Malware in PyPI Code Shows Supply Chain Risks
A code backdoor in a package on the Python Package Index demonstrates the importance of verifying code brought in from code repositories.
Europol Head Fears 5G Will Give Criminals an Edge
Catherine De Bolle is concerned law enforcement will lose its ability to track criminals with the arrival of 5G networks.
Mirai Groups Target Business IoT Devices
More than 30% of Mirai attacks, and an increasing number of variants of the malicious malare, are going after enterprise IoT devices, raising the stakes for business.
The Problem with Proprietary Testing: NSS Labs vs. CrowdStrike
Why apples-to-apples performance tests are the only way to accurately gauge the impact of network security products and solutions.
Crack the Defenses of iOS and other Platforms at Black Hat USA
Get the latest insights into how to attack and defend platforms like iOS, MacOS, and Windows 10 at this upcoming August security conference.
Security Lessons From a New Programming Language
A security professional needed a secure language for IoT development. So he wrote his own, applying learned lessons about memory and resources in the process.
BitPaymer Ransomware Operators Wage Custom, Targeted Attacks
A new framework is allowing the threat group to compile variants of the malware for each victim, Morphisec says.
Open Source Hacking Tool Grows Up
Koadic toolkit gets upgrades - and a little love from nation-state hackers.
RDP Bug Takes New Approach to Host Compromise
Researchers show how simply connecting to a rogue machine can silently compromise the host.
8 Legit Tools and Utilities That Cybercriminals Commonly Misuse
Threat actors are increasingly 'living off the land,' using publicly available management and administration tools to conceal malicious activity.
How Capture the Flag Competitions Strengthen the Cybersecurity Workforce
These competitions challenge participants with problems involving digital forensics, cryptography, binary analysis, web security, and many other fields.
Bulgarian Tax Breach Nets All the Records
An attack by a 'wizard hacker' results in leaked records for virtually every Bulgarian taxpayer.
79% of US Consumers Fear Webcams Are Watching
Widespread privacy concerns have caused 60% of people to cover their laptop webcams - some in creative ways - survey data shows.
Calculating the Value of Security
What will it take to align staff and budget to protect the organization?
MITRE ATT&CK Framework Not Just for the Big Guys
At Black Hat, analysts from MITRE and Splunk will detail how organizations of many different sizes are leveraging ATT&CK's common language.
Bluetooth Bug Enables Tracking on Windows 10, iOS & macOS Devices
Researchers discover a third-party algorithm in multiple high-profile Bluetooth devices exposes users to third-party tracking and data access.
800K Systems Still Vulnerable to BlueKeep
Organizations with systems exploitable via the RDP flaw pose an increasing risk to themselves and other organizations, BitSight says.
Sprint Reveals Account Breach via Samsung Website
The last-June breach exposed data includes names, phone numbers, and account numbers.
A Password Management Report Card
New research on password management tools identifies the relative strengths and weaknesses of 12 competing offerings.
Data Loss, Leakage Top Cloud Security Concerns
Compliance, accidental exposure of credentials, and data control are also primary concerns for senior IT and security managers.
Cisco Patches Critical Flaw in Vision Dynamic Signage Director
Cisco this week released a security patch for the Vision Dynamic Signage Director, to address a Critical vulnerability that could allow attackers to execute arbitrary actions on the local system.
Tracked as CVE-2019-1917, the vulnerability was found in the REST...
The Great Hack: the film that goes behind the scenes of the Facebook data scandal
This week, a Netflix documentary on Cambridge Analytica sheds light on one of the most complex scandals of our time. Carole Cadwalladr, who broke the story and appears in the film, looks at the fallout – and finds ‘surveillance...
Scotland Yard Twitter and Emails Hacked
London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages.
read more
Browser Extensions Scraped Data From Millions of People
Slack passwords, NSO spyware, and more of the week's top security news.
Hackers breach FSB contractor, expose Tor deanonymization project and more
SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.
