As the world becomes more interconnected by the day, more and more companies of all sizes and industries are finding themselves under attack by fearless cybercriminals who can access their entire server farms from across the globe with only a few lines of code. And it’s not just private corporations that are suffering. A wide
Cyber Security
This is where news and updates on Cyber Security are published on a daily basis.
The maker of Magic: The Gathering has confirmed that a security lapse exposed the data on hundreds of thousands of game players. The game’s developer, the Washington-based Wizards of the Coast, left a database backup file in a public Amazon Web Services storage bucket. The database file contained user account information for the game’s online
Aerial imagery is a common asset in military matters, but 3D maps can be difficult to collect on short notice without specialized equipment. This new photogrammetry technique from the Army Corps of Engineers, however, can make accurate 3D maps from ordinary aerial footage in just minutes. Photogrammetry is the process of comparing multiple photos of
Next month marks the 30th anniversary of the first ever ransomware attack, and according to new research this particular form of malware is still going strong. According to the “Mid-Year Threat Landscape Report“ published yesterday by Bitdefender, ransomware increased 74.23% year on year in the first six months of 2019. Researchers noted a change in the ransomware landscape following the fall
Security researchers found vulnerabilities in the Qualcomm TrustZone secure element extension that could allow attackers to steal the most sensitive data stored on mobile devices. TrustZone implements architectural security extensions on ARM processors that can be integrated into the bootloader, radio, Android system image and a trusted execution environment (TEE) in mobile devices. Slava Makkaveev,
by Danny Bradbury Last month a serious Linux Wi-Fi flaw (CVE-2019-17666) was uncovered that could have enabled an attacker to take over a Linux device using its Wi-Fi interface. At the time it was disclosed Naked Security decided to wait until a patch was available before writing about it. Well, it’s been patched, but the
A recent update to Facebook’s iOS app introduced a bug that had some users worried Earlier in November, several iPhone users started experiencing a mysterious glitch while using the Facebook app. The issue got wider traction once some of them, including Joshua Maddux, went to Twitter to share their experience, CNET reports. The glitch is
The recent controversies surrounding the WhatsApp hacking haven’t yet settled, and the world’s most popular messaging platform is in choppy waters once again. The Hacker News has learned that WhatsApp has recently patched yet another critical vulnerability that could have allowed attackers to remotely compromise targeted devices and potentially steal secured chat messages and files
In these times of political strife, it’s nice that despite our differences we can still band together as a nation in the face of a catastrophe that affects us all equally. I speak, of course, of robocalls, and it seems that the House and Senate have put their differences aside for the present in order
“5 months and growing strong” the Libra Association announced today in an post about its technical infrastructure that completely omits the fierce regulatory backlash to its cryptocurrency. 40 wallets, tools, and block explorers plus 1,700 Github commits have how now been built on its blockchain testnet that’s seen 51,000 mock transactions in the past two
New research published today by Zix-AppRiver has revealed that 61% of US executives feel powerless to stop employees holiday shopping on company devices, despite knowing that the practice poses a cybersecurity threat to the business. Researchers asked 1,049 cybersecurity decision-makers within American SMBs across a diverse range of industry sectors about the holiday shopping habits of their employees. According
by John E Dunn More than a decade after it first emerged, is the world any closer to stopping ransomware? Judging from the growing toll of large organisations caught out by what has become the weapon of choice for so many criminals, it’s tempting to conclude not. The problem for defenders, as documented in SophosLabs’
The critical vulnerability could also be exploited via a malicious Microsoft Office document Microsoft has shipped out a fix for a critical flaw in Internet Explorer (IE) that is being exploited in the wild. Tracked as CVE-2019-1429, the vulnerability is part of this month’s batch of regular security updates known as Patch Tuesday. The zero-day
It appears that at least the United States has started taking the threat of Sim Swapping attacks very seriously. Starting with the country’s first-ever conviction for ‘SIM Swapping’ this February, U.S. Department of Justice has since then announced charges against several individuals for involving in the scheme to siphon millions of dollars in cryptocurrency from
TikTok is beginning to dabble in social commerce. The short-form video app said it has started to allow some users to add links to e-commerce sites (or any other destination) to their profile biography as well as offer creators the ability to easily send their viewers to shopping websites. The company said the roll-out of
With the launch of iOS 13, Apple added perfectly timed live lyrics to its Apple Music app. Now Spotify may do the same. Several users in international markets are now seeing a similar synced lyrics feature in their Spotify mobile app, where lyrics scroll by in time with the music. The feature is powered by
Cyber professionals will compete to find leads in real missing persons cases in a competition in Washington, DC, next month. SANS Institute has teamed up with non-profit organization Trace Labs to host the Open-Source Intelligence (OSINT) Missing Persons Capture the Flag (CTF) in partnership with local, state, and federal law enforcement agencies. Participants, working in teams of
by Alice Duckett A huge Airbnb scam ends with promises to verify every host and listing, Mozilla says ISPs are lying to Congress about encrypted DNS and we discuss the SophosLabs 2020 Threat Report. Host Anna Brading is joined by Sophos experts Peter Mackenzie and Greg Iddon on this week’s episode of the podcast. Listen
Are you considering a career in cybersecurity? What learning path(s) should you take? Does formal education matter? ESET experts share their insights. With cyberthreats on the rise, cybersecurity professionals are, unsurprisingly, a hot commodity. According to a recent study, there will be 350% growth in open cybersecurity positions from 2013 to 2021 and it is
Hundreds of millions of devices, especially Android smartphones and tablets, using Qualcomm chipsets, are vulnerable to a new set of potentially serious vulnerabilities. According to a report cybersecurity firm CheckPoint shared with The Hacker News, the flaws could allow attackers to steal sensitive data stored in a secure area that is otherwise supposed to be
Yodel.io, an Austria-founded startup that’s developed a “digital receptionist” to help SMBs and other small teams handle in and outbound phone-calls, has picked up $1 million in “pre-seed” funding. It brings total funding to just over $1.8 million. Backing this round is EXF Alpha, the fund of the European Super Angels Club, and various other
Freshworks, a company that makes a variety of business software tools, from CRM to help-desk software, announced a $150 million Series H investment today from Sequoia Capital, CapitalG (formerly Google Capital) and Accel on a hefty $3.5 billion valuation. The late-stage startup has raised almost $400 million, according to Crunchbase data. The company has been
America’s Internal Revenue Service is to launch a large-scale cyber-safety campaign to coincide with the busiest shopping period of the year. According to the website Accountingtoday.com, the campaign by the IRS will begin on the Monday after Thanksgiving, commonly known to bargain hunters as Cyber Monday. “The campaign will emphasize to practitioners and taxpayers the
Security pros know October as National Cybersecurity Awareness Month. But October 2019 marked another important event: It was the fifth anniversary of the release of Docker 1.0. Since Docker was introduced, there has been a tremendous evolution in containers and the containerization ecosystem. Consider, for example, the emergence of container-focused cloud services, the proliferation of
by Danny Bradbury Apple has yanked an app from its iTunes App Store that allowed Instagram users to follow their friends’ activities on the social network. Apple removed Like Patrol from its store last weekend citing a violation of its data collection policies. Apple didn’t return requests for comment, but the app showed up as
The infamous vulnerability has been exploited for a cryptocurrency mining campaign, but more damaging attacks may still be in store Ever since it was discovered six months ago, the BlueKeep vulnerability has had (not only) the cybersecurity community concerned about impending WannaCryptor-style attacks. Earlier in November, Microsoft together with security researchers Kevin Beaumont and Marcus
Complying with cyber regulations forms a significant portion of the CISO’s responsibility. Compliance is, in fact, one of the major drivers in the purchase and implementation of new security products. But regulations come in multiple different colors and shapes – some are tailored to a specific vertical, while others are industry-agnostic. Some bare explicit consequences
Meet The Garage, a new incubator in Paris that is all about blockchain projects. Co-founded by Cyril Paglino from Starchain Capital, Fabrice Le Fessant from Dune Network and Oussama Ammar from The Family, the company will support blockchain startups, help big companies launch blockchain projects and educate engineers about blockchain development. The Garage is a
Twitch today publicly launched Twitch Studio, its new software designed to help new streamers get started broadcasting. The idea behind the app is to make it simple for someone new to the space to get started, by offering a quick setup process and other tools to make the stream both look and sound more professional
PortSwigger has launched a free interactive training platform in an attempt to address the global shortage of cybersecurity talent. The makers of Burp Suite cut the ribbon on the new Web Security Academy last month following a soft launch of the platform in April 2019, which a PortSwigger spokesperson said had garnered “overwhelmingly positive user feedback.” The Web
- 1
- 2
- 3
- …
- 116
- Next Page »