Rui Pinto: Hacker Who Targeted Football and Angola’s ‘Princess’
Prosecutors in Portugal have denounced him as a criminal hacker, but his supporters describe the man behind the "Luanda Leaks" revelations as a public interest whistleblower.
read more
Attacks on ADC Ramp Up as Citrix Releases Remaining Patches
Citrix has released the full set of patches for the recently disclosed security flaw tracked as CVE-2019-19781, but attacks on vulnerable systems are ramping up.
read more
German Privacy Watchdog Investigates Clothing Retailer H&M
A German privacy watchdog says it has opened an investigation into clothing retailer H&M amid evidence that the Swedish retailer had committed “massive data protection breaches” by spying on its customer service representatives in Germany.
read more
Three Magecart Hackers Arrested in Indonesia
Three individuals suspected of being involved in Magecart online skimming attacks were arrested late last year in Indonesia.
read more
Lessons Learned From 2016, but U.S. Faces New Election Threats
It’s been more than three years since Russia’s sweeping and systematic effort to interfere in U.S. elections through disinformation on social media, stolen campaign emails and attacks on voting systems. U.S. officials have made advances in trying to prevent...
World Economic Forum on Securing the Aviation Industry in the Age of Convergence
World Economic Forum Calls for Global Collaboration to Enhance Cyber Resilience in the Aviation Industry
read more
NSA Shares Guidance on Mitigating Cloud Vulnerabilities
The U.S. National Security Agency (NSA) has published advice on mitigating cloud vulnerabilities. While the advice is primarily designed for government agencies and departments, it nevertheless contains good advice for any commercial organization considering or embarking on -- or...
Huawei and Supply Chain Security – The Great Geopolitical Debate
With No Proof That China's Huawei is Malicious, The Potential for Abuse Remains
read more
Trend Micro OfficeScan Flaw Apparently Exploited in Mitsubishi Electric Hack
A cyberattack disclosed recently by Mitsubishi Electric, which resulted in hackers gaining access to the company’s network and stealing corporate data, likely involved exploitation of a vulnerability in Trend Micro’s OfficeScan product.
read more
PoC Exploits Created for Recently Patched ‘BlueGate’ Windows Server Flaws
Proof-of-concept (PoC) exploits have been released for two recently patched Remote Desktop Gateway vulnerabilities that can be exploited for remote code execution.
read more
Trump, Johnson Talk Security Ahead of Huawei Decision
Prime Minister Boris Johnson discussed telecoms security with US President Donald Trump as he prepares to announce if Britain will use China's Huawei in its 5G networks, officials said Saturday.
read more
Cisco Webex Vulnerability Exploited to Join Meetings Without a Password
Cisco on Friday informed customers that it has patched a vulnerability that allowed unauthorized users to join password-protected Webex meetings. Cisco said the flaw had been exploited.
read more
Questions Linger Over Investigation Into Jeff Bezos’ Hacking
Cybersecurity experts said Thursday there were still many unanswered questions from an investigation commissioned by Jeff Bezos that concluded the billionaire’s cellphone was hacked, apparently after receiving a video file with malicious spyware from the WhatsApp account of Saudi...
Greece: Government Websites Hit by Cyberattack
The Greek government said Friday that the official state websites of the prime minister, the national police and fire service and several important ministries were briefly disabled by a cyberattack but have been restored.
read more
2020 Rings in a New Era of Cyber Attacks – and it’s Getting Personal
Recently, I finished a great audiobook by the famed hacker Kevin Mitnick, called “Ghost in the Wires”, where he details his exploits in using social engineering techniques to hack phone systems. For the most part, he used old school...
Microsoft Releases Azure Security Benchmark
Microsoft this week announced the availability of Azure Security Benchmark v1 (ASB), a collection of more than 90 security best practices recommendations for Azure customers.
read more
Bipartisan Bill Aims to Reform NSA Surveillance of Americans
U.S. lawmakers on Thursday introduced a bill that aims to reform the National Security Agency’s surveillance programs in an effort to protect citizens’ rights.
read more
Privacy Firm Finds Unsecured Cannabis Patient Information
An internet privacy firm says it was able to access private personal information of more than 30,000 medical marijuana patients, recreational pot customers or dispensary employees in several states.
The privacy firm was searching for unsecured data online and says...
The More Authentication Methods, the Merrier
An Increasingly Diverse, Dynamic Workforce Is Driving Dramatic Change in How Users Authenticate
read more
DEF CON China conference put on hold due to coronavirus outbreak
DEF CON team is hoping that the 2019-nCoV outbreak will improve and they can go on as planned, or reschedule.
Remember the Clipper chip? NSA’s botched backdoor-for-Feds from 1993 still influences today’s encryption debates
We'll laugh at today's mandated holes in the same way we laugh at those from 25 years ago Enigma More than a quarter century after its introduction, the failed rollout of hardware deliberately backdoored by the NSA is still...
Average Ransomware Payments More Than Doubled in Q4 2019
Ransomware attackers collected an average of around $84,000 from victim organizations, up from $41,000 in Q3 of 2018, Coveware says.
Seven Years Later, Scores of EAS Systems sit Un-patched, Vulnerable
Two years after a false EAS alert about an incoming ICBM sowed terror in Hawaii, and seven years after security researchers warned about insecure, Internet connected Emergency Alert System (EAS) hardware, scores of the devices across the U.S. remain...
One Small Fix Would Curb Stingray Surveillance
The technology needed to limit stingrays is clear—but good luck getting telecoms on board.
