News


  • Cyber security threat to Britain’s oil and gas sites as attack could cause ‘unprecedented damage’

    August 17, 2018

    Brian Lord OBE says a successful attack on its infrastructure could cause “unprecedented damage” and “unrest across the world”. With a complex ecosystem of computation, networking, and physical operational processes spread around the world the industry has a large attack surface with many attack vectors. A typical large oil and gas company uses half a million processors ...

  • Philips Vulnerability Exposes Sensitive Cardiac Patient Information

    August 17, 2018

    The unpatched flaw would allow a bad actor to execute information-exfiltrating malware, backdoors, ransomware or any other kind of bad code he or she chose. A vulnerability in the Philips IntelliSpace Cardiovascular (ISCV) line of medical data management products would allow privilege escalation and arbitrary code execution – opening the door for an attacker to siphon ...

  • ​China aims to narrow cyberwarfare gap with US

    August 17, 2018

    China is looking to narrow the gap with the US in terms of cyberwarfare capabilities, according to an assessment of Chinese military capabilities published by the Department of Defense (DoD). The Pentagon report said that in recent years the Chinese army has emphasized the importance of cyberspace for national security because of the country’s increasing reliance on ...

  • Apple files stored by teen in ‘hacky hack hack’ folder

    August 17, 2018

    A teenage boy from Australia has pleaded guilty to hacking into Apple’s network and downloading internal files, according to reports. The 16-year-old accessed 90 gigabytes worth of files, breaking into the system many times over the course of a year from his suburban home in Melbourne, reports The Age newspaper. It says he stored the documents in a ...

  • FBI Warns Of ATM Hacking Campaign

    August 16, 2018

    The FBI has warned banks that cybercriminals are preparing to carry out a “highly choreographed, global fraud scheme known as an ‘ATM cash-out’.” The threat, reported by Krebs On Security cybersecurity blog, will apparently see criminals hacking a bank or payment card processor, and using cloned cards at ATMs around the world to fraudulently withdraw “millions of ...

  • Highly Flexible Marap Malware Enters the Financial Scene

    August 16, 2018

    A new downloader, which has been spotted in an array of recent email campaigns, uses anti-analysis techniques and calls in a system fingerprinting module. A newly discovered downloader malware has been discovered as part of a new campaign primarily targeting financial institutions. Researchers at Proofpoint said today that the downloader – dubbed “Marap” after its command-and-control phone-home ...

  • Botched CIA Communications System Helped Blow Cover of Chinese Agents

    August 15, 2018

    It was considered one of the CIA’s worst failures in decades: Over a two-year period starting in late 2010, Chinese authorities systematically dismantled the agency’s network of agents across the country, executing dozens of suspected U.S. spies. But since then, a question has loomed over the entire debacle. How were the Chinese able to roll up ...

  • UK MoD teams up with TechVets to train veterans in cyber security

    August 15, 2018

    The Ministry of Defence (MoD) has signed a partnership agreement with the not-for-profit start-up TechVets to help veterans get jobs in the cyber security and technology sector, TechVets, which specialises in helping veterans get jobs in the tech sector, will work with the MOD’s flagship training programme for service leavers, under a new agreement. The agreement will ...

  • Microsoft Releases Patches for 60 Flaws – Two Under Active Attack

    August 14, 2018

    Get your update caps on. Just a few minutes ago Microsoft released its latest monthly Patch Tuesday update for August 2018, patching a total of 60 vulnerabilities, of which 19 are rated as critical. The updates patch flaws in Microsoft Windows, Edge Browser, Internet Explorer, Office, ChakraCore, .NET Framework, Exchange Server, Microsoft SQL Server and Visual Studio. Two ...

  • Researchers Disclose New Foreshadow (L1TF) Vulnerabilities Affecting Intel CPUs

    August 14, 2018

    Academics and private sector researchers have revealed details today about three new vulnerabilities affecting Intel CPUs. All three are Spectre-class attacks that take advantage of a CPU design feature named speculative execution —a feature found in all modern CPUs that has the role of improving performance by computing operations in advance and later discarding unneeded data. These flaws target ...

  • Australia plans law for tech firms to hand over encrypted private data

    August 14, 2018

    Australia on Tuesday proposed a new law requiring technology firms such as Alphabet Inc’s Google, Facebook and Apple to give police access to private encrypted data linked to suspected illegal activities. The measure, which targets platforms the Australian government says could be used for criminal activities or to plan a terror attack, would require police to ...

  • Postmortem of a Compromised MikroTik Router

    August 14, 2018

    Cryptocurrency coinminers are the new ransomware and malicious actors have already pounced on the opportunity to make their fortune. Symantec has been tracking a large-scale coin-mining campaign which, as per Shodan, has currently infected about 157,000 MikroTik routers. Researchers discovered this coin-mining campaign in early August 2018. The campaign was initially concentrated in Brazil; however, it soon began ...

  • India’s Cosmos Bank loses $13.5 mln in cyber attack

    August 14, 2018

    Cyber criminals hacked the systems of India’s Cosmos Bank and siphoned off nearly 944 million rupees ($13.5 million) through simultaneous withdrawals across 28 countries over the weekend, the bank has told police. The co-operative bank said unidentified hackers stole customer information through a malware attack on its automated teller machine (ATM) server, withdrawing 805 million rupees ...

  • Victims Lose Access to Thousands of Photos as Instagram Hack Spreads

    August 14, 2018

    In a probable quest to build a botnet, someone is hacking Instagram accounts, deleting handles, avatars and personal details, and linking them to a new email address. An Instagram hack is spreading across the internet, with increasing numbers of victims finding their accounts hijacked and personal details altered — and account recovery so far impossible. Read more… Source: ...

  • US voting systems: Full of holes, loaded with pop music, and ‘hacked’ by an 11-year-old

    August 13, 2018

    DEF CON Hackers of all ages have been investigating America’s voting machine tech, and the results weren’t great. For instance, one 11-year-old apparently managed to hack and alter a simulated Secretary of State election results webpage in 10 minutes. The Vote Hacking Village, one of the most packed-out locations at this year’s DEF CON hacking conference in Las ...

  • ex-NSA Hacker Discloses macOS High Sierra Zero-Day Vulnerability

    August 13, 2018

    Your Mac computer running the Apple’s latest High Sierra operating system can be hacked by tweaking just two lines of code, a researcher demonstrated at the Def Con security conference on Sunday. Patrick Wardle, an ex-NSA hacker and now Chief Research Officer of Digita Security, uncovered a critical zero-day vulnerability in the macOS operating system that ...

  • DEF CON 2018: Hacking Medical Protocols to Change Vital Signs

    August 11, 2018

    In recent years there has been more attention paid to the security of medical devices; however, there has been little security research done on the unique protocols used by these devices. Many of the insulin pumps, heart monitors and other gadgets found in hospital rooms use aging protocol to communicate with nurses’ stations and doctors; ...

  • Researchers Developed Artificial Intelligence-Powered Stealthy Malware

    August 9, 2018

    Artificial Intelligence (AI) has been seen as a potential solution for automatically detecting and combating malware, and stop cyber attacks before they affect any organization. However, the same technology can also be weaponized by threat actors to power a new generation of malware that can evade even the best cyber-security defenses and infects a computer network ...

  • A First Look at the North Korean Malware Family Tree

    August 9, 2018

    Security researchers have analyzed malware samples from threat actors associated with North Korea and discovered connections with tools from older unattributed campaigns. The research is spread over several months and connects a diverse range of operations from cyberespionage to financially-motivated campaigns. The campaigns analyzed by the researchers and a timeline of their release can be shown below. Read more: Source: ...

  • New Actor DarkHydrus Targets Middle East with Open-Source Phishing

    August 9, 2018

    DarkHydrus uses the open-source Phishery tool to create two of the known Word documents used in the attacks. Government entities and educational institutions in the Middle East are under attack in an ongoing credential-harvesting campaign, mounted by a newly-named threat group known as DarkHydrus. In a twist on the norm, the group is leveraging the open-source ...