News


  • Health Care Data of 2 Million People in Mexico Exposed Online

    August 7, 2018

    A MongoDB database was exposed online that contained health care information for 2 million patients in Mexico. This data included information such as the person’s full name, gender, date of birth, insurance information, disability status, and home address. The database was discovered by security researcher Bob Diachenko via Shodan, which is a search engine for all Internet connected devices and not just web ...

  • Ramnit Changes Shape with Widespread Black Botnet

    August 6, 2018

    A massive proxy botnet is just the tip of the iceberg, a warning sign of a bigger operation in the works by the Ramnit operators. The recently uncovered “Black” botnet campaign using the Ramnit malware racked up 100,000 infections in the two months through July– but the offensive could just be a precursor to a much ...

  • Can you recover the power grid after a cyberattack? The Department of Energy finds out

    August 6, 2018

    The US Department of Energy (DoE) is planning a “hands-on” test of the real-world consequences associated with successful cyberattacks against core country services. Cyberattacks levied against critical infrastructure, smart grids, and utilities are not a future possibility; but rather, they are happening now. Ukraine’s power grid blackout in 2016 was one of the first real indicators that ...

  • U.S. Payment Processing Services Targeted by BGP Hijacking Attacks

    August 6, 2018

    According to a new report, three United States payment processing companies were targeted by BGP hijacking attacks on their DNS servers. These Internet routing attacks were designed to redirect traffic directed at the payment processors to servers controlled by malicious actors who would then attempt to steal the data. On three separate dates in July, Oracle ...

  • Computer Virus Cripples IPhone Chipmaker TSMC Plants

    August 4, 2018

    A computer virus halted several Taiwan Semiconductor Manufacturing Co.factories Friday night, dealing the company one of its most severe disruptions as it ramps up chipmaking for Apple Inc.’s next iPhones. The sole maker of the iPhone’s main processor said a number of its fabrication tools had been infected, and while it had contained the problem and resumed some ...

  • Google Project Zero: ‘Here’s the secret to flagging up bugs before hackers find them’

    August 3, 2018

    Samsung’s utterly confusing vulnerability reporting website has prompted one of Google’s top security researchers to explain how companies should help researchers report bugs and eliminate hackable flaws in products quickly. Google’s Project Zero bug hunter, Natalie Silvanovich, who Microsoft has recognized as a top 10 researcher in the world, has a few tips for vendors of all types ...

  • FBI struggles to retain top cyber talent

    August 3, 2018

    The recent departures of four top FBI cyber officials reflect a troubling trend: The bureau is losing its most seasoned agents and supervisors tasked with disrupting digital threats from Russia and elsewhere, even as threats to the nation’s power grid and elections grow. Close to 20 top FBI cybersecurity leaders have left for high-paying corporate jobs over the ...

  • Salesforce.com Warns Marketing Customers of Data Leakage SNAFU

    August 3, 2018

    Potentially impacted customers include organizations like Aldo, Dunkin Donuts, GE, HauteLook, Nestle Waters, News Corp Australia and Sony. Cloud behemoth Salesforce.com is warning customers about an API error that may have leaked data for some users of its Marketing Cloud offering. The issue was in play between June 4 to July 18, according to an alert that ...

  • How US Military Hackers Prepared to Hack the Islamic State

    August 1, 2018

    In 2016, US Cyber Command (CYBERCOM), a part of the military tasked with conducting offensive cyber operations, hacked internet infrastructure used by the so-called Islamic State. Now, redacted versions of formerly Top Secret and other classified documents obtained by Motherboard lay out the contours of how CYBERCOM planned that operation, taking into account political fallout, ...

  • DOJ Nab Three FIN7 Cybercrime Suspects in Europe

    August 1, 2018

    Three people believed to be member of the FIN7 (or Carbanak) hacking group have been arrested in Europe, according to the US DOJ. Three suspected members of the FIN7 cybercrime group have been arrested in Europe and accused of hacking more than 120 U.S.-based companies with the intent of stealing bank cards. In total, U.S. Department of ...

  • New Homeland Security Center to Guard Against Cyberattacks

    July 31, 2018

      Homeland Security Secretary Kirstjen Nielsen says the growing cyber threat cannot be underestimated and government and the public must work together to battle it. Nielsen spoke at a cybersecurity summit Tuesday. She announced the creation of the National Risk Management Center at the department. It’s aimed at guarding energy companies, banks and other industries against cyberattacks. ...

  • NSO Spyware Targets Saudi Human Rights Activists and Researchers

    July 31, 2018

    Amnesty International, one of the most prominent non-profit human rights organizations in the world, claims one of its staff members has been targeted by a sophisticated surveillance toolmade by Israel’s NSO Group. The NSO Group is an Israeli firm that’s mostly known for selling high-tech spyware and surveillance malware capable of remotely cracking into Apple’s iPhones and Google’s Android devices to intelligence ...

  • Pentagon Circulates Software ‘Do Not Buy’ List

    July 30, 2018

    The US Department of Defence has begun circulating a “do not buy” list of software it considers to have Russian and Chinese connections, in the country’s latest tightening of restrictions on foreign tech influence. The Chinese and Russian governments have called previous US restrictions on companies such as Russian security software firm Kaspersky Lab and Chinese telecoms equipment ...

  • DMARC Compliance Lacking in 28 Percent of .Gov Agencies

    July 30, 2018

    Despite a looming deadline, over a quarter of federal agencies are still not using basic email security tools. ` As phishing ploys continue to take their toll on businesses, federal agencies have yet to fully protect themselves against such attacks with basic defenses like DMARC. With only months to go before the federal Binding Operational Directive ...

  • Activist Publishes 11,000 Private DMs Between Wikileaks and Its Supporters

    July 30, 2018

    Wikileaks is possibly the most opaque transparency organization. The group, founded by Julian Assange, sometimes hides its true motives, and has not published any information about its own finances in years, despite amassing tens of millions of dollars worth of cryptocurrency. Now, an activist who has developed an adversarial relationship with the group has published over 11,000 Wikileaks Twitter direct ...

  • Imperva acquires app security firm Prevoty in $140m deal

    July 27, 2018

    Imperva has announced the acquisition of Prevoty in a deal worth $140 million. On Thursday, Redwood Shores, Calif.-based Imperva said that together with Prevoty, the companies would “provide comprehensive security solutions to protect application services residing on-premises and in the cloud.” The acquisition has been agreed for $140 million in cash, subject to working capital. Read more… Source: ZDNet

  • Ransomware Attack Cripples Cosco Shipping Network – Report

    July 26, 2018

    A shipping giant is likely to run up in millions of dollars of additional costs after a ransomware attack apparently crippled its US network. The attack was against COSCO (China Ocean Shipping Company), which is a Chinese owned shipping giant. It comes after its larger shipping rival Maersk admitted in August 2017 that its operations had been impacted by ...

  • Poor cybersecurity could destabilise increasingly complex energy grids

    July 26, 2018

    The future of smart energy grids, with automatic management of both supply and demand, is “looking really interesting”, says Phil Kernick, chief technology officer at security firm CQR Consulting. But the current state of the technology and its security is a problem. “The distribution systems and the generation systems were deployed a decade and a half ...

  • NetSpectre — New Remote Spectre Attack Steals Data Over the Network

    July 26, 2018

    A team of security researchers has discovered a new Spectre attack that can be launched over the network, unlike all other Spectre variants that require some form of local code execution on the target system. Dubbed “NetSpectre,” the new remote side-channel attack, which is related to Spectre variant 1, abuses speculative execution to perform bounds-check bypass ...

  • Hackers Breach Virginia Bank, Make Off With Millions

    July 25, 2018

    Hackers have compromised a bank in the United States twice in the past eight months and made off with millions of dollars. But the cyber attacks has resulted in a spat between the bank and its insurer provider which is refusing to fully cover the losses. The incident is a salient reminder of the online threat being ...