News – January 2017


  • Hackers Hacked Phone Hacking Company

    January 13, 2017

    Cellebrite made the news several times in the last 12 months or so, pretty much because of the company’s phone hacking capabilities and its involvement in the San Bernardino scandal when it was asked to break into the iPhone used by a terrorist. This time, however, Cellebrite is making the headlines because of a different reason: ...

  • Detroit Car Makers Allegedly Hacked, Names and Social Security Numbers Stolen

    January 13, 2017

    Detroit’s Big Three automakers are the latest big companies to become victims of hackers, with a new report now claiming that employees’ names and social security numbers might have been exposed during a breach. Details are very sketchy at the moment, and there is no confirmation from the involved companies, but according to the 7 Action ...

  • Hedge funds to invest more in technology and cyber defence

    January 12, 2017

    Investments by hedge funds into technology advancement is set to increase in the coming five years, as more executives within the industry become concerned about the impact of technology on their competitiveness. A new report finds that they will leverage a broad range of investment strategies to meet needs, from building their own systems to outsourcing. ...

  • ‘We need to know how a malicious hacker will break into our network to understand how to defend it’

    January 12, 2017

    It has been over 11 years since Abertay introduced the UK’s first BSc Ethical Hacking degree, followed by the MSc for graduates with a computing background. We received a lot of attention from both the media and others in the academic community surrounding the ethics of teaching people how to hack and the value of specialist ...

  • Rudy Giuliani to lead Trump’s cybersecurity team

    January 12, 2017

    Mr Giuliani, once a leading contender for secretary of state, said Mr Trump would meet the team on a regular basis. He was selected because of his private sector cybersecurity expertise, a Trump transition team statement said. Mr Trump has said he plans to create a cybersecurity team within his first 90 days in office. Mr Giuliani’s appointment ...

  • Airport boarding gate display leaks booking codes, puts passenger data at risk

    January 10, 2017

    While waiting for my flight to begin boarding at a European airport recently, I noticed that one of the screens at the gate showed a timed-out web browser window. Being curious and more than a little bored, I opened the IP address displayed on the screen on my smartphone expecting it to be unreachable from ...

  • Adobe patches critical flaws in Flash Player, Reader and Acrobat

    January 10, 2017

    Adobe Systems released security updates for its Flash Player, Adobe Reader and Acrobat products fixing critical vulnerabilities that could allow attackers to install malware on computers. The Flash Player update fixes 13 vulnerabilities, 12 that can lead to remote code execution and one that allows attackers to bypass a security restriction and disclose information. Adobe is ...

  • Netflix Users Under Attack As Hackers Try to Steal Credit Card Info

    January 10, 2017

    Security company FireEye detected a new wave of attacks aimed at Netflix users, with cybercriminals now turning to phishing schemes in order to steal their personal information, including credit card data, social security numbers, and other details. Although it seems that the attacks have been suspended, Netflix users in the United States should always keep an ...

  • Stolen NSA “Windows Hacking Tools” Now Up For Sale!

    January 10, 2017

    The Shadow Brokers who previously stole and leaked a portion of the NSA hacking tools and exploits is back with a Bang! The hacking group is now selling another package of hacking tools, “Equation Group Windows Warez,” which includes Windows exploits and antivirus bypass tools, stolen from the NSA-linked hacking unit, The Equation Group. For those unfamiliar ...

  • UK to review its cybersecurity after US election hacks

    January 9, 2017

    God save the queen’s emails. The United Kingdom wants to make sure it can’t be hit with a cyberattack like the one that affected the US 2016 presidential election. On Monday, Britain’s Joint Committee on National Security Strategy announced that it’s reviewing the nation’s cybersecurity. “The national security implications of the leap to cyber are a matter ...

  • Microsoft, Qualcomm back Israel’s Team8 cybersecurity firm

    January 9, 2017

    The venture arms of Microsoft (MSFT.O) and Qualcomm (QCOM.O) have invested in Team8, an Israeli creator of cybersecurity start-ups, as big multinational companies get behind Israel’s burgeoning cyber industry in the face of growing threats. Team8, which also announced on Monday a strategic partnership with Citi (C.N) to help develop its products, said the most recent ...

  • France thwarts 24,000 cyber-attacks against defence targets

    January 7, 2017

    Defence Minister Jean-Yves Le Drian said such attacks were doubling every year and this year’s presidential elections could be targeted. He said it would be “naive” to think France was immune to the type of cyber-campaign that targeted the US election, which has been blamed on Russia. Mr Le Drian is overseeing an overhaul of France’s cyber-security ...

  • National Guard expects expanded role in cybersecurity

    January 6, 2017

    The National Guard’s role in cybersecurity began in 1999 thanks to the uncertainty created by Y2K. With concerns of potential computer chaos looming when dates on systems turned over to 2000, the National Guard was given a new force structure called a computer network defense team. Renamed Defensive Cyber Operations Elements, the eight-to 10-person teams are ...

  • U.S. Grid in ‘Imminent Danger’ From Cyber-Attack, Study Says

    January 6, 2017

    The U.S. Energy Department says the electricity system “faces imminent danger” from cyber-attacks, which are growing more frequent and sophisticated, but grid operators say they are already on top of the problem. In the department’s landmark Quadrennial Energy Review, it warned that a widespread power outage caused by a cyber-attack could undermine “critical defense infrastructure” as ...

  • KillDisk System Destructive Malware Now Targeting Linux

    January 6, 2017

    KillDisk is one of the pieces of malware that made the news several times in 2016, mostly because it was used for compromising several high-profile targets, including utility companies in Ukraine. KillDisk has been considered responsible for a nationwide power outage in Ukraine, after a number of computers were compromised with malware and could no longer ...

  • Hacker claims to have hacked the FBI, but it wasn’t

    January 5, 2017

    A hacker yesterday claimed to have hacked the FBI’s website running on Plone CMS, but it seems it wasn’t hacked using any zero-day vulnerability in Plone. We contacted Plone security team and updated this story (see below) with official statements.A hacker, using Twitter handle CyberZeist, has claimed to have hacked the FBI’s website (fbi.gov) and ...

  • 11 Gigabytes of Sensitive Data Belonging to US DoD Staff Exposed

    January 5, 2017

    Personal details of doctors who are deployed in the United States Special Operations Command (USSOCOM or SOCOM) have been exposed due to a security vulnerability discovered in a server operated by health services contractor Potomac Healthcare Solutions. MacKeeper Security Researcher Chris Vickery discovered in late December that Potomac, which provides healthcare workers to the government through ...

  • Cyber security chief honoured for taming hi-tech threats

    January 4, 2017

    A leader in the field of cyber security who spent 28 years in the RAF and protected the White House has been named in the Queen’s New Year’s Honours list. Group captain Andrew Gudgeon, who works at Nationwide, was awarded an OBE for his work strengthening and protecting the UK and US’s cyber security, The 51-year-old, who ...

  • HTTPS scanning in Kaspersky antivirus exposed users to MITM attacks

    January 4, 2017

    Security vendor Kaspersky Lab has updated its antivirus products to fix an issue that exposed users to traffic interception attacks. The problem was found by Google vulnerability researcher Tavis Ormandy in the SSL/TLS traffic inspection feature that Kaspersky Anti-Virus uses to detect potential threats hidden inside encrypted connections. Like other endpoint security products, Kaspersky Anti-Virus installs a ...

  • Cyber Security Statistics – Numbers Small Businesses Need to Know

    January 3, 2017

    Cyber security statistics for small businesses collected from a variety of sources. General Small Business Cyber Security Statistics 43 percent of cyber attacks target small business. Only 14 percent of small businesses rate their ability to mitigate cyber risks, vulnerabilities and attacks as highly effective. 60 percent of small companies go out of business within six months of a cyber attack. 48 percent of data security ...