News


  • Malware Distributors Adopt DKIM to Bypass Mail Filters

    October 25, 2018

    In July 2018, US-CERT raised an alert regarding the Emotet banking trojan, which is also being used to distribute a secondary malware known as “Trickbot”. This alert provided recommendations on how businesses can mitigate their exposure to the Trojan. Unfortunately, it looks like criminals are also reading the US-CERT’s warnings as they have adopted new techniques ...

  • Unusual Remote Execution Bug in Cisco WebEx Discovered by Researchers

    October 25, 2018

    While remote code execution vulnerabilities are pretty common, a new one discovered in Cisco’s WebEx online and video collaboration software is definitely different. That is because users can remotely execute commands through a component of the WebEx client even when WebEx does not listen for remote connections. Remote code execution vulnerabilities are bugs that allow a users ...

  • Cathay Pacific Data Breach Highlights A Need To Change Airline Security Focus

    October 25, 2018

    Cathay Pacific has been hit by a data breach affecting 9.4 million passengers of Cathay and Hong Kong Dragon Airlines, a serious exposure that shows—not for the first time—that the focus of airline security can’t be limited to airport terminals and aircraft cabins. First discovered in March, and confirmed in May of this year, the Cathay Pacific ...

  • ‘A cyber-attack could stop the country’

    October 25, 2018

    Superfast 5G mobile broadband could power smart cities and the internet of things, (IoT) but as more devices get connected, telecoms and security experts are warning that cyber-attacks could increase in number and severity. Our homes and cities are getting “smarter” – thermostats, video doorbells, sprinkler systems, street lights, traffic cameras, cars. all connected to the ...

  • British Airways: If you’re feeling left out of our 380,000 passenger hack, then you may be one of another 185,000 victims

    October 25, 2018

    British Airways’ horror hack is worse than first thought: the world’s favorite airline has added 185,000 cardholders to the pile of 380,000 potentially caught up in the IT security breach. In September, it emerged that hackers spent two weeks slurping the personal and payment card data of people who booked travel via BA’s website and mobile application. As ...

  • Pentagon Expands Bug-Bounty Program to Include Physical Systems

    October 25, 2018

    The news comes shortly after the DoD was called out for having rampant bugs in its weapons systems. The Department of Defense is expanding its “Hack the Pentagon” bug-bounty program to include hardware assets, tapping the Synack, HackerOne and Bugcrowd platforms to attract more white hats to the effort. The news comes two weeks after the Government ...

  • Ex spy bosses: Cyber-warfare needs rules of engagement

    October 24, 2018

    OpenWorld Former intelligence leaders have called for international terms of engagement in cyber warfare and greater collaboration between the public and private sectors to defend critical infrastructure. The comments came at a security-focused keynote at this year’s Oracle OpenWorld conference in San Francisco, where – instead of the usual parade of enthusiastic customers – co-CEO Mark Hurd ...

  • Critical Infrastructure & Supply Chain Remain Highly Vulnerable to Attacks

    October 24, 2018

    This week, the National Cyber Security Alliance (NCSA) reminds us that, “our day-to-day life depends on the country’s 16 sectors of critical infrastructure, which supply food, water, financial services, public health, communications and power along with other networks and systems. A disruption to this system, which is operated via the internet, can have significant and even catastrophic ...

  • IAEA Launches International Training Course on Protecting Nuclear Facilities from Cyber-Attacks

    October 24, 2018

    The International Atomic Energy Agency (IAEA) has introduced a new international training course (ITC) on protecting nuclear facilities from cyber-attacks, highlighting the Agency’s role in supporting national efforts to strengthen nuclear security. The inaugural course, Protecting Computer-Based Systems in Nuclear Security Regimes, was held earlier this month. It brought together 37 participants from 13 countries for two ...

  • StrongPity APT Changes Tactics to Stay Stealthy

    October 23, 2018

    After being exposed, the APT made minor adjustments in their tactics to stay off the security radar. The APT group behind the sophisticated malware known as StrongPity (a.k.a. Promethium) has changed its tactics, after various research groups analyzed the malware and exposed its methods of deployment. The efforts have allowed the group to return to hidden ...

  • Facebook approaches major cybersecurity firms, acquisition goals in mind

    October 22, 2018

    Facebook has promised rapid internal changes in the way our data, security, and privacy is managed in the wake of a massive data breach — but this may not be the only step the company plans to take. Evidence has been gathered which demonstrates that Russian operatives covertly used the social network to spread fake news ...

  • Two Critical RCE Bugs Patched in Drupal 7 and 8

    October 20, 2018

    Drupal is urging users to upgrade to the latest release that fixes two critical remote code execution bugs impacting Drupal 7 and Drupal 8. Developers have also identified three additional “moderately critical” vulnerabilities. “A remote attacker could exploit some of these vulnerabilities to take control of an affected system,” according to a security bulletin posted by the United States ...

  • HealthCare.gov system hack leaves 75,000 individuals exposed

    October 20, 2018

    A hack was detected earlier this month in a government computer system that works alongside HealthCare.gov, exposing the personal information of approximately 75,000 people, according to the agency in charge of the portal. In a statement to CNN, the Centers for Medicare and Medicaid Services (CMS) said the system that was exposed through the hack was ...

  • jQuery File Upload Plugin Vulnerable for 8 Years and Only Hackers Knew

    October 19, 2018

    Of the thousands of plugins for the jQuery framework, one of the most popular of them harbored for at least three years an oversight in code that eluded the security community, despite public availability of tutorials that explained how it could be exploited. The bug affects the widely used jQuery File Upload widget and allowed an attacker to upload ...

  • Kaspersky says it detected infections with DarkPulsar, alleged NSA malware

    October 19, 2018

    Kaspersky Lab said today that it detected computers infected with DarkPulsar, a malware implant that has been allegedly developed by the US National Security Agency (NSA). “We found around 50 victims, but believe that the figure was much higher,” Kaspersky Lab researchers said today. “All victims were located in Russia, Iran, and Egypt, and typically Windows 2003/2008 ...

  • Oceansalt cyberattack wave linked to defunct Chinese APT Comment Crew

    October 18, 2018

    A fresh wave of cyberattacks striking the US, South Korea, and Canada has been connected to an APT group with ties to the Chinese military. On Thursday, cybersecurity researchers from McAfee’s Advanced Threat Research team said they have discovered a new campaign which focuses on cyberespionage and data reconnaissance. South Korea appears to be the primary target of the ...

  • SettingContent-ms can be Abused to Drop Complex DeepLink and Icon-based Payload

    October 18, 2018

    Microsoft’s SettingContent-ms has become a recent topic of interest. In July, we saw one spam campaign use malicious SettingContent-ms files embedded in a PDF to drop the remote access Trojan FlawedAmmyy, a RAT also used by the Necurs botnet. That campaign was mostly targeting banks in different countries across Asia and Europe. SettingContent-ms is a recent addition to ...

  • Critical Flaws Found in Amazon FreeRTOS IoT Operating System

    October 18, 2018

    A security researcher has discovered several critical vulnerabilities in one of the most popular embedded real-time operating systems—called FreeRTOS—and its other variants, exposing a wide range of IoT devices and critical infrastructure systems to hackers What is FreeRTOS (Amazon, WHIS OpenRTOS, SafeRTOS)? FreeRTOS is a leading open source real-time operating system (RTOS) for embedded systems that has ...

  • How Shodan helps identify ICS cybersecurity vulnerabilities

    October 18, 2018

    An industrial control system is essentially a collection of computers that monitor and control industrial systems. They make the world move and help with everything from food processing to transportation to running the espresso maker at your local Starbucks. The challenge is an industrial control system (ICS) can be readily attacked by advanced persistent threat groups, ...

  • Simplifying identity and access management for more businesses

    October 17, 2018

    Effective identity management underpins the modern enterprise, and Google has been hard at work to provide simple, secure solutions for administrators and developers. In March, we launched Cloud Identity to help customers manage users, devices and apps from a central console. In July, we announced context-aware access, an innovative approach to access management that implements many elements of Google’s BeyondCorp ...