 23, 2017 1:10:00 PM, Continue reading at the source
Vanson Bourne surveyed 1,300 IT decision makers from organizations using public cloud Infrastructure as a Service (IaaS) from the Americas, Europe, Middle East and Africa (EMEA), and from Asia Pacific (APAC). Background public cloud use Respondents’ use of public cloud is on the rise, as is their sophistication in working [...]
Fri, Jun 23, 2017 1:00:00 PM, Continue reading at the source
Summer is upon us – a time for family, fun and travel. Whether you’re going around the block or around the world, odds are you’re taking your work laptop (just in case). And of course, you’re taking your smartphone. Maybe you’ll want to check email on your phone using the [...]
Fri, Jun 23, 2017 12:59:00 PM, Continue reading at the source
We enlisted a leading security researcher to test if Microsoft's newest, locked-down version of Windows 10 is protected against all "known" kinds of ransomware, as the company claims. [...]
Fri, Jun 23, 2017 12:00:00 PM, Continue reading at the source
Join us for the last webinar in our Security SOS Week - we take a look at ransomware... and all the other malware nasties that roam the net. [...]
Fri, Jun 23, 2017 11:13:00 AM, Continue reading at the source
'When you have a bunch of single guys in the office, it goes in that direction', says Dating.AI founder as he dismisses concerns about scraping other dating apps for faces for users to match [...]
Fri, Jun 23, 2017 11:12:00 AM, Continue reading at the source
The duo has tried, time and time again, to break into Microsoft's systems to steal customer data. [...]
Fri, Jun 23, 2017 10:35:00 AM, Continue reading at the source
Microsoft says an attacker needs kernel-level access before they can use the 'GhostHook' technique to install a rootkit. [...]
Thu, Jun 22, 2017 10:05:00 PM, Continue reading at the source
Security researcher discovers major security flaws that can't be patched or fixed. [...]
Thu, Jun 22, 2017 8:35:00 PM, Continue reading at the source
UK authorities arrest two men for allegedly breaking into Microsoft's network with the intent to steal customer data from the software giant. [...]
Thu, Jun 22, 2017 8:24:00 PM, Continue reading at the source
Cisco patched three vulnerabilities in three products this week that if exploited, could have resulted in a denial of service, crash and in some instances, arbitrary and remote code execution. [...]
Thu, Jun 22, 2017 7:08:00 PM, Continue reading at the source
Initially time-bound, the Microsoft Edge Bounty Program has now been turned into one that will run indefinitely, Microsoft has announced. The past and present of the Microsoft Edge Bounty Program “Since 2013, we have launched three browser bounties to uncover specific vulnerabilities. As security is a continuous effort and not [...]
Thu, Jun 22, 2017 7:01:00 PM, Continue reading at the source
Cybersecurity is finally getting the attention it deserves – it is only regrettable that this good news is the result of bad news: more numerous, complex, and damaging cyber attacks than ever before. Cybersecurity takes a step forward “The WannaCry ransomware attacks have recently made the headlines around the world. [...]
Thu, Jun 22, 2017 6:30:00 PM, Continue reading at the source
The good news is the cost of a data breach is down double-digits, the bad news the size and scope of breaches is creeping up. [...]
Thu, Jun 22, 2017 5:51:00 PM, Continue reading at the source
Your daily round-up of some of the other stories in the news [...]
Thu, Jun 22, 2017 5:46:00 PM, Continue reading at the source
Trusted identities can serve as the backbone for smart buildings and today’s connected workforce, according to a new study conducted by IFSEC Global. The study focused on how the access control infrastructure combined with trusted identities can connect disparate systems for enhanced monitoring and a better user experience as people [...]
Thu, Jun 22, 2017 5:28:00 PM, Continue reading at the source
Check Point has toned down its initial estimates on the number of Fireball malware infections from 250 million machines and 20 percent of corporate networks to 40 million computers. [...]
Thu, Jun 22, 2017 5:11:00 PM, Continue reading at the source
Looking closely at the tracking that's done while you browse can be very unnerving - but does that mean you should give up using the web? [...]
Thu, Jun 22, 2017 4:30:00 PM, Continue reading at the source
Developers with Drupal patched three vulnerabilities, one critical, one being exploited in the wild, in Drupal’s core engine on Wednesday. [...]
Thu, Jun 22, 2017 4:22:00 PM, Continue reading at the source
It's bad enough to be caught by an SMS phishing scam - but when the bad guys expose your stolen account details to the world, that really rubs salt into the wound [...]
Thu, Jun 22, 2017 3:58:00 PM, Continue reading at the source
Researchers at CyberArk have developed a bypass for Windows PatchGuard that leverages Intel's Processor Trace (Intel PT) technology to execute code at the kernel. [...]
Thu, Jun 22, 2017 3:25:00 PM, Continue reading at the source
Welcome back to our monthly review of some of the most interesting security research publications. This month, let's do a bit of crypto... Past editions: April 2017 March 2017 P. Carru, Attack TrustZone with Rowhammer Rowhammer is an attack on DRAM, which consists in repeatedly accessing given rows of the DRAM to cause random bit flips in adjacent rows. Until [...]
Thu, Jun 22, 2017 3:00:00 PM, Continue reading at the source
The cybercriminal’s options for monetizing attacks has never been broader, less complex, or less risky, and attempts to detect intrusions by detecting the malware they use has never been more pointless, a study commissioned by Arbor Networks has revealed. “Nearly everything used by the attacker is now disposable, making most [...]
Thu, Jun 22, 2017 2:32:00 PM, Continue reading at the source
It’s no secret that in the past few years, business leaders have begun to realise the potential of digital transformation to give their organisation a competitive edge. Through driving productivity, empowering staff and creating engaging experiences for customers; investing in digital technology has become a number one priority for businesses [...]
Thu, Jun 22, 2017 2:00:00 PM, Continue reading at the source
Microsoft has cast doubt on Check Point's claims that Fireball has a hold in one-in-five corporate networks. [...]
Thu, Jun 22, 2017 1:00:00 PM, Continue reading at the source
By using a "traffic shaping" technique, the National Security Agency sidestepped legal restrictions imposed by lawmakers and the surveillance courts. [...]
Thu, Jun 22, 2017 1:00:00 PM, Continue reading at the source
Today’s healthcare networks are intricate ecosystems of different networks comprised of a wide variety of connected devices and moving data, but they weren’t always this open. The industry as a whole has had to rapidly shift gears. Healthcare data now flows faster than ever, and it isn’t slowing down. As [...]
Thu, Jun 22, 2017 1:00:00 PM, Continue reading at the source
Researchers have built a doll with an AI chip and a camera that can interpret a child's emotions. What could possibly go wrong? [...]
Thu, Jun 22, 2017 11:45:00 AM, Continue reading at the source
Still time to register for today's live Security SOS podcast featuring the not-to-be-missed Fraser Howard, one of the world's top malware researchers. [...]
Thu, Jun 22, 2017 11:19:00 AM, Continue reading at the source
Nearly 200m voters' personal details were exposed when a contractor failed to secure the GOP's data in the cloud - and there are lessons for us all in this [...]
Thu, Jun 22, 2017 10:44:00 AM, Continue reading at the source
Security experts, vendors, business and the NSA are developing a standardized language that rather than autonomously understands threats, acts on them. [...]
Thu, Jun 22, 2017 10:00:00 AM, Continue reading at the source
Serious security bugs have been exposed, some of which can lead to remote code execution. [...]
Thu, Jun 22, 2017 9:18:00 AM, Continue reading at the source