News • Insights • Analysis
Security researchers have warned that it might be possible to destabilise a container ship by manipulating the vessel stowage plan or “Bay Plan”. The issue stems from the absence of security in BAPLIE EDIFACT, a messaging system used to create Read More …
It doesn’t have a super-sexy moniker like KRACK or Heartbleed, but the spectre of the insider threat looms large for organisations, and has done so for as long as electricity, silicon, and computing have been paired up to store information. While it’s easy Read More …
Three misconfigured AWS S3 buckets have been discovered wide open on the public internet containing “dozens of terabytes” of social media posts and similar pages – all scraped from around the world by the US military to identify and profile Read More …
Oracle pushed out an emergency update for vulnerabilities affecting several of its products that rely on its proprietary Jolt protocol. The bugs were discovered by researchers at ERPScan who named the series of five vulnerabilities JoltandBleed. The vulnerabilities are severe, with two Read More …
Remember BlueBorne? A series of recently disclosed critical Bluetooth flaws that affect billions of Android, iOS, Windows and Linux devices have now been discovered in millions of AI-based voice-activated personal assistants, including Google Home and Amazon Echo. As estimated during the discovery of this devastating Read More …
Online scams and physical crimes are known to intersect. In an incident last May, we uncovered a modus operandi and the tools they can use to break open iCloud accounts to unlock stolen iPhones. Further research into their crossover revealed how Read More …
Security researchers have discovered a new, sophisticated form of malware based on the notorious Zeus banking Trojan that steals more than just bank account details. Dubbed Terdot, the banking Trojan has been around since mid-2016 and was initially designed to operate as Read More …
The North Korean government has likely been using the malware since 2016 to target the aerospace, telecommunications, and finance industries, the US government says. The federal government on Tuesday issued an alert detailing the North Korean government’s use of malware known as Read More …
You should be extra careful when opening files in MS Office. When the world is still dealing with the threat of ‘unpatched’ Microsoft Office’s built-in DDE feature, researchers have uncovered a serious issue with another Office component that could allow attackers Read More …
In an effort to better understand how users accounts get ‘hijacked,’ Google collaborated with the University of California at Berkeley to investigate how the black markets responsible for obtaining and selling user credentials operate. The study took place from March Read More …
