News


  • T-Mobile Hacked — 2 Million Customers’ Personal Data Stolen

    August 23, 2018

    T-Mobile today confirmed that the telecom giant suffered a security breach on its US servers on August 20 that may have resulted in the leak of “some” personal information of up to 2 million T-Mobile customers. The leaked information includes customers’ name, billing zip code, phone number, email address, account number, and account type (prepaid or postpaid). However, the ...

  • DNC: Highly Publicized ‘Phishing Attempt’ Was Only a Security Test

    August 23, 2018

    An unnamed Democratic source told CNN Wednesday that the DNC was alerted to the presence of a spoofed log-in page designed to mimic VoteBuilder – a platform used by Democratic Party officials and campaigns across the country to manage the Democratic registered voter database. The alarm was raised by security researchers at Lookout and a cloud provider, the source ...

  • Superdrug hack: Data thieves claim to have information on 20,000 customers

    August 22, 2018

    Superdrug has been targeted by hackers claiming they had access to tens of thousands of customers’ personal details including dates of birth and phone numbers. The high street chain it had been contacted by someone who claimed that they had obtained the details of approximately 20,000 customers. The company confirmed that 386 of the accounts had been compromised and said ...

  • Legacy System Exposes Contact Info of BlackHat 2018 Attendees

    August 22, 2018

    Full contact information of everyone attending the BlackHat security conference this year has been exposed in clear text, a researcher has found. The data trove includes name, email, company, and phone number. The BlackHat 2018 conference badge came embedded with a near-field communication (NFC) tag that stored the contact details of the participant, for identification or for ...

  • New Attack Recovers RSA Encryption Keys from EM Waves Within Seconds

    August 22, 2018

    A research paper presented at the Usenix security conference last week detailed a new technique for retrieving encryption keys from electronic devices, a method that is much faster than all previously known techniques. The approach relies on recording electromagnetic (EM) emanations coming off a device as it performs an encryption or decryption operation. Read more… Source: Bleeping Computer  

  • New Apache Struts RCE Flaw Lets Hackers Take Over Web Servers

    August 22, 2018

    Semmle security researcher Man Yue Mo has disclosed a critical remote code execution vulnerability in the popular Apache Struts web application framework that could allow remote attackers to run malicious code on the affected servers. Apache Struts is an open source framework for developing web applications in the Java programming language and is widely used by enterprises globally, ...

  • Dark Tequila Banking Malware Uncovered After 5 Years of Activity

    August 21, 2018

    Security researchers at Kaspersky Labs have uncovered a new, complex malware campaign that has been targeting customers of several Mexican banking institutions since at least 2013. Dubbed Dark Tequila, the campaign delivers an advanced keylogger malware that managed to stay under the radar for five years due to its highly targeted nature and a few evasion techniques. Dark ...

  • DHS awards Booz Allen $1 billion cybersecurity contract

    August 21, 2018

    The Department of Homeland Security announced Tuesday it is awarding a $1.03 billion contract to Booz Allen Hamilton to boost cybersecurity vulnerability detection and mitigation in six federal agencies. Why it matters: Almost 75% of agencies are vulnerable to cyberattacks because they don’t understand their risk, the Office of Management and Budget found earlier this year. This is not Booz Allen’s first ...

  • Retro tech leaves NHS open to cyber-attacks, say researchers

    August 20, 2018

    Hackers could gain access to NHS networks by exploiting vulnerabilities in fax machines, security researchers have suggested. Staff at Check Point Software discovered exploits in widely-used fax machines that enable hackers to spread malware through a malicious image file. Malware can be coded into the image file which, when decoded by the fax machine and uploaded to its ...

  • EU considers 60-minute deadline for social networks to remove terrorist content

    August 20, 2018

    No longer the carrot, now the stick: the European Commission is considering imposing an hour-long deadline for social networks to remove terrorist and extremist content after voluntary measures appear to have failed. As reported by the Financial Times on Sunday, Facebook, Twitter, and YouTube, as well as smaller businesses, are all within the EU’s sights. This is the first ...

  • Army cyber protection teams upgrade training with a ‘real’ city

    August 20, 2018

    The Army’s cyber protection teams are upgrading their training program to include a real-life, round-the-clock, cyberattack on a city port. “There’s a dearth of realistic training venues,” John Nix, director of federal for SANS Institute, told FCW. “There are lots of cyber ranges, but they don’t have those rich training scenarios where you have an adversary ...

  • Australia only has 7 percent of the cybersecurity expertise that it needs

    August 20, 2018

    The introduction of the notifiable data breaches (NDB) scheme and EU general data protection regulation (GDPR) more than tripled demand for cybersecurity specialists between February and June this year, according to a review of job openings that suggests Australia only has 7 percent of the cybersecurity skills it needs. Job-ad site Indeed reviewed job postings requiring ...

  • Cyber security threat to Britain’s oil and gas sites as attack could cause ‘unprecedented damage’

    August 17, 2018

    Brian Lord OBE says a successful attack on its infrastructure could cause “unprecedented damage” and “unrest across the world”. With a complex ecosystem of computation, networking, and physical operational processes spread around the world the industry has a large attack surface with many attack vectors. A typical large oil and gas company uses half a million processors ...

  • Philips Vulnerability Exposes Sensitive Cardiac Patient Information

    August 17, 2018

    The unpatched flaw would allow a bad actor to execute information-exfiltrating malware, backdoors, ransomware or any other kind of bad code he or she chose. A vulnerability in the Philips IntelliSpace Cardiovascular (ISCV) line of medical data management products would allow privilege escalation and arbitrary code execution – opening the door for an attacker to siphon ...

  • ​China aims to narrow cyberwarfare gap with US

    August 17, 2018

    China is looking to narrow the gap with the US in terms of cyberwarfare capabilities, according to an assessment of Chinese military capabilities published by the Department of Defense (DoD). The Pentagon report said that in recent years the Chinese army has emphasized the importance of cyberspace for national security because of the country’s increasing reliance on ...

  • Apple files stored by teen in ‘hacky hack hack’ folder

    August 17, 2018

    A teenage boy from Australia has pleaded guilty to hacking into Apple’s network and downloading internal files, according to reports. The 16-year-old accessed 90 gigabytes worth of files, breaking into the system many times over the course of a year from his suburban home in Melbourne, reports The Age newspaper. It says he stored the documents in a ...

  • FBI Warns Of ATM Hacking Campaign

    August 16, 2018

    The FBI has warned banks that cybercriminals are preparing to carry out a “highly choreographed, global fraud scheme known as an ‘ATM cash-out’.” The threat, reported by Krebs On Security cybersecurity blog, will apparently see criminals hacking a bank or payment card processor, and using cloned cards at ATMs around the world to fraudulently withdraw “millions of ...

  • Highly Flexible Marap Malware Enters the Financial Scene

    August 16, 2018

    A new downloader, which has been spotted in an array of recent email campaigns, uses anti-analysis techniques and calls in a system fingerprinting module. A newly discovered downloader malware has been discovered as part of a new campaign primarily targeting financial institutions. Researchers at Proofpoint said today that the downloader – dubbed “Marap” after its command-and-control phone-home ...

  • Botched CIA Communications System Helped Blow Cover of Chinese Agents

    August 15, 2018

    It was considered one of the CIA’s worst failures in decades: Over a two-year period starting in late 2010, Chinese authorities systematically dismantled the agency’s network of agents across the country, executing dozens of suspected U.S. spies. But since then, a question has loomed over the entire debacle. How were the Chinese able to roll up ...

  • UK MoD teams up with TechVets to train veterans in cyber security

    August 15, 2018

    The Ministry of Defence (MoD) has signed a partnership agreement with the not-for-profit start-up TechVets to help veterans get jobs in the cyber security and technology sector, TechVets, which specialises in helping veterans get jobs in the tech sector, will work with the MOD’s flagship training programme for service leavers, under a new agreement. The agreement will ...