July 20, 2017

Apple released iOS 10.3.3 Wednesday, which serves as a cumulative update that includes patches for multiple vulnerabilities including the high-profile BroadPwn bug that allowed an attacker to seize control of a targeted iOS device. BroadPwn was revealed earlier this month as a flaw in Broadcom Wi-Fi chipsets used in Apple and Android devices. Apple said the ...

July 20, 2017

Two major law enforcement operations, led by the Federal Bureau of Investigation (FBI), the US Drug Enforcement Agency (DEA) and the Dutch National Police, with the support of Europol, have shut down the infrastructure of an underground criminal economy responsible for the trading of over 350 000 illicit commodities including drugs, firearms and cybercrime malware. ...

July 20, 2017

Quantum computing offers processing power so vast it may soon make today’s supercomputers look as crude as 1980s PCs. There’s a downside—the technology might also render the most secure encryption systems obsolete, cracking codes in a matter of minutes rather than months or years. Gregoire Ribordy says he has a solution. And it’s selling fast ...

July 19, 2017

A security researcher has discovered a code injection vulnerability in the thumbnail handler component of GNOME Files file manager that could allow hackers to execute malicious code on targeted Linux machines. Dubbed Bad Taste, the vulnerability (CVE-2017-11421) was discovered by German researcher Nils Dagsson Moskopp, who also released proof-of-concept code on his blog to demonstrate the ...

July 18, 2017

Oracle admins are today staring down the barrel of the biggest quarterly Critical Patch Update ever. The numbers are gory: 308 vulnerabilities patched, 165 of which are remotely exploitable, across more than 90 products. So far in 2017, Oracle has patched 878 vulnerabilities through three CPUs. System and network admins have never been taxed from a patching ...

July 18, 2017

A senator who’s been pushing US government agencies to adopt better cybersecurity hygiene is calling out the Department of Homeland Security for not using a standard technology that would protect people who receive emails from DHS from fraud, spam, and phishing attempts. The technology in question is known as DMARC (Domain-based Message Authentication, Reporting and Conformance) ...

July 18, 2017

Security researchers have discovered a critical remotely exploitable vulnerability in an open-source software development library used by major manufacturers of the Internet-of-Thing devices that eventually left millions of devices vulnerable to hacking. The vulnerability (CVE-2017-9765), discovered by researchers at the IoT-focused security firm Senrio, resides in the software development library called gSOAP toolkit (Simple Object Access ...

July 17, 2017

All it took was just 3 minutes and ‘a simple trick‘ for a hacker to steal more than $7 Million worth of Ethereum in a recent blow to the crypto currency market. The heist happened after an Israeli blockchain technology startup project for the trading of Ether, called CoinDash, launched an Initial Coin Offering (ICO), allowing ...

July 17, 2017

A highly critical vulnerability has been discovered in the Cisco Systems’ WebEx browser extension for Chrome and Firefox, for the second time in this year, which could allow attackers to remotely execute malicious code on a victim’s computer. Cisco WebEx is a popular communication tool for online events, including meetings, webinars and video conferences that help ...

July 17, 2017

Lloyd’s of London has warned that a serious cyber-attack could cost the global economy more than $120bn (£92bn) – as much as catastrophic natural disasters such as Hurricanes Katrina and Sandy. Published two months after a ransomware cyber-attack that hobbled NHS hospitals and hit nearly 100 countries, a 56-page report from the world’s oldest insurance market ...

July 17, 2017

A new cybersecurity accelerator program is set to launch in Melbourne this month, thanks to an incubator partnership between Deakin University and Dimension Data. The program, CyRise, is now looking for early-stage cybersecurity entrepreneurs and professionals from across Australia, New Zealand and APAC to apply for the six-month program. Participants will be based in Melbourne CBD coworking ...

July 16, 2017

Imagine driving your pickup truck off-road and suddenly having your airbags and seat belts malfunction because of an object striking the undercarriage. That causes a software error in your smart vehicle, causing the computer to incorrectly turn off critical equipment that protects you. Sounds far fetched? It shouldn’t. It’s part of a recall notice that affected more than 200,000 ...