News


  • Sir Michael Fallon to host Counter Terror Awards at SCTX18

    February 19, 2018

    The organisers of Security & Counter Terror Expo have announced that Sir Michael Fallon MP, former Secretary of State for Defence and member of the National Security Council, will host the inaugural Counter Terror Awards during the event next month. The awards ceremony will take place at Olympia, London on 6 March 2018, with an audience ...

  • Lawsuits threaten infosec research — just when we need it most

    February 19, 2018

    This year, two security reporters and one researcher will fight for their professional lives in court. Steve Ragan, senior staff writer at tech news site CSO, and Dan Goodin, security editor at Ars Technica, were last year named defendants in two separate lawsuits. The cases are different, but they have a common theme: they are being sued by ...

  • Smart meters could leave British homes vulnerable to cyber attacks, experts have warned

    February 18, 2018

    New smart energy meters that the Government wants to be installed in millions of homes will leave householders vulnerable to cyber attacks, ministers have been warned. The intelligence agency GCHQ is said to have raised concerns over the security of the meters, which could enable hackers to steal personal details and defraud consumers by tampering with ...

  • Plague of the Cyber RATs: How a toxic computer code delivered by ‘Remote Access Trojans’ is an invisible army able to take over a petrochemical plant

    February 17, 2018

    On a broiling day last August, managers of a huge petrochemical plant in Saudi Arabia discovered to their horror that it had been attacked. The consequences could have been catastrophic: the invaders had seized command of its computerised control-and-safety system, and had the power to damage it severely. The attackers carried no guns, explosives, or conventional weapons. Yet ...

  • US special counsel indicts 13 members of Russia’s election meddling troll farm

    February 16, 2018

    Special Counsel Robert Mueller’s office said Friday that a grand jury has indicted 13 Russian nationals and three Russian entities accused of violating federal laws in order to interfere with US elections and political processes during the 2016 presidential race. The indictment says that the defendants, by early to mid-2016, were “supporting the presidential campaign of then-candidate Donald ...

  • Word-based Malware Attack Doesn’t Use Macros

    February 15, 2018

    Typically, inbox-based attacks that include malicious Microsoft Office attachments require adversaries to trick users into enabling macros. But researchers say they have identified a new malicious email campaign that uses booby-trapped Office attachments that are macro-free. The attacks do not generate the same type of default warning from Microsoft associated with macro-based attacks, according to research ...

  • Hack the Air Force 2.0 uncovers over 100 vulnerabilities

    February 15, 2018

    The second Hack the Air Force bug bounty challenge, Hack the Air Force 2.0, has resulted in 106 vulnerabilities being reported and fixed. On Thursday, bug bounty platform HackerOne revealed that the 20-day competition to find vulnerabilities in federal systems resulted in $103,883 in payouts, bringing the total amount of financial rewards to over $233,000 to date. Hackers from ...

  • Unsecured server exposed thousands of FedEx customer records

    February 15, 2018

    FedEx has exposed private information belonging to thousands of its customers after a legacy server was left open without a password. The discovery was made by security researchers at the Kromtech Security Center, which posted details of the exposure alongside ZDNet. The data, hosted on a password-less Amazon S3 storage server, was secured Tuesday after efforts were made ...

  • A Single-Character Message Can Crash Any Apple iPhone, iPad Or Mac

    February 15, 2018

    Only a single character can crash your iPhone and block access to the Messaging app in iOS as well as popular apps like WhatsApp, Facebook Messenger, Outlook for iOS, and Gmail. First spotted by Italian Blog Mobile World, a potentially new severe bug affects not only iPhones but also a wide range of Apple devices, including iPads, Macs ...

  • UK names Russia as source of NotPetya, USA follows suit

    February 15, 2018

    The United Kingdon’s Foreign and Commonwealth Office has formally “attributed the NotPetya cyber-attack to the Russian Government”, specifically the nation’s military. “The decision to publicly attribute this incident underlines the fact that the UK and its allies will not tolerate malicious cyber activity,” said a February-15th-dated statement from Foreign Office Minister for Cyber Security Lord (Tariq) Ahmad of ...

  • Reported Critical Vulnerabilities In Microsoft Software On the Rise

    February 15, 2018

    The number of reported vulnerabilities in Microsoft software has mounted from 325 in 2013 to 685 last year, a rise of 111 percent, according to new research. Moreover, there has also been a 54 percent increase in critical Microsoft vulnerabilities since 2016, researchers at Avecto said in their report, which is based on data from Microsoft’s Security ...

  • Equifax Lost Even More Information on Consumers Than It Told the Public

    February 14, 2018

    Confidential documents filed with the US Senate Banking Committee suggest that Equifax could have lost considerably more personal information about over 145 million Americans to hackers than it’s publicly let on, CNN Money reported. While Equifax had disclosed that names, dates of birth, and Social Security numbers might have been compromised, as well as some drivers’ license ...

  • Researchers Find New Twists In ‘Olympic Destroyer’ Malware

    February 14, 2018

    Researchers have uncovered new wrinkles in the “Olympic Destroyer” malware attack that targeted the Winter Olympics in Pyeongchang, South Korea. Cisco Talos researchers now believe the malware also wipes files on shared network drives. Originally researchers believed the malware only targeted single endpoints. Researchers also now believe the credentials-stealing component of the malware is more dynamic than originally ...

  • Unicode Technique Used to Deliver Cryptomining Malware Through Telegram

    February 13, 2018

    Attackers are using the time-tested right-to-left override technique to deliver cryptomining malware through the popular Telegram messaging application, say researchers. The right-to-left (RLO) technique uses Unicode to hide malicious file names and trick users into executing what appear to be benign files. It is a tactic that enables malware authors to hide the real name of ...

  • German court rules Facebook’s use of personal data ‘illegal’

    February 13, 2018

    A German consumer rights group has said that a court had found Facebook’s use of personal data to be illegal because the US social media platform did not adequately secure the informed consent of its users. The verdict, from a Berlin regional court, comes as Big Tech faces increasing scrutiny in Germany over its handling of sensitive personal data that enables ...

  • PyeongChang 2018 Winter Olympics Opening Ceremony Disrupted by Malware Attack

    February 12, 2018

    The Pyeongchang Winter Olympics taking place in South Korea was disrupted over the weekend following a malware attack before and during the opening ceremony on Friday. The cyber attack coincided with 12 hours of downtime on the official website for the Winter Games, the collapse of Wi-Fi in the Pyeongchang Olympic stadium and the failure of ...

  • UK Government website offline after hack infects thousands more worldwide

    February 11, 2018

    More than 5,000 websites have been hacked to force visitors’ computers to run software that mines a cryptocurrency similar to Bitcoin. Users loading the websites of the Information Commissioner’s Office, the Student Loans Company, as well as the council websites for Manchester City, Camden, and Croydon – and even the homepage of the United States Courts ...

  • Zerodium offers $45,000 for Linux zero-day vulnerabilities

    February 9, 2018

    Zerodium is offering $45,000 to hackers willing to privately report zero-day vulnerabilities in the Linux operating system. On Thursday, the private exploit acquisition program announced the new addition to its bounties on Twitter. Until 31 March, Zerodium is willing to offer increased payouts of up to $45,000 for local privilege escalation (LPE) exploits. Read more… Source: ZDNet  

  • Australia stepping up foreign cooperation on state-level cyber deterrence

    February 9, 2018

    The Australian government is increasingly concerned about the blurring of state and non-state activity, in particular that certain states have used third-party criminal groups to mask their cyber-based activity, a joint parliamentary committee has heard. Addressing an inquiry into Australia’s trade system and the digital economy on Friday, Australia’s first Ambassador for Cybercrime Tobias Feakin said ...

  • Crucial iPhone source code posted in unprecedented leak

    February 8, 2018

    Critical, top secret Apple code for the iPhone’s operating system was posted on Github, opening a new, dangerous avenue for hackers and jailbreakers to access the device, Motherboard reported. The code, known as “iBoot,” has since been pulled, but Apple may have confirmed it was the real deal when it issued a DMCA takedown to Github, as Twitter user ...