Trending Now
LATEST
ISC StormCast for Thursday, August 16th 2018
Password Protected Word Documents Push AZORult and Hermes Ransomware https://isc.sans.edu/forums/diary/More+malspam+pushing+passwordprotected+Word+docs+for+AZORult+and+Hermes+Ransomware/23992/Linux
Mozilla-endorsed security plug-in accused of tracking users
Web Security says there's nothing nefarious to its URL collection A security plug-in for the Firefox browser is under fire after users discovered it was collecting and uploading their online activity.…
Making money mining Coinhive? Yeah, you and nine other people
10 users controlling the bulk of cryptocoin generator funds Mining internet currency on websites with Coinhive scripts is a lucrative endeavor, but only for a handful of people.…
Google Launches Searchable Database on US Political Ads
The new site offers an eye-opening view of how online political ad spending through Google can work. It offers a breakdown on individual ad campaigns, including a catalog of what ads were served and to which demographic groups.
Intel Reveals New Spectre-Like Vulnerability
A new side-channel speculative execution vulnerability takes aim at a different part of the CPU architecture than similar vulnerabilities that came before it.
Miller & Valasek: Security Stakes Higher for Autonomous Vehicles
Car hacking specialists shift gears and work on car defense in their latest gigs - at GM subsidiary Cruise Automation.
Investor Sues AT&T for $224 Million Over Cryptocurrency Hack
A tech entrepreneur is demanding AT&T pay damages for its role in failing to prevent hackers from stealing his mobile phone number, which was used to break into his cryptocurrency accounts.
2018 Pwnie Awards: Who Pwned, Who Got Pwned
A team of security experts round up the best and worst of the year in cybersecurity at Black Hat 2018.
India’s Cosmos bank raided for $13m by hackers
Report points finger at North Korea for cyber-heist Cosmos Bank in India says that hackers made off with $13.4m in stolen funds over the weekend.…
Notes on patching. Foreshadow speculative execution vulnerability. Influence operations. The FBI’s new cyber chief. Are stickers a temptation to thieves, hackers, and customs officers?
In today's podcast we hear some Patch Tuesday notes—both Microsoft and Adobe were busy yesterday. Foreshadow, a new speculative execution vulnerability, is reported. Malaysia gets attention from Chinese espionage services. Competition for jihadist mindshare. Influence operations as marketing. The...
Support for ageing key exchange crypto leaves VPNs open to attack
Ancient issue causing new ones Security gaps have been identified in widely used implementations of the IPsec protocol, which is used in the set up of Virtual Private Networks (VPNs).…
Bitcoin backer sues AT&T for $240m over stolen cryptocurrency
Michael Terpin not happy about funds-draining SIM swap fraud A bitcoin investor is suing AT&T for $240m after it allegedly ported his phone number to a hacker, allowing the criminal to steal $24m in cryptocurrency.…
From Mainframes to Connected Cars: How Software drives the Automotive Industry
Automakers must pay as much attention to the integrity and security of the software running modern vehicles as they pay to areas such as metallurgy, impact protection, seat belts, and materials science argues Gary Mcgraw, the Vice President of Security...
Widespread Instagram Hack Locking Users Out of Their Accounts
Instagram has been hit by a widespread hacking campaign that appears to stem from Russia and have affected hundreds of users over the past week, leaving them locked out of their accounts.
A growing number of Instagram users are taking...
Google is tracking your location, even when the setting is turned off
Shock! It appears Google can track the location of anyone using some of its apps on Android or iPhone even when they’ve told it not to.
How weaponized AI has created a new breed of cyber-attacks
IBM security researchers have discovered invasive and targeted artificial intelligence-powered cyber-attacks triggered by geolocation and facial recognition.
How AI-powered malware uses facial recognition technology
IBM security researchers demonstrate how new artificial intelligence-powered facial recognition technology can trigger malware lurking within common applications.
Why phishing remains a critical cyber-attack vector
Spear phishing emails targeting business users are so well-crafted they should be called "laser" phishing attacks, says Microsoft's Cybersecurity Field CTO Diana Kelley.
Email Phishers Using New Way to Bypass Microsoft Office 365 Protections
Phishing works no matter how hard a company tries to protect its customers or employees.
Security researchers have been warning of a new phishing attack that cybercriminals and email scammers are using in the wild to bypass the Advanced Threat...
IDG Contributor Network: How to make cybersecurity incidents hurt less
You take time with your staff to regularly review what they should do in a fire (where are the exits? Don’t use the elevator. Where is the muster point? Is the fire department called automatically, or will someone have...
Cisco Releases Security Updates
Original release date: August 15, 2018Cisco has released updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit these vulnerabilities to cause a denial-of-service situation. NCCIC encourages users and administrators to review the following Cisco Security Advisories...
FBI Eyes Plethora of River-Related Threats
NEW ORLEANS (AP) — Giant cranes loading and unloading gargantuan barges. Oil tankers, supply vessels and pipelines serving a vital energy industry. Flood control structures. Chemical plants. Cruise ships. Drinking water sources. All computer-reliant and tied in some way...
BrandPost: Loyal to a Fault: Why Your Current DNS May Be Exposing You to Risk
Ask seasoned IT professionals what they dislike most about their infrastructure, and they’ll answer in unison: Change. IT, network and security professionals all rely on tried-and-true products to keep the business humming along, but is doing so exposing them...
The sextortionists are back, this time with your phone number as “proof”
Last month the crooks were throwing old passwords into their scams to make you sit up and take notice. Now it's phone numbers.
Gartner Says IT Security Spending to Hit $124B in 2019
Global IT security spending will grow 12.4% in 2018 and another 8.7% in 2019.
LEADERS
Patch Tuesday, August 2018 Edition
Adobe and Microsoft each released security updates for their software on Tuesday. Adobe plugged five security holes in its Flash Player browser plugin. Microsoft pushed 17 updates to fix at least 60 vulnerabilities in Windows and other software, including...
Sex extortion emails now quoting part of their victim’s phone number
Some computer users are reporting that they have received a new type of extortion email in their inbox, which - in an attempt to scare them into giving in to demands for money - quotes part of their phone...
Hacking Police Bodycams
Suprising no one, the security of police bodycams is terrible.
Mitchell even realized that because he can remotely access device storage on models like the Fire Cam OnCall, an attacker could potentially plant malware on some of the cameras. Then,...
Bad news conspiracy theorists. QAnon codes are just a guy mashing his keyboard
The codes in Q’s posts aren’t actual codes, but instead “just random typing by someone who might play an instrument and uses a qwerty keyboard,” says password expert.
Google Tracks its Users Even if They Opt-Out of Tracking
Google is tracking you, even if you turn off tracking:
Google says that will prevent the company from remembering where you've been. Google's support page on the subject states: "You can turn off Location History at any time. With Location...
