January 23, 2016
Company warns customers to remove undocumented authentication feature ASAP.
Media devices sold to US feds have hidden backdoor with sniffing functions
January 22, 2016`
Highly privileged account could be used to hack customers’ networks, researchers warn.
Global mass injection affects thousands of websites worldwide
January 22, 2016
Attackers compromise over 3,500 public servers in possible reconnaissance drive for future attacks.
Cyber security pros say boards, CEOs and CFOs don’t ‘get’ cyber security risk
January 21, 2016
Forty-five per cent of cyber security professionals believe their board of directors have a major gap in their understanding of cyber risk, or don’t understand the risk at all, according to the research.
Apple Fixes Cookie Theft Bug in iOS 9.2.1
January 21, 2016
When Apple pushed out iOS 9.2.1 earlier this week, it fixed a nasty bug that lingered in the wild for nearly three years and could have let an attacker steal cookies and impersonate victims.
Scammers impersonate India’s Income Tax Department to deliver malware
January 21, 2016
India, USA, UK, and other countries are being targeted with fraudulent “tax deduction” emails containing information-stealing malware.
Cyber-security threat could cause ‘Fukushima-like disaster’
January 20, 2016
A new report has warned of the dangers of bad cyber-security when it comes to nuclear power, handing out ‘0’ ratings to tens of countries around the world and warning of a Fukushima-scale threat.
Dridex Borrows Tricks From Dyre, Targets U.K. Users
January 20, 2016
Attackers behind the Dridex Trojan have narrowed their sights on banks based in the United Kingdom frequented by high-value business accounts, researchers claim.
Linux bug imperils tens of millions of PCs, servers, and Android phones
January 20, 2016
Vulnerability allows restricted users and apps to gain unfettered root access.
Apple Releases Patches for iOS, OS X and Safari
January 20, 2016
The patches come less than a week after a ShmooCon presentation by Synack director of research Patrick Wardle revealed that Apple’s Gatekeeper security feature in OS X can be bypassed by an attacker with network-level access.
US government urges cyber security sharing for connected car threats
January 18, 2016
The US Department of Transportation has urged the automotive industry to share information and work with researchers to tackle potential car hack attacks.
New Head Of Europol’s European Cybercrime Centre
January 18, 2016
Mr Steven Wilson has taken up his duties as the new Head of Europol’s European Cybercrime Centre (EC3).
FDA Issues Guidelines on Medical Device Cybersecurity
January 18, 2016
The Food and Drug Administration (FDA) issued a new set of draft guidelines on Friday in hopes that medical device manufacturers not only address cybersecurity risks before they design products, but also during the maintenance of those products.
Securities and Exchange Commission gets tough on cyber security
January 17, 2016
US regulator signals that prevention is the centrepiece of its strategy
Cyber Crime Costs Projected To Reach $2 Trillion by 2019
January 17, 2016
‘Crime wave’ is an understatement when you consider the costs that businesses are suffering as a result of cyber crime.
Cyber Attacks Threatening Oil and Gas Sector Severely Now Than Ever Before
January 17, 2016
It is being reported that the oil and gas sectors have suddenly become more vulnerable to cyber threats.
Trustwave failed to spot casino hackers right under its nose
January 16, 2016
IT security biz Trustwave is being sued by a Las Vegas casino operator for allegedly bungling a hacking investigation. Trustwave denies any wrongdoing.
Anonymous Exposes 1GB Data Belonging to Thailand’s Supreme Court
January 16, 2016
The Blink Hacker Group, which is among the many divisions of Anonymous, accidentally stumbled upon this massive wealth of data while attempting to deface Thailand Supreme Court website.
New OpenSSH bug could leak encryption keys to attackers
January 15, 2016
Users advised to patch vulnerability which affects many Linux-based operating systems.
Apple’s anti-malware Gatekeeper still useless
January 15, 2016
Apple has flubbed attempts to patch flaws in OS X’s anti-malware system Gatekeeper, leaving the defenses still easy to bypass.
Cisco Patches Hardcoded Password, DoS Vulnerabilities in Software, Devices
January 14, 2016
Cisco patched a handful of issues across its software line this week, including two critical vulnerabilities that could lead to the complete compromise of any devices running the software, and a hardcoded password that exists in some access points made by the company.
Cyber security rules backed by EU committee
January 14, 2016
Firms supplying essential services will have to take action to improve their ability to withstand cyber attacks under new rules approved by members of European Parliament on the Internal Market Committee.
Singapore: National cybersecurity R&D laboratory to be ready by end-2016
January 14, 2016
The laboratory is a shared national research infrastructure which can be used by the local research community and industry.
Watchdog urges US nuclear agency to close cyber security gaps
January 13, 2016
An audit report has called on the US nuclear agency to revise its IT contracts to ensure better cyber security
Hacker Attacks Could Derail Train, Cybersecurity Researchers Say
January 12, 2016
According to SecurityWeek, the supervisory control and data acquisition network (SCADA) systems used by many rail companies are vulnerable to hacker attacks.
Cyber activists from 42 countries issue open letter against software ‘backdoors’
January 11, 2016
Nearly 200 experts, companies and advocacy groups urge governments to end efforts to ‘mandate insecure encryption’ amid surveillance concerns
Questions Linger as Juniper Removes Backdoored Dual_EC RNG
January 11, 2016
Juniper Networks announced late Friday it was removing the suspicious Dual_EC_DRBG random number generator from its ScreenOS operating system.
Authorities Arrest Eight in Tyupkin ATM Malware Takedown
January 11, 2016
European authorities dismantled a cybercrime ring last week responsible for a series of ATM attacks that ultimately led to substantial financial losses across Europe.
26-Year-Old Hacker Sentenced to Record 334 Years in Prison
January 11, 2016
Onur Kopçak was arrested in 2013 for operating a phishing website that impersonated bank site, tricking victims into providing their bank details including credit card information.
Top Cyber Security Salaries In U.S. Metros Hit $380,000
January 9, 2016
According to the IT job board DICE, the top IT security salaries go to lead software security engineers who earn an average of $233,333.
602 Gbps! This May Have Been the Largest DDoS Attack in History
January 8, 2016
Cyber attacks are getting evil and worst nightmare for companies day-by-day, and the Distributed Denial of Service (DDoS) attack is one of the favorite weapon for hackers to temporarily suspend services of a host connected to the Internet.
Older IE Versions Losing Security Support on Tuesday
January 8, 2016
Next Tuesday will bring the first batch of Microsoft security bulletins for 2016 and it will also herald the end of security support for Internet Explorer versions 8, 9 and 10.
GM embraces white-hats with public vulnerability disclosure program
January 8, 2016
On January 5, General Motors quietly flipped the switch on Detroit’s first public security vulnerability disclosure program, launched in partnership with the bug bounty and disclosure portal provider HackerOne.
Firefox’s ban of SHA-1 certs causing some security issues, Mozilla warns
January 7, 2016
Mozilla has warned Firefox users that its decision to reject SHA-1 certificates has caused an unfortunate side effect: some man-in-the-middle devices, such as security scanners and antivirus products, are failing to connect to HTTPS sites.
Top cybersecurity mistakes health organisations make
January 7, 2016
Despite healthcare organisations’ best attempts at maintaining patient confidentiality, the industry regularly accounts for a staggering number of data breaches.
Silent Circle Patches Modem Flaw That Exposes Blackphone to Attack
January 6, 2016
Silent Circle, makers of the security and privacy focused Blackphone, have patched a vulnerability that could allow a malicious mobile application or remote attacker to access the device’s modem and perform any number of actions.
Destructive Disakil malware linked to Ukraine power outages also used against media organisations
January 6, 2016
A highly destructive Trojan reportedly used in recent attacks against the Ukrainian energy sector, was also earlier used against media targets in the same country.
Zerodium Offers $100K for Adobe Flash Heap Isolation Bypasses
January 5, 2016
Exploit acquisition company Zerodium announced via its Twitter account that it would run a month long bounty program, paying as much as $100,000 for exploit code bypassing the heap isolation mitigation in Flash Player.
Dutch Government Embraces Encryption, Denounces Backdoors
January 5, 2016
Government officials in the Netherlands this week released a statement that actually calls for stronger encryption and rejects backdoors entirely.
New JavaScript Ransomware Sold as a Service
January 4, 2016
Researchers this week turned up a new ransomware-as-a-service operation that pushes the first ransomware coded entirely in JavaScript.
BIMCO, together with other leading shipping organisations launched Cyber security guidelines for ships
January 4, 2016
BIMCO, together with other leading shipping organisations, launched a set of guidelines to help the global shipping industry prevent major safety, environmental and commercial issues that could result from a cyber incident onboard a ship.
Department of Defense Nudges Contractors to Patch Juniper Backdoor
January 2, 2016
Juniper Networks, found “unauthorized” code in its ScreenOS software which would allow an attacker to take total control of Juniper NetScreen firewalls
Anti-IS group claims cyber-attack on BBC
January 2, 2016
A group of computer hackers that wants to target Islamic State has claimed it was behind a cyber attack on the BBC which it intended as a test of its own capabilities.
Cyber Security Agency looking to strengthen online security in every sector
January 1, 2016
The Singapore Cyber Security Agency is planning set up a Security Operation Centre in every sector, so that information can be shared and responses coordinated in the event of an cyber attack.