News


  • How US Military Hackers Prepared to Hack the Islamic State

    August 1, 2018

    In 2016, US Cyber Command (CYBERCOM), a part of the military tasked with conducting offensive cyber operations, hacked internet infrastructure used by the so-called Islamic State. Now, redacted versions of formerly Top Secret and other classified documents obtained by Motherboard lay out the contours of how CYBERCOM planned that operation, taking into account political fallout, ...

  • DOJ Nab Three FIN7 Cybercrime Suspects in Europe

    August 1, 2018

    Three people believed to be member of the FIN7 (or Carbanak) hacking group have been arrested in Europe, according to the US DOJ. Three suspected members of the FIN7 cybercrime group have been arrested in Europe and accused of hacking more than 120 U.S.-based companies with the intent of stealing bank cards. In total, U.S. Department of ...

  • New Homeland Security Center to Guard Against Cyberattacks

    July 31, 2018

      Homeland Security Secretary Kirstjen Nielsen says the growing cyber threat cannot be underestimated and government and the public must work together to battle it. Nielsen spoke at a cybersecurity summit Tuesday. She announced the creation of the National Risk Management Center at the department. It’s aimed at guarding energy companies, banks and other industries against cyberattacks. ...

  • NSO Spyware Targets Saudi Human Rights Activists and Researchers

    July 31, 2018

    Amnesty International, one of the most prominent non-profit human rights organizations in the world, claims one of its staff members has been targeted by a sophisticated surveillance toolmade by Israel’s NSO Group. The NSO Group is an Israeli firm that’s mostly known for selling high-tech spyware and surveillance malware capable of remotely cracking into Apple’s iPhones and Google’s Android devices to intelligence ...

  • Pentagon Circulates Software ‘Do Not Buy’ List

    July 30, 2018

    The US Department of Defence has begun circulating a “do not buy” list of software it considers to have Russian and Chinese connections, in the country’s latest tightening of restrictions on foreign tech influence. The Chinese and Russian governments have called previous US restrictions on companies such as Russian security software firm Kaspersky Lab and Chinese telecoms equipment ...

  • DMARC Compliance Lacking in 28 Percent of .Gov Agencies

    July 30, 2018

    Despite a looming deadline, over a quarter of federal agencies are still not using basic email security tools. ` As phishing ploys continue to take their toll on businesses, federal agencies have yet to fully protect themselves against such attacks with basic defenses like DMARC. With only months to go before the federal Binding Operational Directive ...

  • Activist Publishes 11,000 Private DMs Between Wikileaks and Its Supporters

    July 30, 2018

    Wikileaks is possibly the most opaque transparency organization. The group, founded by Julian Assange, sometimes hides its true motives, and has not published any information about its own finances in years, despite amassing tens of millions of dollars worth of cryptocurrency. Now, an activist who has developed an adversarial relationship with the group has published over 11,000 Wikileaks Twitter direct ...

  • Imperva acquires app security firm Prevoty in $140m deal

    July 27, 2018

    Imperva has announced the acquisition of Prevoty in a deal worth $140 million. On Thursday, Redwood Shores, Calif.-based Imperva said that together with Prevoty, the companies would “provide comprehensive security solutions to protect application services residing on-premises and in the cloud.” The acquisition has been agreed for $140 million in cash, subject to working capital. Read more… Source: ZDNet

  • Ransomware Attack Cripples Cosco Shipping Network – Report

    July 26, 2018

    A shipping giant is likely to run up in millions of dollars of additional costs after a ransomware attack apparently crippled its US network. The attack was against COSCO (China Ocean Shipping Company), which is a Chinese owned shipping giant. It comes after its larger shipping rival Maersk admitted in August 2017 that its operations had been impacted by ...

  • Poor cybersecurity could destabilise increasingly complex energy grids

    July 26, 2018

    The future of smart energy grids, with automatic management of both supply and demand, is “looking really interesting”, says Phil Kernick, chief technology officer at security firm CQR Consulting. But the current state of the technology and its security is a problem. “The distribution systems and the generation systems were deployed a decade and a half ...

  • NetSpectre — New Remote Spectre Attack Steals Data Over the Network

    July 26, 2018

    A team of security researchers has discovered a new Spectre attack that can be launched over the network, unlike all other Spectre variants that require some form of local code execution on the target system. Dubbed “NetSpectre,” the new remote side-channel attack, which is related to Spectre variant 1, abuses speculative execution to perform bounds-check bypass ...

  • Hackers Breach Virginia Bank, Make Off With Millions

    July 25, 2018

    Hackers have compromised a bank in the United States twice in the past eight months and made off with millions of dollars. But the cyber attacks has resulted in a spat between the bank and its insurer provider which is refusing to fully cover the losses. The incident is a salient reminder of the online threat being ...

  • US firms overconfident in their cybersecurity preparedness

    July 25, 2018

    A new survey finds that American firms overrate how prepared they are for a cyberattack. Research and consulting firm Ovum found that 68% of US firms believe they have better-than-average cyber-readiness for their industry. As humans, we often overrate our own abilities, with more than 50% of a group thinking they’re above-average at some task, like ...

  • iPhone Hacking Campaign Using MDM Software Is Broader Than Previously Known

    July 25, 2018

    India-linked highly targeted mobile malware campaign, first unveiled two weeks ago, has been found to be part of a broader campaign targeting multiple platforms, including windows devices and possibly Android as well. As reported in our previous article, earlier this month researchers at Talos threat intelligence unit discovered a group of Indian hackers abusing mobile device management (MDM) ...

  • Leafminer: New Espionage Campaigns Targeting Middle Eastern Regions

    July 25, 2018

    Active attack group is eager to make use of available tools, research, and the work of other threat actors. Symantec has uncovered the operations of a threat actor named Leafminer that is targeting a broad list of government organizations and business verticals in various regions in the Middle East since at least early 2017. The group tends ...

  • Japan crafts new cybersecurity strategy for 2020 Tokyo Olympics

    July 25, 2018

    The government crafted a new cybersecurity strategy Wednesday as it steps up preparations for the Tokyo Olympic and Paralympic Games in 2020. During a meeting at the prime minister’s office, it also decided to introduce a five-stage index to classify the severity of cyberattacks to help people understand the magnitude of threats and take necessary action. The ...

  • No big deal… Kremlin hackers ‘jumped air-gapped networks’ to pwn US power utilities

    July 24, 2018

      The US Department of Homeland Security is once again accusing Russian government hackers of penetrating America’s critical infrastructure. Uncle Sam’s finest reckon Moscow’s agents managed to infiltrate computers networks within US electric utilities – to the point where the miscreants could have virtually pressed the off switch in control rooms, yanked the plug on the Yanks, ...

  • Emotet Malware Evolves Beyond Banking to Threat Delivery Service

    July 24, 2018

    The Emotet trojan has been popping up in the news for years: From widespread malspam infections of banking German targets in 2014, all the way up to the costly infection of a New Hampshire town’s computer network in July. And while the tricky Emotet malware first emerged targeting banking credentials, lately researchers have spotted the trojan ...

  • New Bluetooth Hack Affects Millions of Devices from Major Vendors

    July 23, 2018

    Yet another bluetooth hacking technique has been uncovered. A highly critical cryptographic vulnerability has been found affecting some Bluetooth implementations that could allow an unauthenticated, remote attacker in physical proximity of targeted devices to intercept, monitor or manipulate the traffic they exchange. The Bluetooth hacking vulnerability, tracked as CVE-2018-5383, affects firmware or operating system software drivers from ...

  • Massive Malspam Campaign Finds a New Vector for FlawedAmmyy RAT

    July 20, 2018

    A widespread spam campaign from the well-known financial criminal group TA505 is spreading the FlawedAmmyy RAT using a brand-new vector: Weaponized PDFs containing malicious SettingContent-ms files. The SettingContent-ms file format was introduced in Windows 10; it allows a user to create “shortcuts” to various Windows 10 setting pages. “All this file does is open the Control Panel ...