Pwn2Own 2019: Researchers Win Tesla After Hacking Its Browser

Sat, 23 Mar 2019 06:02:11 +0000

read more

UK Police Federation Hit by Ransomware

Fri, 22 Mar 2019 17:12:28 +0000

The UK Police Federation of England & Wales (PFEW) website was subject to a malware attack that it discovered on March 9, 2019. It appears that this was a ransomware attack; but the strain has not been announced. read more

Russian Hackers Target European Governments Ahead of Elections: FireEye

Fri, 22 Mar 2019 17:08:34 +0000

Hackers believed to be sponsored by the Russian government are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections, FireEye reports.  read more

Industry Reactions to Norsk Hydro Breach: Feedback Friday

Fri, 22 Mar 2019 16:37:50 +0000

Norwegian aluminum giant Norsk Hydro has been hit by a serious ransomware attack that caused disruptions at some of its plants and forced the company to turn to manual processes to fulfill customer orders. read more

Microsoft Launches Defender ATP Endpoint Security for macOS

Fri, 22 Mar 2019 15:43:37 +0000

Microsoft Brings Defender Advanced Threat Protection to macOS read more

D.C. Attorney General Introduces New Data Security Bill

Fri, 22 Mar 2019 14:58:40 +0000

Karl A. Racine, the attorney general for the District of Columbia, on Thursday announced the introduction of a new bill that aims to expand data breach notification requirements and improve the way personal information is protected by organizations. read more

Observations From RSA Conference 2019

Fri, 22 Mar 2019 11:00:33 +0000

The RSA Conference is one of the premier events in the cybersecurity world. At times, it can be an overwhelming experience for vendors and attendees alike because of its massive scale and fast pace; however, it’s also a great opportunity for people like me to get insight into trends in the industry. read more

Researchers Earn $270,000 for Firefox, Edge Hacks at Pwn2Own 2019

Fri, 22 Mar 2019 06:30:08 +0000

White hat hackers earned a total of $270,000 on the second day of the Pwn2Own hacking competition for demonstrating exploits against the Mozilla Firefox and Microsoft Edge web browsers. read more

Threat Hunting Tips to Improve Security Operations

Thu, 21 Mar 2019 19:33:23 +0000

From Ferdinand Magellan to Lewis and Clark to Neil Armstrong – humans have an innate desire to understand the unknown. In security operations, we see this phenomenon every day in several forms, one of which is threat hunting. Threat hunting is not triggered by an event, but by the unknown. It is the practice of proactively and iteratively searching for abnormal indications within networks and systems. read more

Global Security Spend Set to Grow to $133.8 Billion by 2022: IDC

Thu, 21 Mar 2019 17:48:09 +0000

Global spending on security-related hardware software and services will grow at a compound annual growth rate (CAGR) of 9.2% between 2018 and 2022, to a total of $133.8 billion in 2022. The figures come from the latest Worldwide Semiannual Security Spending Guide compiled by IDC. read more

Facebook Stored Passwords of Hundreds of Millions Users in Plain Text

Thu, 21 Mar 2019 16:53:32 +0000

Facebook today admitted to have stored the passwords of hundreds of millions of its users in plain text, including the passwords of Facebook Lite, Facebook, and Instagram users.  read more

How Three of 2018's Critical Threats Used Email to Execute Attacks

Thu, 21 Mar 2019 16:38:13 +0000

History Tends to Repeat Itself - Attackers Repurpose Tried and Tested Methods to Launch Attacks read more

Multiple Vulnerabilities Patched in PuTTY and LibSSH2

Thu, 21 Mar 2019 16:27:13 +0000

PuTTY, an SSH and Telnet client program, and LibSSH2, a client-side C library for the SSH2 protocol, have both received updates fixing multiple vulnerabilities. Eight vulnerabilities have been fixed in version 0.71 of PuTTY, and nine vulnerabilities fixed in version 1.8.1 of LibSSH2. read more

Facebook Pays Big Bounty for DoS Flaw in Fizz TLS Library

Thu, 21 Mar 2019 16:18:36 +0000

While Facebook’s bug bounty program does not typically cover denial-of-service (DoS) vulnerabilities, the social media giant has decided to award a significant bounty for a serious flaw affecting Fizz, its open source TLS library. read more

FIN7 Hackers Use New Malware in Recent Attacks

Thu, 21 Mar 2019 16:16:17 +0000

The financially-motivated hacking group FIN7 has used new malware samples in a recent attack campaign, Flashpoint security researchers warn.  read more

Finland to Investigate Suspected Nokia Chinese Data Breach

Thu, 21 Mar 2019 15:26:17 +0000

Finnish authorities will launch an investigation into claims that Nokia phones have been transmitting users' personal data to China, the country's data protection ombudsman announced on Thursday. read more

Securing Industrial IoT in the Modern World

Thu, 21 Mar 2019 15:15:20 +0000

Manufacturing arguably offers the largest attack surface of almost any industry with regards to cybersecurity threats, and has long been a prime target for ‘everyday’ attacks like phishing, ransomware, data-theft – you name it, they’ve seen it. But these ‘everyday’ attacks and the associated losses are only the tip of the iceberg when it comes to what could potentially happen in the future. read more

Many Vulnerabilities Found in Oracle's Java Card Technology

Thu, 21 Mar 2019 14:35:07 +0000

Poland-based cybersecurity research firm Security Explorations claims to have identified nearly 20 vulnerabilities in Oracle’s Java Card, including flaws that could be exploited to compromise the security of chips using this technology. read more

Schneider Electric Working on Patch for Flaw in Triconex TriStation Emulator

Thu, 21 Mar 2019 12:58:26 +0000

A serious denial-of-service (DoS) vulnerability has been found in Schneider Electric’s Triconex TriStation Emulator software. The vendor has yet to release a patch, but assured customers that the flaw does not pose a risk to operating safety controllers. read more