Cyber Saturday—Facebook's 'War Room' Is a Marketing Ploy

Such displays are “mostly for show,” as Jason Witty, chief information security officer at U.S. Bank, told the New York Times for an unrelated story about ...

Posted on 20 October 2018 | 3:30 pm

Town of Round Hill suffers data breach, destruction of electronic records

The Town of Round Hill recently suffered a data breach and the destruction of electronic records, town officials announced Saturday afternoon.

Posted on 20 October 2018 | 3:30 pm

Cyber Saturday—Facebook's 'War Room' Is a Marketing Ploy

Such displays are “mostly for show,” as Jason Witty, chief information security officer at U.S. Bank, told the New York Times for an unrelated story about ...

Posted on 20 October 2018 | 3:30 pm

Cyber Saturday—Facebook's 'War Room' Is a Marketing Ploy

It is easier for these groups to collaborate “virtually” rather than physically, says Nathaniel Gleicher, Facebook's head of cybersecurity policy. Hmm…

Posted on 20 October 2018 | 3:30 pm

Stop making data breaches about Google and Facebook — people are in real trouble

While never comparable in terms of popularity and usage, both have recently reported major data breaches within days of each other. In the wake of ...

Posted on 20 October 2018 | 2:56 pm

MIDAS SHARE TIPS: If you want feelgood profits try Osirium - the firm that helps save hospitals ...

Last week, the National Cyber Security Centre warned that the UK faces a major, life-threatening cyber-attack in the near future. A Government agency ...

Posted on 20 October 2018 | 2:56 pm

MIDAS SHARE TIPS: If you want feelgood profits try Osirium - the firm that helps save hospitals ...

Last week, the National Cyber Security Centre warned that the UK faces a major, life-threatening cyber-attack in the near future. A Government agency ...

Posted on 20 October 2018 | 2:56 pm

MIDAS SHARE TIPS: If you want feelgood profits try Osirium - the firm that helps save hospitals ...

Last week, the National Cyber Security Centre warned that the UK faces a major, life-threatening cyber-attack in the near future. A Government agency ...

Posted on 20 October 2018 | 2:56 pm

Tu Digital

He stopped the march to enactment of the Cybersecurity Act in its tracks. ... Comparisons are never perfect but the way the Cybersecurity Act was ...

Posted on 20 October 2018 | 2:33 pm

Future Demand of IT Security-As-A-Service Market By Top Players Like Blue Coat, Cisco, IBM, Intel ...

The research report analyzes the global IT Security-As-A-Service Market in a detailed manner by explaining the key aspects of the market that are ...

Posted on 20 October 2018 | 2:22 pm

Westminster security guards in porn video probe after virus contaminates their computers

Staff from the Security Parliamentary Department were sent disciplinary letters after links to sleazy sites flashed up on computer logs.

Posted on 20 October 2018 | 1:48 pm

Hackers Breach HealthCare.gov System, Get Data on 75,000

A government computer system that interacts with HealthCare.gov was hacked earlier this month, compromising the sensitive personal data of some 75,000 people, officials said Friday.

read more

Posted on 20 October 2018 | 1:21 pm

Oracle Critical Patch Update October 2018 Addressed 301 Flaws Including 47 High-Rated Flaws

Oracle has recently released its critical patch update for the third quarter of 2018. This Oracle critical patch update has. Read more · Facebook 1.9M ...

Posted on 20 October 2018 | 1:15 pm

DHS Under Secretary: China, Iran, Russia Risks to Cyber Security in Midterm Elections

U.S. national security agencies are sounding the alarm amid ongoing cyberattacks from oversees in the run-up to the midterm elections. On Friday ...

Posted on 20 October 2018 | 12:41 pm

DHS Under Secretary: China, Iran, Russia Risks to Cyber Security in Midterm Elections

U.S. national security agencies are sounding the alarm amid ongoing cyberattacks from oversees in the run-up to the midterm elections. On Friday ...

Posted on 20 October 2018 | 12:41 pm

Hack on 8 adult websites exposes oodles of intimate user data

In many respects, the most recent breach is more limited than the hack of Ashley Madison. Whereas the 100GB of data exposed by the Ashley ...

Posted on 20 October 2018 | 12:41 pm

Hack on 8 adult websites exposes oodles of intimate user data

A recent hack of eight poorly secured adult websites has exposed megabytes of personal data that could be damaging to the people who shared ...

Posted on 20 October 2018 | 12:41 pm

Is there interference in the 2018 US midterm elections?

The U.S. has a lot of concerns; ballot tampering, hacking into campaigns, open and covert attempts to sway voters. Friday's announcement didn't ...

Posted on 20 October 2018 | 12:30 pm

Is there interference in the 2018 US midterm elections?

In March, the Justice Department announced that nine Iranians carried out a yearslong cyberattack to steal secrets from American companies, ...

Posted on 20 October 2018 | 12:30 pm

HealthCare.gov system hack leaves 75000 individuals exposed

A hack was detected earlier this month in a government computer system that works alongside HealthCare.gov, exposing the personal information of ...

Posted on 20 October 2018 | 12:18 pm

HealthCare.gov system hack leaves 75000 individuals exposed

(CNN) A hack was detected earlier this month in a government computer system that works alongside HealthCare.gov, exposing the personal ...

Posted on 20 October 2018 | 12:18 pm

ICO Analysis: Svandis

Svandis is developing a platform for crypto market participants, providing leading financial research, analytical and visualization tools for anyone ...

Posted on 20 October 2018 | 12:07 pm

Medtronic cuts cyber access to vulnerable devices

Such an attack has not been documented in the real world. Indeed, there has never been a documented cyberattack against any medical device that ...

Posted on 20 October 2018 | 11:56 am

Medtronic cuts cyber access to vulnerable devices

Medtronic steps up cybersecurity moves. Medtronic has shut off the ability to remotely update the software on two machines that are used in doctor's ...

Posted on 20 October 2018 | 11:56 am

Did Your Tax Return Earn More Frequent Flier Miles Than You Did Last Year?

Federal law requires taxpayers to consent before their tax data, including their Social Security number is disclosed to a tax preparer located outside ...

Posted on 20 October 2018 | 11:56 am

Medtronic cuts cyber access to vulnerable devices

Medtronic steps up cybersecurity moves. Medtronic has shut off the ability to remotely update the software on two machines that are used in doctor's ...

Posted on 20 October 2018 | 11:56 am

Ripple: Moving Toward Mass Acceptance

In the interest of full disclosure, I own nary a drop of XRP. However on nearly a daily basis the question comes to mind: why not? Part of the resistance ...

Posted on 20 October 2018 | 11:56 am

SIBOS 2018 may bank on digital economy

... financial crime, tackling the widening cybersecurity challenge in the digital economy and adapting to evolving geopolitical and regulatory priorities.

Posted on 20 October 2018 | 11:45 am

BGZ BNP Paribas chooses Kaymera's Adaptive Mobile Threat Defence

According to a recent survey of IT security professionals on the Bring Your Own Device (BYOD) issue, one in five organisations has suffered a mobile ...

Posted on 20 October 2018 | 11:22 am

[BC-MCT-NEWS-BJT]

^Trump says China is meddling in midterms, but cybersecurity experts don't see it<. USCHINA-HACKING:BLO President Donald Trump has said ...

Posted on 20 October 2018 | 11:22 am

Global Aviation & Defense Cyber Security Market Evolving Technology, Segmentation and Industry ...

A report, titled “Aviation & Defense Cyber Security” has been added to our storehouse. The report speaks to the present situation of the market in light ...

Posted on 20 October 2018 | 11:22 am

Digital Security Act 2018: young generation speaks

Concerned citizens have raised questions about the recently enacted Digital Security Act 2018 as it carries the risk of constraining freedom of ...

Posted on 20 October 2018 | 11:09 am

HealthCare.Gov Hack Exposes Personal Data of 75000 Users

While it is unclear what data was exposed, the hackers' accounts have been deactivated and the breached tool has been disabled “out of an ...

Posted on 20 October 2018 | 10:48 am

75000 Healthcare.Gov Portal Users Affected by Data Breach

CMS revealed that the data breach occurred due to an “anomalous system activity” that was detected last week in the Direct Enrollment system.

Posted on 20 October 2018 | 10:48 am

Navy 'Extremely' Confident HMS Queen Elizabeth Can Fend Off Cyber Attack

In recent weeks, Russia and its military intelligence unit the GRU have been accused of a raft of cyber-attacks on targets around the world.

Posted on 20 October 2018 | 10:37 am

All about India's data localisation policy

Their push is from a data security angle and to safeguard India's homegrown ventures. Companies such as Paytm and Phonepe have strongly ...

Posted on 20 October 2018 | 10:26 am

Cyber-reinforcements: the town department that takes a hard look at software

Cyber-reinforcements: the town department that takes a hard look at ... looks into the town's efforts to protect its network and data from cyber-attacks. 0.

Posted on 20 October 2018 | 10:03 am

Cyber-reinforcements: the town department that takes a hard look at software

Leonard refers to an article published by the Investment Industry Regulatory Organization of Canada which states cyber security is not solely an IT ...

Posted on 20 October 2018 | 10:03 am

Cyber-reinforcements: the town department that takes a hard look at software

After recent cyber attacks on public sector organizations, there are some residents in Collingwood who reached out to CollingwoodToday with ...

Posted on 20 October 2018 | 10:03 am

North Korea-Sponsored Lazarus Responsible For 65% Of Hacked Cryptocurrency

A 2018 cyber threat report on the crypto industry has shown that the hacker group called Lazarus accounts for the most attacks on cryptocurrencies ...

Posted on 20 October 2018 | 9:52 am

HBO confirms cyberattack, hackers threaten to leak GoT

span.p-content div[id^=div-gpt] { line-height: 0px; font-size: 0px;} has confirmed that the network had been the target of a cyberattack, as an ...

Posted on 20 October 2018 | 9:52 am

Hacker Tries to Blackmail Apple for $150000 in BTC After Compromising 319 Million iCloud Accounts

According to the DailyMail, Albayrak had published a video on YouTube that showed him hacking into iCloud accounts. The analyst, who is a resident ...

Posted on 20 October 2018 | 9:52 am

An Interview With the Creator of BugBountyNotes

There were some amazing hacking challenges posted on BugBountyNotes. – Please tell us more about them, how to approach them in a beneficial ...

Posted on 20 October 2018 | 9:41 am

Supergirl: L-Corp Emergency Lands Brainiac-5 in Hot Water in New Clip

In a CBR-exclusive clip from “Fallout,” the next episode of Supergirl, a cyber attack on L-Corp leaves Brainy exposed, powerless and surrounded by ...

Posted on 20 October 2018 | 9:30 am

Trump says China is meddling in midterms, but cybersecurity experts don't see it

WASHINGTON –– President Donald Trump has said China is interfering with the November midterm elections, but the findings of top cybersecurity ...

Posted on 20 October 2018 | 9:18 am

Trump says China is meddling in midterms, but cybersecurity experts don't see it

WASHINGTON –– President Donald Trump has said China is interfering with the November midterm elections, but the findings of top cybersecurity ...

Posted on 20 October 2018 | 9:18 am

Trump says China is meddling in midterms, but cybersecurity experts don't see it

WASHINGTON — President Donald Trump has said China is interfering with the November midterm elections, but the findings of top cybersecurity ...

Posted on 20 October 2018 | 9:18 am

Trump says China is meddling in midterms, but cybersecurity experts don't see it

WASHINGTON — President Donald Trump has said China is interfering with the November midterm elections, but the findings of top cybersecurity ...

Posted on 20 October 2018 | 9:18 am

Netflix not working with VPN and Avast?

This is why it is very likely that you are using Avast on your computer as your regular antivirus, and why you might have already noticed that there's ...

Posted on 20 October 2018 | 9:16 am

Trade Recommendation: Litecoin

The Litecoin/Bitcoin pair (LTC/BTC) dropped to as low as 0.00758498 on September 12, 2018. At that price level, the market was down by almost 70% ...

Posted on 20 October 2018 | 9:07 am

Tips to secure BYOD in the workplace

On the heels of the latest breaches against Facebook and Google that affected millions of users worldwide, global cybersecurity company Kaspersky ...

Posted on 20 October 2018 | 9:07 am

Who are Asiri, al-Qahtani dismissed over Khashoggi's case

... of the Saudi Federation for Cyber Security and Programming (SAFCSP). ... the Royal Commission for Al-Ula, and the Saudi Union for Cyber Security ...

Posted on 20 October 2018 | 8:51 am

VIDEO: Cyber Security road show connects with residents in Montego Bay

As part of activities to observer Cyber Security Awareness month, the Ministry of Science and Technology through the Cyber Incident Response Team ...

Posted on 20 October 2018 | 8:45 am

VIDEO: Cyber Security road show connects with residents in Montego Bay

As part of activities to observer Cyber Security Awareness month, the Ministry of Science and Technology through the Cyber Incident Response Team ...

Posted on 20 October 2018 | 8:45 am

Hackers breach Healthcare.gov system, steal data from 75K

A government computer system that interacts with HealthCare.gov was hacked earlier this month, compromising the sensitive personal data of some ...

Posted on 20 October 2018 | 8:22 am

Zcash (ZEC) Up 16% For Week as Sapling Hardfork Approaches

Privacy coin Zcash (ZEC) gained 16% on its value from Monday through to Saturday as anticipation builds regarding the upcoming Sapling update.

Posted on 20 October 2018 | 8:22 am

North Korean hackers stole half a billion dollars in cryptocurrency

North Korea's infamous hacking group Lazarus has stolen more than half a billion dollars in cryptocurrency over the last two years. The group ...

Posted on 20 October 2018 | 8:11 am

North Korean hackers stole half a billion dollars in cryptocurrency

The group, according to a report from The Next Web (TNW), carried out ... carried out as many as 14 cyber attacks across different online exchanges.

Posted on 20 October 2018 | 8:11 am

IUP schedules cyber security event

Indiana University of Pennsylvania's Institute for Cyber Security, in collaboration with the Information Technology Support Center, will present a ...

Posted on 20 October 2018 | 7:46 am

IUP schedules cyber security event

Indiana University of Pennsylvania's Institute for Cyber Security, in collaboration with the Information Technology Support Center, will present a ...

Posted on 20 October 2018 | 7:37 am

IUP schedules cyber security event

Indiana University of Pennsylvania's Institute for Cyber Security, in collaboration with the Information Technology Support Center, will present a ...

Posted on 20 October 2018 | 7:37 am

IUP schedules cyber security event

Indiana University of Pennsylvania's Institute for Cyber Security, in collaboration with the Information Technology Support Center, will present a ...

Posted on 20 October 2018 | 7:37 am

Global Mobile Anti-Malware Market Drivers and Challenges 2018 To 2023

Mobile Anti-Malware Market report provides in-depth analysis of leading players with company profiles and strategies. Mobile Anti-Malware industry ...

Posted on 20 October 2018 | 7:29 am

Hackers breach Healthcare.gov system, taking files on 75000 people

A government system used by insurance agents and brokers to help customers sign up for healthcare plans was breached, allowing hackers to siphon ...

Posted on 20 October 2018 | 7:26 am

Hackers breach Healthcare.gov system, taking files on 75000 people

In order to sign up for healthcare plans, customers have to give over a ton of personal data — including names, addresses, and their social security ...

Posted on 20 October 2018 | 7:26 am

Vendors confirm products affected by libssh bug as PoC code pops up on GitHub

Red Hat and F5 Networks acknowledge that some products are vulnerable to the libssh authentication bug.

Posted on 20 October 2018 | 7:07 am

Vendors confirm products affected by libssh bug as PoC code pops up on GitHub

At the time of writing, no vendor or cyber-security firm has come forward to confirm exploitation attempts that leverage this vulnerability. Nevertheless ...

Posted on 20 October 2018 | 7:03 am

Angered by reporting, pro-Sabrimala activists hack Asianet website, but the wrong one

It seems like the activists wanted to hack the media arm of Asianet, but have ended up hacking another website connected to the company.

Posted on 20 October 2018 | 7:03 am

Council accused of 'serious' employee data breach

A local authority has been accused of a "serious" data breach after an employee's personal details were left open on a shared computer system.

Posted on 20 October 2018 | 6:30 am

Russian troll threat hasn't gone away as election day nears

Khusyaynova was allegedly working with the Internet Research Agency .... Nathaniel Gleicher, Facebook's head of cybersecurity policy, told CNN ...

Posted on 20 October 2018 | 6:12 am

Inside the industry of cybercrime | Avast

For as long as there's been an internet, there's been cybercrime. .... As for cybersecurity tech, crank up all the security measures at your disposal.

Posted on 20 October 2018 | 6:07 am

The Week That Was: All of Lawfare in One Post

... the vulnerability of Department of Defense weapons system to cyber attacks, and Megan Reiss presented some legislative solutions to the problems ...

Posted on 20 October 2018 | 6:07 am

GAO Audit Uncovers Cyber Vulnerabilities in Pentagon Weapons Systems

Federal government security audits carried out between fiscal years 2012-2017 have uncovered significant cyber vulnerabilities in the U.S. ...

Posted on 20 October 2018 | 6:03 am

GAO Audit Uncovers Cyber Vulnerabilities in Pentagon Weapons Systems

Federal government security audits carried out between fiscal years 2012-2017 have uncovered significant cyber vulnerabilities in the U.S. ...

Posted on 20 October 2018 | 6:03 am

GAO Audit Uncovers Cyber Vulnerabilities in Pentagon Weapons Systems

Federal government security audits carried out between fiscal years 2012-2017 have uncovered significant cyber vulnerabilities in the U.S. ...

Posted on 20 October 2018 | 6:03 am

Crypto Update: Top 10 Worst Performers Make Bottom Picking List

Yesterday, October 18, 2018, Cryptoglobe published, a list of the 10 worst performing cryptocurrency investments of 2018. These altcoins suffered ...

Posted on 20 October 2018 | 5:56 am

Security News This Week: A Dating App for Donald Trump Fans Exposed a Ton of Data

Unfortunately for those lovelorn enlistees, when the app did launch on Monday, it leaked all of their data. According to ZDNet, a French security ...

Posted on 20 October 2018 | 5:56 am

Zomba man jailed 12 years for wife hacking

The Mulunguzi Magistrates' Court in Zomba has sentenced Ricks Kameza to 12 years imprisonment with hard labour (IHL) for hacking wife Brenda ...

Posted on 20 October 2018 | 5:45 am

"Smart home" companies refuse to say whether law enforcement is using your gadgets to spy on you

... report and we have never received any National Security Letters or orders for user content or non-content information under the Foreign Intelligence ...

Posted on 20 October 2018 | 5:45 am

Hacking Group Lazarus Steals $571 Million in Cryptocurrency

The data from Group-IB suggests majority of the exchanges hacked were the South Korean exchanges like, coinrail, Bithumb & Youbit. This data ...

Posted on 20 October 2018 | 5:45 am

Retail Cybersecurity market forecast to 2023 scrutinized in new research

The Global Retail Cybersecurity Market describes an in-depth study of the market aspects such as current size of the industry, consumer demands, ...

Posted on 20 October 2018 | 5:44 am

The Philippine International Cybersecurity Conference 2018

The department reassures the people its commitment in strengthening the country's cybersecurity posture. But It doesn't deny the reality that there is ...

Posted on 20 October 2018 | 5:22 am

Facebook says spammers behind data breach that affected 29 million users

Facebook's security team has been investigating the incident since September 25, when it discovered that someone was downloading a large quantity ...

Posted on 20 October 2018 | 5:22 am

The Philippine International Cybersecurity Conference 2018

The department reassures the people its commitment in strengthening the country's cybersecurity posture. But It doesn't deny the reality that there is ...

Posted on 20 October 2018 | 5:22 am

Facebook says spammers behind data breach that affected 29 million users

The very big data breach has resulted in leaving the platform users more vulnerable to targeted phishing attacks and could make the issue more ...

Posted on 20 October 2018 | 5:22 am

The Philippine International Cybersecurity Conference 2018

But It doesn't deny the reality that there is no cyber security stance that is flawless. Hence, it does not aim for perfection; it aims for resiliency – a higher ...

Posted on 20 October 2018 | 5:22 am

City-county IT report notes improved tech support, cybersecurity concerns

In the report, Civic Foundry advised that a third-party security assessment of city and county information technology be performed as soon as possible.

Posted on 20 October 2018 | 5:06 am

City-county IT report notes improved tech support, cybersecurity concerns

Nevertheless, Lewis and Clark County Commissioner Roger Baltz said cybersecurity will be a top priority going forward, noting that in the report's list ...

Posted on 20 October 2018 | 5:06 am

City-county IT report notes improved tech support, cybersecurity concerns

In the report, Civic Foundry advised that a third-party security assessment of city and county information technology be performed as soon as possible.

Posted on 20 October 2018 | 5:06 am

City-county IT report notes improved tech support, cybersecurity concerns

Nevertheless, Lewis and Clark County Commissioner Roger Baltz said cybersecurity will be a top priority going forward, noting that in the report's list ...

Posted on 20 October 2018 | 5:06 am

In our opinion: We aren't as prepared for cyberattacks as we need to be

The primary responsibility for guarding against online security breaches falls to those companies and institutions with whom users entrust information ...

Posted on 20 October 2018 | 5:00 am

In our opinion: We aren't as prepared for cyberattacks as we need to be

The primary responsibility for guarding against online security breaches falls to those companies and institutions with whom users entrust information ...

Posted on 20 October 2018 | 5:00 am

Why Retail Cybersecurity Market Worldwide Important? Development Trend, Driving Factors and ...

Global Retail Cybersecurity Market is witnessing a continual rise in its valuation with the advancement in technologies, which is impacting the ...

Posted on 20 October 2018 | 5:00 am

Security researchers identify "fingerprints" in 3D printed objects that can be used to trace their ...

... a paper to be presented at the ACM SIGSAC Conference on Computer and Communications Security conference in Toronto this month, a group of ...

Posted on 20 October 2018 | 5:00 am

UK Dominating Europe Cyber Security of Security Services Market: Major Factors for Growth and ...

Europe Cyber Security of Security Services Market Size, Status and Forecast 2023, a new research report that evaluates its current value, size, ...

Posted on 20 October 2018 | 5:00 am

In our opinion: We aren't as prepared for cyberattacks as we need to be

Law enforcement agencies are warning about the prevalence of cybercrime as part of National Cybersecurity Awareness Month and offering valuable ...

Posted on 20 October 2018 | 5:00 am

In our opinion: We aren't as prepared for cyberattacks as we need to be

Law enforcement agencies are warning about the prevalence of cybercrime as part of National Cybersecurity Awareness Month and offering valuable ...

Posted on 20 October 2018 | 5:00 am

N. Korean hackers have stolen cryptocurrencies worth $571 million

A north Korean hacking group called Lazarus has stolen cryptocurrencies worth $571 million. The Next Web that cited findings from the annual report ...

Posted on 20 October 2018 | 4:26 am

N. Korean hackers have stolen cryptocurrencies worth $571 million

... developing company Group-IB has stated that the hacking group was behind 14 cyber-attacks on cryptocurrency exchanges since January 2017.

Posted on 20 October 2018 | 4:26 am

N. Korean hackers have stolen cryptocurrencies worth $571 million

Reports also stated the hackers targeted cryptocurrency exchanges with spear phishing, using malware and social engineering. The finding of the firm ...

Posted on 20 October 2018 | 4:26 am

How Optherium's MDPBN saves Banks from Hacking

And most notably, it offers a robust solution to prevent data loss and data hacks. Optherium makes it impossible to perform any kind of cyber crimes.

Posted on 20 October 2018 | 4:03 am

Global Antivirus Software Market Overview & Industry Landscape by Focusing on Top Key Vendors ...

Antivirus software detects, blocks, and removes malicious programs. It uses real-time inspections of system memory, OS, and files to help prevent ...

Posted on 20 October 2018 | 3:18 am

Global Cyber Security Market 2018 Industry Opportunities – Risk Vision, Safer Social, Webroot ...

Globalinforesearch.biz has recently added a new research review in its database titled, Global Cyber Security Market Research Report 2018, ...

Posted on 20 October 2018 | 3:18 am

Global Cyber Security Market 2018 Industry Opportunities – Risk Vision, Safer Social, Webroot ...

Globalinforesearch.biz has recently added a new research review in its database titled, Global Cyber Security Market Research Report 2018, ...

Posted on 20 October 2018 | 3:18 am

Global Cyber Security Market 2018 Industry Opportunities – Risk Vision, Safer Social, Webroot ...

Globalinforesearch.biz has recently added a new research review in its database titled, Global Cyber Security Market Research Report 2018, ...

Posted on 20 October 2018 | 3:18 am

Riyadh to Host Cyber Saber Hackathon 2018

The Saudi Federation for Cybersecurity, Programming, and Drones (SFCPD) announced Saturday that it will hold a two-day Cyber Saber Hackathon ...

Posted on 20 October 2018 | 3:07 am

Riyadh to Host Cyber Saber Hackathon 2018

The Saudi Federation for Cybersecurity, Programming, and Drones (SFCPD) announced Saturday that it will hold a two-day Cyber Saber Hackathon ...

Posted on 20 October 2018 | 3:07 am

Downtown Cleveland microgrid proposed for $100 million

The two feasibility studies, to be released by the universities Monday, are among topics that will be discussed next week at a cybersecurity conference ...

Posted on 20 October 2018 | 2:56 am

Downtown Cleveland microgrid proposed for $100 million

... businesses that cannot afford power failures and want a grid insulated from cyber attacks, says a proposal prepared for the Cleveland Foundation.

Posted on 20 October 2018 | 2:56 am

North Carolina recovers from a hurricane and malware attack

North Carolina is still recovering from a hurricane Florence which critically affected its water utility in September 2018.. However, hackers have also ...

Posted on 20 October 2018 | 2:45 am

Between Freedom of Speech and Online Security

One of the earliest pieces of internet regulation was Section 230 of the 1996 Communications Decency Act. Simply put, it protected online services ...

Posted on 20 October 2018 | 2:45 am

C5 Capital to Sign Landmark Atlantic Future Forum Accord on Cyber Security and Artificial ...

C5 Capital Limited (C5), the specialist venture capital firm focused on investing in cloud computing, cyber and artificial intelligence, announces ...

Posted on 20 October 2018 | 1:33 am

Providing a new approach to security

How companies can protect themselves from being fooled on the web will be the focus of the upcoming Third Security Project Cyprus conference.

Posted on 20 October 2018 | 1:30 am

C5 Capital to Sign Landmark Atlantic Future Forum Accord on Cyber Security and Artificial ...

Artificial intelligence and its role in cyber security will be a key topic during the Forum, which gathered senior members of the UK & US Governments ...

Posted on 20 October 2018 | 1:26 am

Antivirus Software Market Analysis, By Key players, Segmentation, Growth, Share, Size And ...

Antivirus Software Market report gives entire evaluation to the individuals who are searching for Business extend in different areas, makers, New ...

Posted on 20 October 2018 | 1:26 am

SELZER: Should you strengthen your cybersecurity?

What better time to increase your online vigilance to make sure your personal information is kept secure. National cybersecurity experts suggest the ...

Posted on 20 October 2018 | 12:52 am

SELZER: Should you strengthen your cybersecurity?

Even with protection and enforcement activities from the federal government, cyber vigilance needs to begin at home. Knowing some common-sense ...

Posted on 20 October 2018 | 12:52 am

CTBC Bank ATM crash in Taiwan cleared of hacking and malware infections

The system outage, which led to disruption of a number of financial services for three hours, was in no way caused by hacking activity or malware ...

Posted on 20 October 2018 | 12:34 am

Sars IT chief Makhekhe-Mokhuane's qualifications queried

It was discovered the [National Health Service] had not applied a patch to the Windows operating system, which may have prevented the attack.”.

Posted on 20 October 2018 | 12:30 am

Sars IT chief Makhekhe-Mokhuane's qualifications queried

“This is all about data and security of data and when your systems become compromised and you don't have the security updated. For instance ...

Posted on 20 October 2018 | 12:30 am

North Korean Hackers Stole $571m in Cryptos

It was reportedly the North Korean hacking group called Lazarus, which is ... In August, information security firm Kaspersky Lab revealed the latest ...

Posted on 20 October 2018 | 12:18 am

North Korean hacker group steals $571 million in crypto attacks

For instance, fraudsters deliver malware under the cover of CV spam [with an attachment] that has a malware embedded in the document," the findings ...

Posted on 20 October 2018 | 12:18 am

North Korean Hackers Stole $571m in Cryptos

In general, hackers turn to methods such as social engineering, malware, and spear phishing in order to target digital currency exchanges. The most ...

Posted on 20 October 2018 | 12:18 am

North Korean Hacker Group Stole $571 Million in Crypto Attacks This Year

According to The Next Web that cited findings from the annual report of cybersecurity vendor Group-IB late on Friday, Lazarus was behind 14 hacking ...

Posted on 20 October 2018 | 12:18 am

North Korean hacker group stole USD 571 mn in crypto attacks

North Korean hacker group stole USD 571 mn in crypto attacks ... There were on average five new threat samples every second that resulted in a ...

Posted on 20 October 2018 | 12:18 am

North Korean hacker group steals $571 million in crypto attacks

"Spear phishing remains the major vector of attack on corporate networks. ... in Q4 2017, said a recent report from global cyber security firm McAfee.

Posted on 20 October 2018 | 12:18 am

North Korean Hacker Group 'Lazarus' Stole $571 mn in Crypto Attacks

Amid growing crypto-jacking episodes, a North Korean hacking group ... There were on average five new threat samples every second that resulted in ...

Posted on 20 October 2018 | 12:18 am

US air force; competing with rivals or creating a new weapons market

The new space force will have the same power as the other branches of the U.S. Armed Forces, and will monitor space and cyber-attack operations, ...

Posted on 19 October 2018 | 11:56 pm

North Korean hacking group Lazarus steal $571 million in cryptocurrency

A North Korean hacking group called Lazarus has stolen cryptocurrencies ... Lazarus is a hacking group which has been linked to a string of attacks ... advanced persistent threat (APT) groups are increasingly attacking financial ...

Posted on 19 October 2018 | 11:45 pm

Corps of Cadets cybersecurity unit prepares Aggies to defend nation online

That includes an understanding of how a computer works down to the hardware level, where Powell said malware is known to attack, as well as how ...

Posted on 19 October 2018 | 10:48 pm

Corps of Cadets cybersecurity unit prepares Aggies to defend nation online

Ramirez said working together to maximize those efforts will be important as cyber attacks continue to be a threat to major institutions across the ...

Posted on 19 October 2018 | 10:48 pm

US CMS says 75000 individuals' files accessed in data breach

The US Centers for Medicare & Medicaid Services (CMS) said on Friday it was responding to a data breach that exposed the files of about 75,000 ...

Posted on 19 October 2018 | 9:07 pm

Data Points: Healthcare industry challenged with cyber insecurity, data breaches

Anthem's $16 million settlement with the federal government for a massive data breach is just another example of the extreme vulnerabilities the ...

Posted on 19 October 2018 | 9:07 pm

Mac Warner: WV recognized as national leader in encouraging eligible citizens to vote (Gazette ...

Our state was recently featured in a national telecast by HBO News, wherein HBO cited West Virginia as a national leader in cyber security. Arguably ...

Posted on 19 October 2018 | 8:56 pm

Cyber Security Software Market Outlook 2018-2025– Latest Technologies And Innovations, New ...

Global Cyber Security Software Market offers complete, proficient report delivering market research data that is relevant for new market entrants or set ...

Posted on 19 October 2018 | 8:11 pm

US Tech Giant Supermicro Denies Report That China Infiltrated Its Computer Hardware

FBI Director Christopher Wray also appeared to push back on the veracity of the Bloomberg report during a Senate Homeland Security Committee ...

Posted on 19 October 2018 | 8:11 pm

Russian woman charged in first 2018 election meddling case

... the Department of Homeland Security's National Protection and Programs Directorate, speaks during a news conference on election cyber security, ...

Posted on 19 October 2018 | 8:00 pm

Apple Demands Retraction Of Bloomberg's Big 'Chip Infiltration' Story; Bloomberg Has Some ...

The UK's National Cyber Security Centre (a part of GCHQ) said they completely supported Apple and Amazon that no such attack occurred. The US ...

Posted on 19 October 2018 | 7:39 pm

stories about: "super micro"

But, almost as soon as it came out, a bunch of people started raising questions about the story. While the Bloomberg reporters claimed over a dozen ...

Posted on 19 October 2018 | 7:37 pm

Staying cyber safe and secure

October marks the 15th Annual National Cyber Security Awareness Month.Experts say don't click, don't overshare and keep private information private ...

Posted on 19 October 2018 | 7:15 pm

Staying cyber safe and secure

October marks the 15th Annual National Cyber Security Awareness Month.Experts say don't click, don't overshare and keep private information private ...

Posted on 19 October 2018 | 7:15 pm

Global Antivirus Software Market by 2023- Types, Applications, Drivers, Risks, Opportunities ...

Antivirus Software market report examines present as well as future landscapes of the industry with analysis of topmost players in the region.

Posted on 19 October 2018 | 7:15 pm

Dallas County Leaders Boost Election Protections

“What the state is doing is helping local elections officials understand the cyber-security threats in general, how can they improve their security ...

Posted on 19 October 2018 | 7:03 pm

Comparing Ubiquiti Networks (UBNT) and Comtech Telecomm. (CMTL)

(NASDAQ:CMTL) are both computer and technology companies, but which is ... and UniFi Security Gateway that provide routing and network security, ...

Posted on 19 October 2018 | 7:03 pm

'I really do think he would take my life and his': Man guilty of murdering estranged wife at Chester ...

After being honorably discharged, she continued her service at Fort Lee and later at Fort Meade's Defense Information Security Agency, working as a ...

Posted on 19 October 2018 | 6:44 pm

Data protection body orders Facebook to act on data breach that affected 755973 PH-based users

In relation to Facebook's data breach in September that affected hundreds of thousands of Philippine-based users, the National Privacy Commission, ...

Posted on 19 October 2018 | 6:18 pm

Colorado's Azar & Associates follows Facebook suit with one against G

The Colorado law firm that is taking on Facebook over a data breach that affected millions of users is taking aim at another internet giant — Google ...

Posted on 19 October 2018 | 6:07 pm

She uses her theater training to scare execs into better cybersecurity practices

Clients game out a scenario in which they're confronting a data breach that feels very real. Televisions blare reports of the incident even as the team is ...

Posted on 19 October 2018 | 5:56 pm

NCSC Releases 2018 Annual Review

Original release date: October 19, 2018

The United Kingdom's (UK) National Cyber Security Centre (NCSC) has released its Annual Review for 2018, which provides a snapshot of their work from September 1, 2017, to August 31, 2018. NCSC provides enhanced services to protect the UK against cybersecurity threats.

NCCIC encourages users and administrators to review NCSC’s 2018 Annual Review for more information.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 19 October 2018 | 5:13 pm

Building Better Business: Having a cybersecurity plan crucial for businesses

In recent times, scam artists have proved that even major corporations can be hacked — take Facebook's data breach in late September as a prime ...

Posted on 19 October 2018 | 5:11 pm

Healthcare.gov security breach leaks info for 75000 people

It said in a statement that "CMS followed standard and appropriate security and risk protocols for researching and reporting the incident.

Posted on 19 October 2018 | 5:11 pm

Consumer data compromised in Affordable Care Act enrollment portal

The breach, involving a system used by agents and brokers as part of the insurance program, exposed credit and other personal information. It throws ...

Posted on 19 October 2018 | 4:48 pm

Protecting yourself against cyber crime

As part of Small Business Week in Timmins, the first annual Technology Trade Show was held Friday. The theme for the event was cyber security, and ...

Posted on 19 October 2018 | 4:29 pm

Hackers breach HealthCare.gov system, get data on 75000

Consumers applying for subsidized coverage have to provide extensive personal information, including Social Security numbers, income, and ...

Posted on 19 October 2018 | 4:12 pm

Hackers breach HealthCare.gov system, get data on 75000

WASHINGTON (AP) — A government computer system that interacts with HealthCare.gov was hacked earlier this month, compromising the sensitive ...

Posted on 19 October 2018 | 3:19 pm

libssh Releases Security Updates

Original release date: October 19, 2018

libssh has released security updates addressing a vulnerability affecting libssh versions 0.6 and above. A remote attacker could exploit this vulnerability to take control of an affected system.

NCCIC encourages users and administrators to review the libssh Security Release for additional information and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 19 October 2018 | 2:43 pm

Microsoft Releases Security Update for Yammer

Original release date: October 19, 2018

Microsoft has released a security update to address a vulnerability in the Yammer desktop application. A remote attacker could exploit this vulnerability to take control of an affected system.

NCCIC encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 19 October 2018 | 2:09 pm

LA's cyber strategy: savvier employees, secure IoT

LA requires training for its workers, and it educates both employees and the wider community about browsing and email security as well as endpoint ...

Posted on 19 October 2018 | 1:37 pm

Audio recording is now disabled by default in OpenBSD

OpenBSD 6.4 also ships with Meltdown, Spectre v2, SpectreRSB, L1FT, and Lazy FPU mitigations.

Posted on 19 October 2018 | 1:12 pm

Apple and personal data, plus Android issues

Security Boulevard: Inside Safari Extensions | Malware's Golden Key to User Data – “A 2-part series looking at the technology behind macOS browser ...

Posted on 19 October 2018 | 12:00 pm

NSA-Linked 'DarkPulsar' Exploit Tool Detailed

Kaspersky Lab security researchers have analyzed another exploit tool that was supposedly stolen from the National Security Agency-linked Equation Group.

read more

Posted on 19 October 2018 | 11:39 am

0-Day in jQuery Plugin Impacts Thousands of Applications

Thousands of projects are possibly impacted by a jQuery File Upload plugin vulnerability that has been actively exploited in the wild, a security researcher has discovered.

read more

Posted on 19 October 2018 | 11:09 am

City Pays $2,000 in Computer Ransomware Attack

A Connecticut city has paid $2,000 to restore access to its computer system after a ransomware attack.

West Haven officials said Thursday they paid the money to anonymous attackers through the digital currency bitcoin to unlock 23 servers and restore access to city data.

read more

Posted on 19 October 2018 | 8:22 am

Microsoft Pushes Out Three Windows 10 Cumulative Updates With Lots Of Fixes

These updates are in addition to the Patch Tuesday roll outs that arrive on the second Tuesday of every month, the most recent of which was doled out ...

Posted on 19 October 2018 | 7:50 am

jQuery File Upload Plugin Vulnerable for 8 Years and Only Hackers Knew

He created a proof-of-concept exploit that tries to find one of the differences and uploads a PHP shell. "I've done some testing against the 1000 forks of ...

Posted on 19 October 2018 | 7:37 am

Kaspersky says it detected infections with DarkPulsar, alleged NSA malware

Victims located in Russia, Iran, and Egypt; related to nuclear energy, telecommunications, IT, aerospace, and R&D.

Posted on 19 October 2018 | 7:25 am

Critical Flaw Found in Streaming Library Used by VLC and Other Media Players

Security researchers have discovered a serious code execution vulnerability in the LIVE555 Streaming Media library—which is being used by popular media players including VLC and MPlayer, along with a number of embedded devices capable of streaming media. LIVE555 streaming media, developed and maintained by Live Networks, is a set of C++ libraries companies and application developers use to

Posted on 19 October 2018 | 7:12 am

Chinese Hackers Use 'Datper' Trojan in Recent Campaign

A China-linked cyber espionage group known as Tick was observed using the Datper malware in a recent campaign, Cisco Talos security researchers reveal.

read more

Posted on 19 October 2018 | 6:53 am

Financial industry unites to enhance data security, innovation and consumer control

Financial institutions, fintech firms and industry groups launched the Financial Data Exchange (FDX), a non-profit organization to unify the financial sector around the secure exchange of financial data. FDX will address common challenges around the way the industry shares consumer account information to enhance security, innovation and consumer controls. FDX is a subsidiary of the Financial Services Information Sharing and Analysis Center (FS-ISAC). As digitization has impacted every industry, consumers expect protection of their personal … More

The post Financial industry unites to enhance data security, innovation and consumer control appeared first on Help Net Security.

Posted on 19 October 2018 | 6:46 am

TeleSign to deliver identity verification and fraud prevention with enhanced Mobile Identity Solutions

TeleSign enhanced coverage of mobile identity services in China, Brazil, and other emerging markets. International businesses can now leverage TeleSign’s solutions to onboard new customers, prevent account takeover and registration fraud, and optimize the user experience in new markets. With some of the highest consumer spending and online engagement in the world, countries like China and Brazil represent growth opportunity for digital businesses. China currently has more than 1.5 billion mobile subscribers and its consumers … More

The post TeleSign to deliver identity verification and fraud prevention with enhanced Mobile Identity Solutions appeared first on Help Net Security.

Posted on 19 October 2018 | 6:45 am

Server With National Guard Personnel Data Target of Attack

The Indiana National Guard says a state, non-military computer server containing personal information on civilian and military Guard personnel was the target of a recent ransomware attack.

The Guard said Thursday it is notifying the affected personnel that they should be alert for suspicious activity or fraudulent accounts being opened in their name.

read more

Posted on 19 October 2018 | 6:41 am

FreeRTOS Vulnerabilities Expose Many Systems to Attacks

Vulnerabilities discovered in the FreeRTOS operating system can expose a wide range of systems to attacks, including smart home devices and critical infrastructure, researchers warn.

read more

Posted on 19 October 2018 | 6:38 am

8 Popular Courses to Learn Ethical Hacking – 2018 Bundle

Update (Oct 2018) — Over 30,000 students from all around the world have joined this training program so far. Due to the growing number of threats in the computer world, ethical hackers have become the most important player for not only governments but also private companies and IT firms in order to safeguard their systems and networks from hackers trying to infiltrate them. By 2020,

Posted on 19 October 2018 | 6:12 am

EU Leaders Vow Tough Action on Cyber Attacks

EU leaders on Thursday condemned the attempted hack on the global chemical weapons watchdog and vowed to step up the bloc's efforts to tackle cyber attacks.

With concerns growing about the malign cyber activities of several countries around the world, notably Russia, the bloc's leaders called for work to begin to set up sanctions to punish hackers.

read more

Posted on 19 October 2018 | 4:13 am

VestaCP users warned about possible server compromise

Unknown attackers have compromised the official distribution of the VestaCP hosting control panel solution to harvest server IPs and admin credentials. That information was exploited to install malware with DDoS capabilities (Linux/ChachaDDoS) on victims’ web servers. About the software A web hosting control panel is a web-based interface provided by a web hosting service that allows users to manage their servers and hosted services. There are many web hosting control panels out there. Some are … More

The post VestaCP users warned about possible server compromise appeared first on Help Net Security.

Posted on 19 October 2018 | 4:03 am

Air Data Computer Market is expected to register the highest CAGR According to Industry Forecasts

Credence Research's report, “Air Data Computer market: Global Industry ... -Exploit merger and acquisition possibilities by identifying the market ...

Posted on 19 October 2018 | 3:52 am

Mozilla Brings Encrypted SNI to Firefox Nightly

Mozilla says Firefox Nightly now supports encrypting the Transport Layer Security (TLS) Server Name Indication (SNI) extension, several weeks after Cloudflare announced it turned on Encrypted SNI (ESNI) across all of its network.

read more

Posted on 19 October 2018 | 3:40 am

Best Password Manager for Mac 2018

While we like Dashlane the most for Mac, all of the options we present work well on Apple's OS. If you want more Mac-specific articles, check out our ...

Posted on 19 October 2018 | 3:30 am

Best Password Manager for Mac 2018

This includes things like 1Password's Travel Mode and Dashlane's dark web monitoring. Security is important, too. Browser-based password ...

Posted on 19 October 2018 | 3:30 am

Remote Code Execution Flaws Patched in Drupal

Developers of the Drupal content management system (CMS) have patched several vulnerabilities in the 7 and 8 branches, including serious flaws that can be exploited for remote code execution.

read more

Posted on 19 October 2018 | 2:21 am

DJI website's 'Get the app on Google Play' directs users elsewhere

Opinion: At best it's an oversight, at worst it's placing user security and privacy at serious risk.

Posted on 19 October 2018 | 2:06 am

Critical Flaws Found in Amazon FreeRTOS IoT Operating System

A security researcher has discovered several critical vulnerabilities in one of the most popular embedded real-time operating systems—called FreeRTOS—and its other variants, exposing a wide range of IoT devices and critical infrastructure systems to hackers. What is FreeRTOS (Amazon, WHIS OpenRTOS, SafeRTOS)? FreeRTOS is a leading open source real-time operating system (RTOS) for embedded

Posted on 19 October 2018 | 1:35 am

Splunk Patches Several Flaws in Enterprise, Light Products

Splunk recently patched several vulnerabilities in its Enterprise and Light products, including flaws that have been rated “high severity.”

read more

Posted on 18 October 2018 | 10:37 pm

New infosec products of the week​: October 19, 2018

IBM rolls out cybersecurity operations center on wheels IBM Security launched the mobile Security Operations Center, capable of traveling onsite for cybersecurity training, preparedness, and response. The IBM X-Force Command Cyber Tactical Operations Center will travel around the U.S. and Europe, running incident response drills with clients, providing on-demand cybersecurity support, and building cybersecurity awareness and skills with professionals, students and consumers. Trend Micro redefines endpoint security with Trend Micro Apex One Trend Micro Apex … More

The post New infosec products of the week​: October 19, 2018 appeared first on Help Net Security.

Posted on 18 October 2018 | 10:36 pm

Who gets spear phished, and why?

The story of nearly every notable data breach in recent memory begins in pretty much the same way: Once upon a time, someone got spear phished… Whether it’s a government agency or a Fortune 500 company, spear phishing is a serious threat, with losses topping $675 million in 2017 in the US alone. The phishing attacks that incite data breaches take diverse forms. Sometimes the root of a data breach is a malicious link in … More

The post Who gets spear phished, and why? appeared first on Help Net Security.

Posted on 18 October 2018 | 10:30 pm

The global cybersecurity workforce gap is widening

New (ISC)2 research shows a widening of the global cybersecurity workforce gap to nearly three million across North America, Latin America, Asia-Pacific, and Europe, the Middle East and Africa. 2018 (ISC)2 Cybersecurity Workforce Study The 2018 (ISC)2 Cybersecurity Workforce Study is based on feedback from a broader, more representative sample of the men and women responsible for securing their organizations around the world. This includes many IT/ICT staff within organizations ranging from large enterprises to … More

The post The global cybersecurity workforce gap is widening appeared first on Help Net Security.

Posted on 18 October 2018 | 10:15 pm

Most executives around the world see untrained staff as the greatest cyber risk

The majority of executives (87%) around the world cite untrained staff as the greatest cyber risk to their business according to a new report produced by ESI ThoughtLab in conjunction with Willis Towers Watson. Compounding this finding is the fact that staff training is ranked among the categories to have made the least progress when measured against the NIST cybersecurity framework. ESI Thought Lab surveyed 1,300 organizations with revenues ranging from under $1 billion to … More

The post Most executives around the world see untrained staff as the greatest cyber risk appeared first on Help Net Security.

Posted on 18 October 2018 | 10:00 pm

Global IT spending to reach $3.8 trillion in 2019

Worldwide IT spending is projected to total $3.8 trillion in 2019, an increase of 3.2 percent from expected spending of $3.7 trillion in 2018, according to the latest forecast by Gartner. “While currency volatility and the potential for trade wars are still playing a part in the outlook for IT spending, it is the shift from ownership to service that is sending ripples through every segment of the forecast,” said John-David Lovelock, research vice president … More

The post Global IT spending to reach $3.8 trillion in 2019 appeared first on Help Net Security.

Posted on 18 October 2018 | 9:45 pm

McAfee accelerates and improves data protection and threat prevention across device to cloud

McAfee released new products expanding its McAfee MVISION portfolio, a solution that allows customers to deploy security on their terms as they move to the cloud. Joining McAfee MVISION ePO, McAfee MVISION Endpoint and McAfee MVISION Mobile, the newly released MVISION solutions, McAfee MVISION EDR and McAfee MVISION Cloud, deliver device-to-cloud data protection and threat prevention capabilities that give customers an approach to mitigate their risk of data loss. “McAfee is delivering a cloud-native portfolio, … More

The post McAfee accelerates and improves data protection and threat prevention across device to cloud appeared first on Help Net Security.

Posted on 18 October 2018 | 8:00 pm

Shopping online gets a security upgrade from Mastercard

Shopping, buying train tickets or hailing a cab online help make the everyday easier. In this digital age where more than half of online shoppers save their credit card info on multiple online sites and the industry average for online checkout is ten minutes, there’s still room for improvement. Mastercard introduces Digital Commerce Solutions a suite of offerings that enhance the security of stored card credentials, advance authentication to reduce checkout errors and speed the … More

The post Shopping online gets a security upgrade from Mastercard appeared first on Help Net Security.

Posted on 18 October 2018 | 7:00 pm

Zero-day in popular jQuery plugin actively exploited for at least three years

A fix is out but the plugin is used in hundreds, if not thousands, of projects. Patching will take ages!

Posted on 18 October 2018 | 6:41 pm

Drupal Releases Security Updates

Original release date: October 18, 2018

Drupal has released security updates addressing multiple vulnerabilities in Drupal 7.x and 8.x. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review Drupal's Security Advisory and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 18 October 2018 | 3:00 pm

Flaws in telepresence robots allow hackers access to pictures, video feeds

Vendor has patched two of five reported bugs. Three patches are in the works.

Posted on 18 October 2018 | 2:40 pm

Flaws Open Telepresence Robots to Prying Eyes

Vulnerabilities in telepresence robots could provide an attacker not only with command execution capabilities, but also with access to a live video stream from the device, Zingbox reports.

read more

Posted on 18 October 2018 | 11:22 am

NFCdrip Attack Proves Long-Range Data Exfiltration via NFC

Researchers have demonstrated that the near-field communication (NFC) protocol can be used to exfiltrate small amounts of data, such as passwords and encryption keys, over relatively long distances.

read more

Posted on 18 October 2018 | 10:35 am

Open source web hosting software compromised with DDoS malware

Some VestaCP servers were infected with a new malware strain named Linux/ChachaDDOS.

Posted on 18 October 2018 | 8:15 am

Apple's Revamped Privacy Website Offers Users Access to Their Data

Apple users can now get a copy of the data the tech giant has on them, directly from a refreshed and expanded privacy website rolled out this week.

read more

Posted on 18 October 2018 | 6:57 am

Google Pixel 3 Improves Data Protection with Security Chip

Google has packed the recently launched Pixel 3 and Pixel 3 XL devices with Titan M, a hardened security microcontroller that can better protect information at hardware level.

read more

Posted on 18 October 2018 | 6:24 am

GitHub security alerts now support Java and .NET projects

GitHub also launches Token Scanning tool and new Security Advisory API.

Posted on 18 October 2018 | 5:03 am

'Operation Oceansalt' Reuses Code from Chinese Group APT1

A recently observed cyber-espionage campaign targeting South Korea, the United States and Canada is reusing malicious code previously associated with state-sponsored Chinese group APT1, McAfee reports.

read more

Posted on 18 October 2018 | 5:03 am

3 Public Cloud Security Myths Debunked

As more and more organizations embrace the migration to the cloud, there are the inevitable questions that arise around its safety. Specifically, enterprises need to know that their data is going to be secure if they choose to embrace a cloud-based model, particularly a public cloud.

read more

Posted on 18 October 2018 | 4:58 am

Facebook Launches 'War Room' to Combat Manipulation

In Facebook's "War Room," a nondescript space adorned with American and Brazilian flags, a team of 20 people monitors computer screens for signs of suspicious activity.

read more

Posted on 18 October 2018 | 3:45 am

Ex-Virginia Teacher Charged in 2014 'Celebgate' Hacking

A former Virginia high school teacher is the fifth person charged in an investigation into the 2014 "celebgate" scandal in which hackers obtained nude photographs and other private information from more than 200 people, including celebrities.

read more

Posted on 18 October 2018 | 3:37 am

Tumblr Vulnerability Exposed User Account Information

Tumblr on Wednesday disclosed a vulnerability that could have been exploited to obtain user account information, including email addresses and protected passwords.

read more

Posted on 17 October 2018 | 10:37 pm

Oceansalt cyberattack wave linked to defunct Chinese APT Comment Crew

The source code of malware from the ancient Chinese military-affiliated group appears to have changed hands.

Posted on 17 October 2018 | 9:01 pm

MIT invention builds memory walls to protect against Meltdown, Spectre attacks

The new system could potentially prevent similar memory-based attacks from risking our PCs and global services.

Posted on 17 October 2018 | 9:00 pm

Equifax engineer who designed breach portal gets 8 months of house arrest for insider trading

SEC said engineer figured out on his own that the website he was building was for the company's security breach.

Posted on 17 October 2018 | 2:39 pm

Tumblr discloses vulnerability but says 'no evidence that this bug was abused'

Bug hunter finds security flaw in Tumblr's "Recommended Blogs" widget.

Posted on 17 October 2018 | 12:11 pm

Cisco Releases Security Updates

Original release date: October 17, 2018

Cisco has released security updates to address multiple vulnerabilities affecting Cisco products. An attacker could exploit one of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the Cisco Security Advisories and Alerts webpage and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 17 October 2018 | 11:53 am

Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info

Tumblr today published a report admitting the presence of a security vulnerability in its website that could have allowed hackers to steal login credentials and other private information for users' accounts. The affected information included users email addresses, protected (hashed and salted) account passwords, self-reported location (a feature no longer available), previously used email

Posted on 17 October 2018 | 11:16 am

Researcher finds simple way of backdooring Windows PCs and nobody notices for ten months

"RID Hijacking" technique lets hackers assign admin rights to guest and other low-level accounts.

Posted on 17 October 2018 | 8:49 am

LuminosityLink Hacking Tool Author Gets 30-Months Prison Sentence

A 21-year-old Kentucky man who previously pleaded guilty to developing, marketing, and selling an infamous remote access trojan (RAT) called LuminosityLink has now been sentenced to 30 months in prison. According to a press release published Monday by U.S. Attorney’s Office, Colton Grubbs, who used online moniker 'KFC Watermelon,' was pleaded guilty for three counts--unlawfully accessing

Posted on 17 October 2018 | 7:18 am

LibSSH Flaw Allows Hackers to Take Over Servers Without Password

A four-year-old severe vulnerability has been discovered in the Secure Shell (SSH) implementation library known as Libssh that could allow anyone to completely bypass authentication and gain unfettered administrative control over a vulnerable server without requiring a password. The security vulnerability, tracked as CVE-2018-10933, is an authentication-bypass issue that was introduced in

Posted on 17 October 2018 | 3:39 am

Rapid7 acquires web app security developer tCell

The deal is designed to boost Rapid7's Insight platform.

Posted on 17 October 2018 | 2:20 am

Google Will Charge Android Phone Makers to Use Its Apps In Europe

Would you prefer purchasing an Android device that doesn't have any apps or services from Google? No Google Maps, No Gmail, No YouTube! And NOT even the Google Play Store—from where you could have installed any Android apps you want Because if you live in Europe, from now on, you have to spend some extra cash on a smartphone with built-in Google services, which were otherwise until now

Posted on 17 October 2018 | 2:08 am

Creator of remote access tool LuminosityLink sent behind bars

The RAT software was a popular choice for cyberattackers.

Posted on 17 October 2018 | 1:37 am

Security flaw in libssh leaves thousands of servers at risk of hijacking

Vulnerability not as bad as it gets, as most servers use the openssh library to support server-side SSH logins.

Posted on 16 October 2018 | 11:42 pm

Oracle patches 301 vulnerabilities, including 46 with a 9.8+ severity rating

This wasn't Oracle's biggest patch ever. That title goes to the July 2018 CPU.

Posted on 16 October 2018 | 10:15 pm

FBI Releases Article on Defending Against Payroll Phishing Scams

Original release date: October 16, 2018

The Federal Bureau of Investigation (FBI) has released an article on building a digital defense against phishing scams targeting electronically deposited paychecks. In these schemes, scammers use phishing emails to direct employees to fraudulent websites and collect their work credentials. Scammers then use victims’ credentials to replace legitimate direct deposit information with their own account details.

NCCIC encourages users to review the FBI Article and NCCIC Tip on Avoiding Social Engineering and Phishing Attacks for more information. If you believe you have been a victim of these scams, report it to the FBI’s Internet Crime Complaint Center at www.ic3.gov.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 16 October 2018 | 4:14 pm

Chrome 70 released with revamped Google account login system

Chrome 70 also comes with support for the final version of the TLS 1.3 standard and the AV1 video format.

Posted on 16 October 2018 | 2:30 pm

VMware Releases Security Updates

Original release date: October 16, 2018

VMware has released security updates to address a vulnerability in ESXi, Workstation, and Fusion. An attacker could exploit this vulnerability to take control of an affected system.

NCCIC encourages users and administrators to review VMware Security Advisory VMSA-2018-0026 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 16 October 2018 | 2:08 pm

Google Releases Security Update for Chrome

Original release date: October 16, 2018

Google has released Chrome version 70.0.3538.67 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 16 October 2018 | 1:44 pm

Oracle Releases October 2018 Security Bulletin

Original release date: October 16, 2018

Oracle has released its Critical Patch Update for October 2018 to address 301 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the Oracle October 2018 Critical Patch Update and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 16 October 2018 | 1:30 pm

Oracle Critical Patch Update Advisory - October 2018

Posted on 16 October 2018 | 12:30 pm

National Cybersecurity Awareness Month: Workplace Cybersecurity

Original release date: October 16, 2018

October is National Cybersecurity Awareness Month, an annual campaign to raise awareness about cybersecurity. Creating a culture of cybersecurity is critical for all organizations—large and small businesses, academic institutions, non-profits, and government agencies—and is a responsibility shared among all employees. The National Institute of Standards and Technology (NIST) has published resources, including standards, guidelines, and best practices, to help organizations of all sizes to strengthen their cyber resilience.

NCCIC encourages organizations and employees to review the following resources:


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 16 October 2018 | 8:52 am

Zero-days, fileless attacks are now the most dangerous threats to the enterprise

These attacks cost the average organization millions and SMBs are the worst affected.

Posted on 16 October 2018 | 7:00 am

Epson reported to Texas AG for bricking third-party ink cartridges

EFF argues Epson's practice is making users avoid installing firmware updates, leaving millions of printers and companies vulnerable to cyber attacks.

Posted on 16 October 2018 | 5:46 am

New iPhone Bug Gives Anyone Access to Your Private Photos

A security enthusiast who discovered a passcode bypass vulnerability in Apple's iOS 12 late last month has now dropped another passcode bypass bug that works on the latest iOS 12.0.1 that was released last week. Jose Rodriguez, a Spanish amateur security researcher, discovered a bug in iOS 12 in late September that allows attackers with physical access to your iPhone to access your contacts

Posted on 16 October 2018 | 12:54 am

Chrome, Firefox, Edge and Safari Plans to Disable TLS 1.0 and 1.1 in 2020

All major web browsers, including Google Chrome, Apple Safari, Microsoft Edge, Internet Explorer, and Mozilla Firefox, altogether today announced to soon remove support for TLS 1.0 (20-year-old) and TLS 1.1 (12-year-old) communication encryption protocols. Developed initially as Secure Sockets Layer (SSL) protocol, Transport Layer Security (TLS) is an updated cryptographic protocol used to

Posted on 15 October 2018 | 11:43 am

Google to Encrypt Android Cloud Backups With Your Lock Screen Password

In an effort to secure users' data while maintaining privacy, Google has announced a new security measure for Android Backup Service that now encrypts all your backup data stored on its cloud servers in a way that even the company can't read it. Google allows Android users to automatically backup their essential app data and settings to their Google account, allowing them to simply restore it

Posted on 15 October 2018 | 2:20 am

30 Million Facebook Accounts Were Hacked: Check If You're One of Them

Late last month Facebook announced its worst-ever security breach that allowed an unknown group of hackers to steal secret access tokens for millions of accounts by taking advantage of a flaw in the 'View As' feature. At the time of the initial disclosure, Facebook estimated that the number of users affected by the breach could have been around 50 million, though a new update published today by

Posted on 13 October 2018 | 3:24 am

Supply Chain Security 101: An Expert’s View

Earlier this month I spoke at a cybersecurity conference in Albany, N.Y. alongside Tony Sager, senior vice president and chief evangelist at the Center for Internet Security and a former bug hunter at the U.S. National Security Agency. We  talked at length about many issues, including supply chain security, and I asked Sager whether he'd heard anything about rumors that Supermicro -- a high tech firm in San Jose, Calif. -- had allegedly inserted hardware backdoors in technology sold to a number of American companies.

Posted on 12 October 2018 | 6:03 pm

Fortnite for Android Released, But Make Sure You Don't Download Malware

Yes, it is official. The massively popular battle royale video game from Epic Games, Fortnite: Battle Royale is finally available for Android devices. Epic announced Thursday that the Android version of Fortnite is now available for everyone to download for free, so you no longer require an invite to play the most popular battle royale game on your phone. Epic Games have provided a list of

Posted on 12 October 2018 | 5:11 am

Google Adds Control-Flow Integrity to Beef up Android Kernel Security

Google has added a new security feature to the latest Linux kernels for Android devices to prevent it against code reuse attacks that allow attackers to achieve arbitrary code execution by exploiting control-flow hijacking vulnerabilities. In code reuse attacks, attackers exploit memory corruption bugs (buffer overflows, type confusion, or integer overflows) to take over code pointers stored

Posted on 12 October 2018 | 2:07 am

French Dark-Web Drug Dealer Sentenced to 20 Years in US Prison

A dark web drugs kingpin who was arrested last year when he arrived in the United States to compete in the World Beard and Mustache Championships has now been sentenced to 20 years in prison. On Tuesday, U.S. District Judge Robert N. Scola sentenced 36-year-old French national Gal Vallerius, aka "OxyMonster," after pleading guilty to conspiracy to possess with the intent to distribute

Posted on 11 October 2018 | 2:19 am

Silk Road Admin Pleads Guilty – Could Face Up to 20 Years in Prison

An Irish national who helped run the now-defunct dark web marketplace Silk Road pleaded guilty on Friday to drug trafficking charges that carry a maximum sentence of 20 years in prison. Gary Davis, also known as Libertas, was one of the site administrators and forum moderators for Silk Road, then-largest underground marketplace on the Internet used by thousands of users to sell and buy drugs

Posted on 11 October 2018 | 1:56 am

Patch Tuesday, October 2018 Edition

Microsoft this week released software updates to fix roughly 50 security problems with various versions of its Windows operating system and related software, including one flaw that is already being exploited and another for which exploit code is publicly available.

Posted on 11 October 2018 | 12:34 am

Just Answering A Video Call Could Compromise Your WhatsApp Account

What if just receiving a video call on WhatsApp could hack your smartphone? This sounds filmy, but Google Project Zero security researcher Natalie Silvanovich found a critical vulnerability in WhatsApp messenger that could have allowed hackers to remotely take full control of your WhatsApp just by video calling you over the messaging app. The vulnerability is a memory heap overflow issue

Posted on 10 October 2018 | 12:43 am

Naming & Shaming Web Polluters: Xiongmai

What do we do with a company that regularly pumps metric tons of virtual toxic sludge onto the Internet and yet refuses to clean up their act? If ever there were a technology giant that deserved to be named and shamed for polluting the Web, it is Xiongmai -- a Chinese maker of electronic parts that power a huge percentage of cheap digital video recorders (DVRs) and Internet-connected security cameras.

Posted on 9 October 2018 | 5:41 pm

Microsoft October Patch Tuesday Fixes 12 Critical Vulnerabilities

Microsoft has just released its latest monthly Patch Tuesday updates for October 2018, fixing a total of 49 security vulnerabilities in its products. This month's security updates address security vulnerabilities in Microsoft Windows, Edge Browser, Internet Explorer, MS Office, MS Office Services and Web Apps, ChakraCore, SQL Server Management Studio, and Exchange Server. Out of 49 flaws

Posted on 9 October 2018 | 11:40 am

Adobe Releases Security Patch Updates for 11 Vulnerabilities

Adobe has released its monthly security updates to address a total of 11 vulnerabilities in Adobe Digital Editions, Framemaker, and Technical Communications Suite, of which four are rated critical and rest 7 are important in severity. Adobe has also released updated versions for Flash Player, but surprisingly this month the software received no security patch update. Also, none of the

Posted on 9 October 2018 | 10:43 am

CompTIA Certification Training 2018 — 12 Online Tutorials

The Information Technology industry has seen exponential growth over the years. It is essential for everyone to earn cybersecurity certification if you want to be a part of this growing industry. Organizations always prefer employees with strong internationally-recognized professional certifications. It proofs your skills, knowledge, and gives more credibility to advance your career. IT

Posted on 9 October 2018 | 5:09 am

From Now On, Only Default Android Apps Can Access Call Log and SMS Data

A few hours ago the company announced its "non-shocking" plans to shut down Google+ social media network following a "shocking" data breach incident. Now to prevent abuse and potential leakage of sensitive data to third-party app developers, Google has made several significant changes giving users more control over what type of data they choose to share with each app. The changes are part of

Posted on 9 October 2018 | 1:37 am

Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users' Data

Google is going to shut down its social media network Google+ after the company suffered a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers. According to the tech giant, a security vulnerability in one of Google+'s People APIs allowed third-party developers to access data for more than 500,000 users, including their

Posted on 8 October 2018 | 12:31 pm

New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access

A known vulnerability in MikroTik routers is potentially far more dangerous than previously thought. A cybersecurity researcher from Tenable Research has released a new proof-of-concept (PoC) RCE attack for an old directory traversal vulnerability that was found and patched within a day of its discovery in April this year. The vulnerability, identified as CVE-2018-14847, was initially rated

Posted on 8 October 2018 | 8:34 am

How to Start a Career in Cybersecurity: All You Need to Know

Cybersecurity is one of the most dynamic and exciting fields in tech, combining cutting-edge information technology with crime fighting. It’s also an industry in serious need of qualified professionals. Estimates show that there are over one million unfilled cybersecurity jobs. The U.S. Bureau of Labor Statistics projects that employment of information security analysts will grow 28 percent

Posted on 8 October 2018 | 6:01 am

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

From time to time, there emerge cybersecurity stories of such potential impact that they have the effect of making all other security concerns seem minuscule and trifling by comparison. Yesterday was one of those times. Bloomberg Businessweek on Thursday published a bombshell investigation alleging that Chinese cyber spies had used a U.S.-based tech firm to secretly embed tiny computer chips into electronic devices purchased and used by almost 30 different companies. There aren't any corroborating accounts of this scoop so far, but it is both fascinating and terrifying to look at why threats to the global technology supply chain can be so difficult to detect, verify and counter.

Posted on 5 October 2018 | 12:45 pm

Chinese Spying Chips Found Hidden On Servers Used By US Companies

A media report today revealed details of a significant supply chain attack which appears to be one of the largest corporate espionage and hardware hacking programs from a nation-state. According to a lengthy report published today by Bloomberg, a tiny surveillance chip, not much bigger than a grain of rice, has been found hidden in the servers used by nearly 30 American companies, including

Posted on 4 October 2018 | 6:03 am

Wi-Fi Gets Simplified Version Numbers and Next Version is Wi-Fi 6

Do you know what is the latest version of Wi-Fi? It's okay if you don't know. It is — Wi-Fi is 802.11ac. I am sure many of us can't answer this question immediately because the Wi-Fi technology doesn't have a traditional format of version numbers… at least until yesterday. The Wi-Fi Alliance—the group that manages the implementation of Wi-Fi—has today announced that the next version of WiFi

Posted on 3 October 2018 | 11:36 am

When Security Researchers Pose as Cybercrooks, Who Can Tell the Difference?

A ridiculous number of companies are exposing some or all of their proprietary and customer data by putting it in the cloud without any kind of authentication needed to read, alter or destroy it. When cybercriminals are the first to discover these missteps, usually the outcome is a demand for money in return for the stolen data. But when these screw-ups are unearthed by security professionals seeking to make a name for themselves, the resulting publicity often can leave the breached organization wishing they'd instead been quietly extorted by anonymous crooks.

Posted on 2 October 2018 | 4:42 pm

Voice Phishing Scams Are Getting More Clever

Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it's easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. Think you're too smart to fall for one? Think again: Even technology experts are getting taken in by some of the more recent schemes (or very nearly).

Posted on 1 October 2018 | 7:02 am

Facebook Security Bug Affects 90M Users

Facebook said today some 90 million of its users may get forcibly logged out of their accounts after the company fixed a rather glaring security vulnerability in its Web site that may have let attackers hijack user profiles. In a short blog post published this afternoon, Facebook said hackers have been exploiting a vulnerability in […]

Posted on 28 September 2018 | 12:36 pm

Secret Service Warns of Surge in ATM ‘Wiretapping’ Attacks

The U.S. Secret Service is warning financial institutions about a recent uptick in a form of ATM skimming that involves cutting cupcake-sized holes in a cash machine and then using a combination of magnets and medical devices to siphon customer account data directly from the card reader inside the ATM.

Posted on 27 September 2018 | 1:45 pm

Cyber Actors Increasingly Exploit The Remote Desktop Protocol to Conduct Malicious Activity

Posted on 27 September 2018 | 7:00 am

Beware of Hurricane Florence Relief Scams

If you're thinking of donating money to help victims of Hurricane Florence, please do your research on the charitable entity before giving: A slew of new domains apparently related to Hurricane Florence relief efforts are now accepting donations on behalf of victims without much accountability for how the money will be spent. For the past two weeks, KrebsOnSecurity has been monitoring dozens of new domain name registrations that include the terms "hurricane" and/or "florence" and some word related to support (e.g., "relief," "assistance," etc. Most of these domains have remained parked or dormant since their creation earlier this month; however, several of them became active only in the past few days, directing visitors to donate money through private PayPal accounts without providing any information about who is running the site or what will be done with donated funds.

Posted on 24 September 2018 | 9:34 am

Credit Freezes are Free: Let the Ice Age Begin

It is now free in every U.S. state to freeze and unfreeze your credit file and that of your dependents, a process that blocks identity thieves and others from looking at private details in your consumer credit history. If you've been holding out because you're not particularly worried about ID theft, here's another reason to reconsider: The credit bureaus profit from selling copies of your file to others, so freezing your file also lets you deny these dinosaurs a valuable revenue stream.

Posted on 21 September 2018 | 9:31 am

Cybercriminals Utilize Social Engineering Techniques To Obtain Employee Credentials To Conduct Payroll Diversion

Posted on 18 September 2018 | 7:00 am

Education Technologies: Data Collection and Unsecured Systems Could Pose Risks to Students

Posted on 13 September 2018 | 7:00 am

Oracle Security Alert for CVE-2018-11776 - 31 August 2018

Posted on 31 August 2018 | 5:00 pm

Value-Driven Cybersecurity

Constructing an Alliance for Value-driven Cybersecurity (CANVAS) launched ~two years ago with F-Secure as a member. The goal of the EU project is “to unify technology developers with legal and ethical scholars and social scientists to approach the challenge of how cybersecurity can be aligned with European values and fundamental rights.” (That’s a mouthful, right?) […]

Posted on 31 August 2018 | 6:20 am

Taking Pwnie Out On The Town

Black Hat 2018 is now over, and the winners of the Pwnie Awards have been published. The Best Client-Side Bug was awarded to Georgi Geshev and Rob Miller for their work called “The 12 Logic Bug Gifts of Christmas.” Georgi and Rob work for MWR Infosecurity, which (as some of you might remember) was acquired by F-Secure […]

Posted on 14 August 2018 | 4:58 am

Oracle Security Alert for CVE-2018-3110 - 10 August 2018

Posted on 10 August 2018 | 12:30 pm

Extortionists Increasingly Using Recipients' Personal Information To Intimidate Victims

Posted on 7 August 2018 | 10:00 am

Cyber Actors Use Internet of Things Devices as Proxies for Anonymity and Pursuit of Malicious Cyber Activities

Posted on 2 August 2018 | 8:00 am

How To Locate Domains Spoofing Campaigns (Using Google Dorks) #Midterms2018

The government accounts of US Senator Claire McCaskill (and her staff) were targeted in 2017 by APT28 A.K.A. “Fancy Bear” according to an article published by The Daily Beast on July 26th. Senator McCaskill has since confirmed the details. And many of the subsequent (non-technical) articles that have been published has focused almost exclusively on […]

Posted on 30 July 2018 | 10:17 am

Oracle Critical Patch Update Advisory - July 2018

Posted on 17 July 2018 | 12:30 pm

Business E-mail Compromise The 12 Billion Dollar Scam

Posted on 12 July 2018 | 10:00 am

WordPress 4.9.7 Security and Maintenance Release

WordPress 4.9.7 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9.6 and earlier are affected by a media issue that could potentially allow a user with certain capabilities to attempt to delete files outside the uploads […]

Posted on 5 July 2018 | 10:00 am

Business Email Compromise Contributes To Large Scale Business Losses Nationwide

Posted on 11 June 2018 | 7:30 am

Foreign Cyber Actors Target Home and Office Routers and Networked Devices Worldwide

Posted on 25 May 2018 | 6:00 am

Video: Creating Graph Visualizations With Gephi

I wanted to create a how-to blog post about creating gephi visualizations, but I realized it’d probably need to include, like, a thousand embedded screenshots. So I made a video instead.

Posted on 24 May 2018 | 12:50 am

Pr0nbots2: Revenge Of The Pr0nbots

A month and a half ago I posted an article in which I uncovered a series of Twitter accounts advertising adult dating (read: scam) websites. If you haven’t read it yet, I recommend taking a look at it before reading this article, since I’ll refer back to it occasionally. To start with, let’s recap. In my […]

Posted on 4 May 2018 | 3:03 am

Oracle Critical Patch Update Advisory - April 2018

Posted on 17 April 2018 | 12:30 pm

WordPress 4.9.5 Security and Maintenance Release

WordPress 4.9.5 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9.4 and earlier are affected by three security issues. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented […]

Posted on 3 April 2018 | 12:56 pm

Tech Support Fraud

Posted on 28 March 2018 | 10:00 am

Marketing “Dirty Tinder” On Twitter

About a week ago, a Tweet I was mentioned in received a dozen or so “likes” over a very short time period (about two minutes). I happened to be on my computer at the time, and quickly took a look at the accounts that generated those likes. They all followed a similar pattern. Here’s an […]

Posted on 16 March 2018 | 2:49 am

How To Get Twitter Follower Data Using Python And Tweepy

In January 2018, I wrote a couple of blog posts outlining some analysis I’d performed on followers of popular Finnish Twitter profiles. A few people asked that I share the tools used to perform that research. Today, I’ll share a tool similar to the one I used to conduct that research, and at the same […]

Posted on 27 February 2018 | 4:07 am

Improving Caching Strategies With SSICLOPS

F-Secure development teams participate in a variety of academic and industrial collaboration projects. Recently, we’ve been actively involved in a project codenamed SSICLOPS. This project has been running for three years, and has been a joint collaboration between ten industry partners and academic entities. Here’s the official description of the project. “The Scalable and Secure […]

Posted on 26 February 2018 | 12:11 am

Increase in W-2 Phishing Campaigns

Posted on 21 February 2018 | 10:00 am

Searching Twitter With Twarc

Twarc makes it really easy to search Twitter via the API. Simply create a twarc object using your own API keys and then pass your search query into twarc’s search() function to get a stream of Tweet objects. Remember that, by default, the Twitter API will only return results from the last 7 days. However, […]

Posted on 16 February 2018 | 6:33 am

Impersonation of the Internet Crime Complaint Center

Posted on 1 February 2018 | 10:00 am

NLP Analysis Of Tweets Using Word2Vec And T-SNE

In the context of some of the Twitter research I’ve been doing, I decided to try out a few natural language processing (NLP) techniques. So far, word2vec has produced perhaps the most meaningful results. Wikipedia describes word2vec very precisely: “Word2vec takes as its input a large corpus of text and produces a vector space, typically of several […]

Posted on 30 January 2018 | 4:37 am

NLP Analysis And Visualizations Of #presidentinvaalit2018

During the lead-up to the January 2018 Finnish presidential elections, I collected a dataset consisting of raw Tweets gathered from search words related to the election. I then performed a series of natural language processing experiments on this raw data. The methodology, including all the code used, can be found in an accompanying blog post. […]

Posted on 30 January 2018 | 4:35 am

How To Get Tweets From A Twitter Account Using Python And Tweepy

In this blog post, I’ll explain how to obtain data from a specified Twitter account using tweepy and Python. Let’s jump straight into the code! As usual, we’ll start off by importing dependencies. I’ll use the datetime and Counter modules later on to do some simple analysis tasks. from tweepy import OAuthHandler from tweepy import […]

Posted on 26 January 2018 | 12:35 am

Fraudulent Online Vehicle Sales

Posted on 17 January 2018 | 10:00 am

How To Get Streaming Data From Twitter

I occasionally receive requests to share my Twitter analysis tools. After a few recent requests, it finally occurred to me that it would make sense to create a series of articles that describe how to use Python and the Twitter API to perform basic analytical tasks. Teach a man to fish, and all that. In […]

Posted on 17 January 2018 | 4:50 am

WordPress 4.9.2 Security and Maintenance Release

WordPress 4.9.2 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for […]

Posted on 16 January 2018 | 3:00 pm

Oracle Critical Patch Update Advisory - January 2018

Posted on 16 January 2018 | 11:30 am

Further Analysis Of The Finnish Themed Twitter Botnet

In a blog post I published yesterday, I detailed the methodology I have been using to discover “Finnish themed” Twitter accounts that are most likely being programmatically created. In my previous post, I called them “bots”, but for the sake of clarity, let’s refer to them as “suspicious accounts”. These suspicious accounts all follow a […]

Posted on 12 January 2018 | 5:52 am

Someone Is Building A Finnish-Themed Twitter Botnet

Finland will hold a presidential election on the 28th January 2018. Campaigning just started, and candidates are being regularly interviewed by the press and on the TV. In a recent interview, one of the presidential candidates, Pekka Haavisto, mentioned that both his Twitter account, and the account of the current Finnish president, Sauli Niinistö had […]

Posted on 11 January 2018 | 7:27 am

Some Notes On Meltdown And Spectre

The recently disclosed Meltdown and Spectre vulnerabilities can be viewed as privilege escalation attacks that allow an attacker to read data from memory locations that aren’t meant to be accessible. Neither of these vulnerabilities allow for code execution. However, exploits based on these vulnerabilities could allow an adversary to obtain sensitive information from memory (such […]

Posted on 9 January 2018 | 6:46 am

Don’t Let An Auto-Elevating Bot Spoil Your Christmas

Ho ho ho! Christmas is coming, and for many people it’s time to do some online shopping. Authors of banking Trojans are well aware of this yearly phenomenon, so it shouldn’t come as a surprise that some of them have been hard at work preparing some nasty surprises for this shopping season. And that’s exactly […]

Posted on 18 December 2017 | 7:48 am

WordPress 4.9.1 Security and Maintenance Release

WordPress 4.9.1 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9 and earlier are affected by four security issues which could potentially be exploited as part of a multi-vector attack. As part of the core team's […]

Posted on 29 November 2017 | 12:33 pm

Necurs’ Business Is Booming In A New Partnership With Scarab Ransomware

Necurs’ spam botnet business is doing well as it is seemingly acquiring new customers. The Necurs botnet is the biggest deliverer of spam with 5 to 6 million infected hosts online monthly, and is responsible for the biggest single malware spam campaigns. Its service model provides the whole infection chain: from spam emails with malicious […]

Posted on 23 November 2017 | 6:16 am

Oracle Security Alert for CVE-2017-10269 - 13 November 2017

Posted on 13 November 2017 | 11:30 am

RickRolled by none other than IoTReaper

IoT_Reaper overview IoT_Reaper, or the Reaper in short, is a Linux bot targeting embedded devices like webcams and home router boxes. Reaper is somewhat loosely based on the Mirai source code, but instead of using a set of admin credentials, the Reaper tries to exploit device HTTP control interfaces. It uses a range of vulnerabilities […]

Posted on 3 November 2017 | 5:39 am

WordPress 4.8.3 Security Release

WordPress 4.8.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to […]

Posted on 31 October 2017 | 7:20 am

Facebook Phishing Targeted iOS and Android Users from Germany, Sweden and Finland

Two weeks ago, a co-worker received a message in Facebook Messenger from his friend. Based on the message, it seemed that the sender was telling the recipient that he was part of a video in order to lure him into clicking it. The shortened link was initially redirecting to Youtube.com, but was later on changed […]

Posted on 30 October 2017 | 11:19 am

Oracle Security Alert for CVE-2017-10151 - 27 October 2017

Posted on 27 October 2017 | 12:30 pm

Oracle Critical Patch Update Advisory - October 2017

Posted on 17 October 2017 | 12:30 pm

Oracle Security Alert for CVE-2017-9805 - 22 September 2017

Posted on 22 September 2017 | 12:30 pm

WordPress 4.8.2 Security and Maintenance Release

WordPress 4.8.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.8.1 and earlier are affected by these security issues: $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this […]

Posted on 19 September 2017 | 3:17 pm

Oracle Critical Patch Update Advisory - July 2017

Posted on 18 July 2017 | 12:30 pm

Oracle Security Alert for CVE-2017-3629

Posted on 19 June 2017 | 12:30 pm

WordPress 4.7.5 Security and Maintenance Release

WordPress 4.7.5 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.4 and earlier are affected by six security issues: Insufficient redirect validation in the HTTP class. Reported by Ronni Skansing. Improper handling of post meta data values in the XML-RPC […]

Posted on 16 May 2017 | 3:39 pm

WordPress Now on HackerOne

WordPress has grown a lot over the last thirteen years – it now powers more than 28% of the top ten million sites on the web. During this growth, each team has worked hard to continually improve their tools and processes. Today, the WordPress Security Team is happy to announce that WordPress is now officially […]

Posted on 15 May 2017 | 9:02 am

Oracle Critical Patch Update Advisory - April 2017

Posted on 18 April 2017 | 12:30 pm

WordPress 4.7.3 Security and Maintenance Release

WordPress 4.7.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.2 and earlier are affected by six security issues: Cross-site scripting (XSS) via media file metadata.  Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs. Control characters can trick redirect […]

Posted on 6 March 2017 | 9:53 am

WordPress 4.7.2 Security Release

WordPress 4.7.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.1 and earlier are affected by three security issues: The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. […]

Posted on 26 January 2017 | 11:34 am

Oracle Critical Patch Update Advisory - January 2017

Posted on 17 January 2017 | 11:30 am

Oracle Critical Patch Update Advisory - October 2016

Posted on 18 October 2016 | 12:30 pm

Oracle Critical Patch Update Advisory - July 2016

Posted on 19 July 2016 | 12:30 pm

Oracle Critical Patch Update Advisory - April 2016

Posted on 19 April 2016 | 12:30 pm

Oracle Security Alert for CVE-2016-0636 - 23 Mar 2016

Posted on 23 March 2016 | 12:30 pm

Oracle Critical Patch Update Advisory - January 2016

Posted on 19 January 2016 | 11:30 am

Oracle Security Alert for CVE-2015-4852 - 10 November 2015

Posted on 10 November 2015 | 11:30 am

Oracle Critical Patch Update Advisory - October 2015

Posted on 20 October 2015 | 12:30 pm

Oracle Critical Patch Update Advisory - July 2015

Posted on 14 July 2015 | 12:30 pm

Oracle Security Alert for CVE-2015-3456 - 15 May 2015

Posted on 15 May 2015 | 12:30 pm

Oracle Critical Patch Update Advisory - April 2015

Posted on 14 April 2015 | 12:30 pm

Oracle Security Alert for CVE-2016-0603 - 5 February 2016

Posted on 5 February 2015 | 11:30 am

Oracle Critical Patch Update Advisory - January 2015

Posted on 20 January 2015 | 11:30 am

Oracle Critical Patch Update Advisory - October 2014

Posted on 14 October 2014 | 12:30 pm

Oracle Security Alert for CVE-2014-7169 - 26 September 2014

Posted on 26 September 2014 | 12:30 pm

Oracle Critical Patch Update Advisory - July 2014

Posted on 15 July 2014 | 12:30 pm

Oracle Security Alert for CVE-2014-0160 - 18 April 2014

Posted on 18 April 2014 | 12:30 pm

Oracle Critical Patch Update Advisory - April 2014

Posted on 15 April 2014 | 12:30 pm

Oracle Critical Patch Update Advisory - January 2014

Posted on 14 January 2014 | 11:30 am

Oracle Critical Patch Update Advisory - October 2013

Posted on 15 October 2013 | 12:30 pm

Oracle Critical Patch Update Advisory - July 2013

Posted on 16 July 2013 | 12:30 pm

Oracle Java SE Critical Patch Update Advisory - June 2013

Posted on 18 June 2013 | 12:30 pm

Oracle Java SE Critical Patch Update Advisory - April 2013

Posted on 16 April 2013 | 12:30 pm

Oracle Critical Patch Update Advisory - April 2013

Posted on 16 April 2013 | 12:30 pm

Oracle Security Alert for CVE-2013-1493 - 04 Mar 2013

Posted on 4 March 2013 | 11:30 am

Updated Release of the Oracle Java SE Critical Patch Update - February 2013

Posted on 19 February 2013 | 11:30 am

Oracle Java SE Critical Patch Update Advisory - February 2013

Posted on 1 February 2013 | 11:30 am

Oracle Critical Patch Update Advisory - January 2013

Posted on 15 January 2013 | 11:30 am

Oracle Security Alert for CVE-2013-0422 - 13 Jan 2013

Posted on 13 January 2013 | 11:30 am

Oracle Critical Patch Update Advisory - October 2012

Posted on 16 October 2012 | 12:26 pm

Oracle Java SE Critical Patch Update Advisory - October 2012

Posted on 16 October 2012 | 12:26 pm

Oracle Security Alert for CVE-2012-4681 - 30 Aug 2012

Posted on 30 August 2012 | 12:26 pm

Oracle Security Alert for CVE-2012-3132 - 10 Aug 2012

Posted on 10 August 2012 | 12:14 pm

Oracle Critical Patch Update (CPU) Advisory - July 2012

Posted on 19 July 2012 | 3:15 pm

Oracle Java SE Critical Patch Update Advisory - June 2012

Posted on 12 June 2012 | 1:00 pm

Oracle Security Alert for CVE-2012-1675

Posted on 30 April 2012 | 1:01 pm

Oracle Critical Patch Update (CPU) Advisory - April 2012

Posted on 18 April 2012 | 8:40 am

Oracle Java SE Critical Patch Update Advisory - February 2012

Posted on 14 February 2012 | 12:00 pm

Oracle Security Alert for CVE-2011-5035

Posted on 31 January 2012 | 1:20 pm

Oracle Critical Patch Update (CPU) Advisory - January 2012

Posted on 17 January 2012 | 12:44 pm

Oracle Critical Patch Update (CPU) Advisory - October 2011

Posted on 24 October 2011 | 11:33 am

Oracle Security Alert for CVE-2011-3192

Posted on 15 September 2011 | 2:22 pm

Oracle Critical Patch Update (CPU) Advisory - July 2011

Posted on 19 July 2011 | 3:45 pm

Oracle Java SE Critical Patch Update Advisory - June 2011

Posted on 7 June 2011 | 3:18 pm

Oracle Critical Patch Update (CPU) - April 2011

Posted on 19 April 2011 | 1:00 pm

Oracle Java SE and Java for Business Critical Patch Update Advisory - February 2011

Posted on 15 February 2011 | 2:00 pm

Oracle Critical Patch Update (CPU) - January 2011

Posted on 18 January 2011 | 11:40 am

Oracle Critical Patch Update (CPU) - October 2010

Posted on 12 October 2010 | 9:07 am

Oracle Critical Patch Update (CPU) - July 2010

Posted on 14 July 2010 | 12:35 pm

Oracle Critical Patch Update (CPU) - April 2010

Posted on 13 April 2010 | 2:01 pm

Oracle Security Alert for CVE-2010-0073 - February 2010

Oracle Security Alert for CVE-2010-0073

Posted on 4 February 2010 | 12:00 pm

Critical Patch Update - January 2010

Posted on 13 January 2010 | 10:05 am

Critical Patch Update - October 2009

Posted on 20 October 2009 | 8:39 am

Critical Patch Update - July 2009

Posted on 15 July 2009 | 6:00 pm

Critical Patch Update - April 2009

Posted on 14 April 2009 | 3:40 pm

Critical Patch Update - January 2009

Posted on 14 April 2009 | 3:40 pm

Critical Patch Update - October 2008

Posted on 15 October 2008 | 11:53 am

Critical Patch Update - July 2008

Posted on 15 July 2008 | 1:01 pm

Critical Patch Update - April 2008

Posted on 15 April 2008 | 3:13 pm

Critical Patch Update - January 2008

Posted on 15 January 2008 | 2:55 pm

Critical Patch Update - October 2007

Posted on 16 October 2007 | 1:47 pm

Critical Patch Update - July 2007

Posted on 17 July 2007 | 1:21 pm

Critical Patch Update - April 2007

Posted on 18 April 2007 | 8:57 am

Critical Patch Update - January 2007

Posted on 16 January 2007 | 3:35 pm

Critical Patch Update - October 2006

Posted on 17 October 2006 | 11:37 am

Critical Patch Update - April 2006

Posted on 18 April 2006 | 1:42 pm

Critical Patch Update - January 2006

Posted on 17 January 2006 | 4:20 pm

Critical Patch Update - January 2005

Posted on 18 October 2005 | 3:28 pm

Critical Patch Update - April 2005

Posted on 18 October 2005 | 3:28 pm

Critical Patch Update - October 2005

Posted on 18 October 2005 | 3:25 pm

Critical Patch Update - July 2005

Posted on 12 July 2005 | 12:46 pm