News


  • GLitch: New ‘Rowhammer’ Attack Can Remotely Hijack Android Phones

    May 3, 2018

    For the very first time, security researchers have discovered an effective way to exploit a four-year-old hacking technique called Rowhammer to hijack an Android phone remotely. Dubbed GLitch, the proof-of-concept technique is a new addition to the Rowhammer attack series which leverages embedded graphics processing units (GPUs) to carry out a Rowhammer attack against Android smartphones. Rowhammer is a problem ...

  • A critical security flaw in popular industrial software put power plants at risk

    May 2, 2018

    A severe vulnerability in a widely used industrial control software could have been used to disrupt and shut down power plants and other critical infrastructure. Researchers at security firm Tenable found the flaw in the popular Schneider Electric software, used across the manufacturing and power industries, which if exploited could have allowed a skilled attacker to ...

  • This malware checks your system temperature to sidestep sandboxing

    May 1, 2018

    GravityRAT is a Trojan which checks the temperature of a system to detect the presence of virtual machines (VMs) and prevent efforts at analysis by researchers. By taking thermal readings, the Remote Access Trojan (RAT), which has become a recent menace in India, attempts to find out whether or not VMs are being employed for the ...

  • Millions of Home Fiber Routers Vulnerable to Complete Takeover

    May 1, 2018

    Consumers lucky enough to have blazing-fast 1Gbps internet access in their homes are likely to use the internet more than lower-broadband households; however, millions of them are at risk for hackers to gain wide-ranging access to their internet activities (including being able to view full browsing histories). A comprehensive assessment of various GPON home routers by vpnMentor has ...

  • Volkswagen Cars Open To Remote Hacking, Researchers Warn

    May 1, 2018

    Over the last few years, automakers like Ford, Jeep, Nissan and Toyota have all suffered car-hacking vulnerabilities in their vehicles. Now,  it looks like Volkswagen has been pulled into the mix after researchers discovered that in-vehicle infotainment (IVI) systems in certain Volkswagen-manufactured cars could be remotely hacked. Not only that, but it’s possible to pivot to more critical ...

  • Who leaked the idea of ASD spying on Australians, and why?

    April 30, 2018

    “Secret plan to spy on Aussies,” The Sunday Telegraph headlined the story. “Two powerful government agencies are discussing radical new espionage powers that would see Australia’s cyber spy agency monitor Australian citizens for the first time.” It was a “power grab” detailed in “top secret letters” proposing that the Australian Signals Directorate (ASD) be able to use its cyber ...

  • KRACK Vulnerability Puts Medical Devices At Risk

    April 30, 2018

    A slew of devices from medical technology company Becton, Dickinson and Company (BD) are vulnerable to the infamous KRACK key-reinstallation attack, potentially enabling hackers to change and exfiltrate patient records. The KRACK vulnerability, discovered last October, is an industry-wide glitch in the WPA and WPA2 protocol for securing Wi-Fi that can cause “complete loss of control over data,” ...

  • Faulty Patch for Oracle WebLogic Flaw Opens Updated Servers to Hackers Again

    April 30, 2018

    Earlier this month, Oracle patched a highly critical Java deserialization remote code execution vulnerability in its WebLogic Server component of Fusion Middleware that could allow attackers to easily gain complete control of a vulnerable server. However, a security researcher, who operates through the Twitter handle @pyn3rd and claims to be part of the Alibaba security team, has now found a ...

  • ThaiCERT Seizes Hidden Cobra Server Linked to GhostSecret, Sony Attacks

    April 27, 2018

    Thailand’s Computer Emergency Response Team (ThaiCERT) has seized a server operated by the North Korea-linked Hidden Cobra APT, which is used to control the global GhostSecret espionage campaign. The campaign is still ongoing. ThaiCERT said in an alert on Wednesday that it is working with McAfee and law enforcement to analyze the control server, which was located at ...

  • Hackers build a ‘Master Key’ that unlocks millions of Hotel rooms

    April 25, 2018

    If you often leave your valuable and expensive stuff like laptop and passports in the hotel rooms, then beware. Your room can be unlocked by not only a malicious staff having access to the master key, but also by an outsider. A critical design vulnerability in a popular and widely used electronic lock system can be ...

  • Tech firms could face new EU regulations over fake news

    April 24, 2018

    EU security commissioner says new regulations may have to be brought in if tech firms fail to tackle issues voluntarily Brussels may threaten social media companies with regulation unless they move urgently to tackle fake news and Cambridge Analytica-style use of personal data before the European elections in 2019. The EU security commissioner, Julian King, said “short-term, ...

  • New Orangeworm attack group targets the healthcare sector in the U.S., Europe, and Asia

    April 23, 2018

    Symantec has identified a new attack group dubbed Orangeworm deploying the Kwampirs backdoor in a targeted attack campaign against the healthcare sector and related industries. Symantec has identified a previously unknown group called Orangeworm that has been observed installing a custom backdoor called Trojan.Kwampirs within large international corporations that operate within the healthcare sector in the United States, ...

  • A Lack Of Cybersecurity Funding And Expertise Threatens U.S. Infrastructure

    April 23, 2018

    As our physical infrastructure becomes increasingly digitalized, it also becomes increasingly vulnerable to cyber attack. Russian hackers, for example, have been trying to compromise U.S. electrical infrastructure for years, and successfully cut off power to hundreds of thousands of people throughout Ukraine in 2015 and again in 2016. Beyond our energy infrastructure, traffic signals are also susceptible to being hijacked, ...

  • Kaspersky Lab Discovers Russian Hacker Infrastructure

    April 23, 2018

    Compromised servers used by Crouching Yeti/Energetic Bear hacker group found by Kaspersky Lab A hacker collective known for attacking industrial companies around the world have had some of their infrastructure identified by Russian security specialists. Kaspersky Lab said that it has discovered a number of servers compromised by the group, belonging to different organisations based in Russia, ...

  • Gmail spam mystery: Why have secure accounts started spamming themselves?

    April 23, 2018

    Some Gmail users have been surprised to find spam inexplicably in their Sent folders, with the messages continuing to appear even after users changed their passwords. People have been reporting on Gmail’s Help Forum that the spam to unknown contacts appears to have come from their own account, causing concerns that affected accounts had been compromised. Read more… Source: ZDNet  

  • How to Steal Bitcoin Wallet Keys (Cold Storage) from Air-Gapped PCs

    April 23, 2018

    Dr. Mordechai Guri, the head of R&D team at Israel’s Ben Gurion University, who previously demonstrated various methods to steal data from an air-gapped computer, has now published new research named “BeatCoin.” BeatCoin is not a new hacking technique; instead, it’s an experiment wherein the researcher demonstrates how all previously discovered out-of-band communication methods can be ...

  • Nearly half of UK manufacturers hit by cyber attacks

    April 23, 2018

    Nearly half of UK manufacturers have been hit by a cyber security incident, according to a report by an industry organisation, which calls for greater government focus on the specific security needs of the sector Some 48% of UK manufacturers admit they have at some time been subject to a cyber security incident, with half of ...

  • NATO cyber defenders tested at world’s largest cyber drill

    April 20, 2018

    NATO cyber experts will test and train their ability to defend against cyber attacks in the in the largest international live-fire cyber defence exercise, Locked Shields (23 April – 27 April). A team of 30 from the NATO Communications and Information Agency (NCIA) will be taking part in the week-long event, alongside 1000 national experts from around 30 ...

  • Cyber crime now “generates $1.5tn per year”

    April 20, 2018

    Cyber crime generates $1.5tn (£1.1tn) in revenue every year, according to a groundbreaking report released at RSA Conference on Friday. The research, conducted by Surrey University criminologist Michael McGuire and commissioned by security firm Bromium, reveals that if cyber crime was a country, it would have the 13th highest GDP in the world. According to McGuire’s “conservative ...

  • Milipol Qatar’s 12th edition to be held from 29 to 31 October 2018

    April 19, 2018

    Middle East’s leading homeland security exhibition incorporates Civil Defence Exhibition and Conference for the first time and calls upon industry experts to take part in the 2018 edition Doha, Qatar –  April 2018: Milipol Qatar, the leading international exhibition dedicated to homeland security and Civil Defence in the Middle East, returns for its 12th edition this year, for ...