If you have bet on Peppermint, Pancake or Pastry for “P” in the next version of Google’s mobile operating system, sorry guys you lose because Android P stands for Android Pie. Yes, the next version of sugary snack-themed Android and the successor to Android Oreo will now be known as Android 9.0 Pie, and it
News
Cyber Security Reviews NEWS brings you the latest daily updates on trends and happenings around the globe.
One of the crucial underlying protocols of the global internet — and many other networks today — is the Border… Gateway Protocol. Now in version 4, BGP provides reachability and loop-free paths for just about every corner of the world in computer networking terms — from data centers and software-defined WANs to the fabrics of
Another day, another significant data breach. This time the victim is Reddit… seems someone is really pissed off with Reddit’s account ban policy or bias moderators. Reddit social media network today announced that it suffered a security breach in June that exposed some of its users’ data, including their current email addresses and an old
Isreal has the talent and capability in the world of cyber security. A country with limited resources but utilises their ingenuity to survive and thrive in the harshest of circumstances. Watch the video here from Vice on HBO. Posted on YouTube: https://www.youtube.com/watch?v=ca-C3voZwpM
Fast Company and Inc. are among the financial publications that have cautioned business readers about data compromise: It’s only a matter of when and how the breach will occur. Unfortunately for publisher Mansueto Ventures, the when occurred sometime in early 2016. Employees’ personally identifiable information — Social Security numbers and more — was stolen and used for filing false state-local tax returns. Workers were left to sort out the mess, according to Keith J. Kelly of the New York
Security researchers have discovered at least three massive malware campaigns exploiting hundreds of thousands of unpatched MikroTik routers to secretly install cryptocurrency miners on computers connected to them. In all, the malware campaigns have compromised more than 210,000 routers from Latvian network hardware provider Mikrotik across the world, with the number still increasing as of
A hospital in Missouri faces a lawsuit after a medical records breach occurred as a result of an email phishing scam, something that’s difficult to protect against within healthcare organizations, according to a security expert. In January, Children’s Mercy Hospital in Kansas City, Mo., notified 63,049 individuals who were potentially affected by the medical records
It’s time to update your Drupal websites. Drupal, the popular open-source content management system, has released a new version of its software to patch a security bypass vulnerability that could allow a remote attacker to take control of the affected websites. The vulnerability, tracked as CVE-2018-14773, resides in a component of a third-party library, called
Editor’s note: One of the steps that generally precedes a network-based attack is port scanning, in which a hacker… tries to discover which services are being offered in order to launch a more specific attack. This article reveals a port-scanning technique that, contrary to most other techniques, does not reveal the location of the system
Like many others, do you also believe that the popular system-cleaning tool CCleaner was performing well before Avast acquired the software from Piriform last year? If yes, then pop-up advertisements in the previous CCleaner software version was not the last thing you have to deal with. Avast has released a new version of CCleaner 5.45
The White House published the Cybersecurity National Action Plan, or CNAP, in February to address what the president sees as weakness in cybersecurity preparedness across the country — problems within the federal government, private sector business, even within citizens’ private lives. The cybersecurity plan is a continuation of the Obama administration’s efforts to increase the
After an eight-year-long absence from the most populated country in the world, Google search is going to dramatically make a comeback in China. Google is reportedly planning to launch a censored version of its search engine in China that is going to blacklist certain websites and search terms to comply with Chinese government’s attempts to
Check Point Research uncovered an extensive malvertising campaign that has ties to legitimate online advertising companies. Check Point’s report, titled “A Malvertising Campaign of Secrets and Lies,” detailed how a threat actor group used more than 10,000 compromised WordPress sites and multiple exploit kits to spread a variety of malware, including ransomware and banking Trojans.
Ransomware has become a multimillion-dollar black market business for cybercriminals, and SamSam being a great example. New research revealed that the SamSam ransomware had extorted nearly $6 million from its victims since December 2015, when the cyber gang behind the ransomware started distributing the malware in the wild. Researchers at Sophos have tracked Bitcoin addresses
I know a guy named Ben. Ben is a white-hat hacker who works to protect billion-dollar assets. The adversaries he defends against are hardcore. Ben and I worked at the same place a few years back. He taught me a very important lesson about deployment security: Never trust a pre-compiled binary. Ben had a justifiable
Another day, Another data breach! This time-sensitive and personal data of hundreds of thousands of people at Boys Town National Research Hospital have been exposed in what appears to be the largest ever reported breach by a pediatric care provider or children’s hospital. According to the U.S. Department of Health and Human Services Office for
Symantec’s identity theft protection service, LifeLock, exposed millions of customers’ email addresses. According to security journalist Brian Krebs, the LifeLock vulnerability was in the company’s website, and it enabled unauthorized third parties to collect email addresses associated with LifeLock user accounts or unsubscribe users from communications from the company. Account numbers, called subscriber keys, appear
Researchers from Israel’s Ben-Gurion University of the Negev showed how a power cable could enable hackers to steal… data from air-gapped computers. What is this vulnerability, and how can it be exploited? PowerHammer is a proof-of-concept malware program the researchers created to take advantage of a vulnerability in power lines that enables attackers to exfiltrate
The U.S. Department of Defense approved the use of Android devices that utilize Samsung’s Knox platform. My organization… has been wary of allowing Androids on the corporate network, pushing users toward iPhones and BlackBerrys instead. Could you explain what Knox does to improve Android device security, and whether it may be a viable enterprise device
Again some bad news for cryptocurrency users. KICKICO, a blockchain-based initial coin offering (ICO) support platform, has fallen victim to a suspected cyber attack and lost more than 70 million KICK tokens (or KickCoins) worth an estimated $7.7 million. In a statement released on its Medium post on July 26, the company acknowledged the security
In this Q&A, David Finn, executive vice president of strategic innovation at CynergisTek, a cybersecurity consulting firm, shares his views on how the dwindling number of insured is affecting cybersecurity efforts in healthcare and how a solution lies in a commonsense approach to cybersecurity for healthcare programs. This interview has been edited lightly for length
Do you or someone you know lives in Egypt and holds an account on Facebook, Twitter, or/and other social media platforms with more than 5000 followers? If yes, your account can be censored, suspended and is subject to prosecution for promoting or spreading the fake news through social media platforms. On July 16, the Egyptian
Yet another bluetooth hacking technique has been uncovered. A highly critical cryptographic vulnerability has been found affecting some Bluetooth implementations that could allow an unauthenticated, remote attacker in physical proximity of targeted devices to intercept, monitor or manipulate the traffic they exchange. The Bluetooth hacking vulnerability, tracked as CVE-2018-5383, affects firmware or operating system software
The Apache Software Foundation (ASF) has released security updates to address several vulnerabilities in its Tomcat application server, one of which could allow a remote attacker to obtain sensitive information. Apache Tomcat is an open source web server and servlet system, which uses several Java EE specifications like Java Servlet, JavaServer Pages (JSP), Expression Language,
Security researchers have uncovered a “highly targeted” mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India. The attackers, who are also believed to be operating from India, were found abusing mobile device management (MDM) protocol—a type of security software used by large enterprises to control
India-linked highly targeted mobile malware campaign, first unveiled two weeks ago, has been found to be part of a broader campaign targeting multiple platforms, including windows devices and possibly Android as well. As reported in our previous article, earlier this month researchers at Talos threat intelligence unit discovered a group of Indian hackers abusing mobile
At Google Cloud Next ’18 convention in San Francisco, the company has introducedTitan Security Keys—a tiny USB device, similar to Yubico’s YubiKey, that offers hardware-based two-factor authentication for your online accounts with the highest level of protection against phishing attacks. These hardware-based security keys are thought to be more efficient at preventing phishing, man-in-the-middle (MITM)
Almost three years after the arrest of two young Dutch brothers, who pleaded guilty to their involvement in creating and distributing CoinVault ransomware malware, a district court in Rotterdam today sentenced them to 240 hours of community service. In 2015, the two suspects — Melvin (25-year-old) and Dennis van den B. (21-year-old) — were arrested
A team of security researchers has discovered a new Spectre attack that can be launched over the network, unlike all other Spectre variants that require some form of local code execution on the target system. Dubbed “NetSpectre,” the new remote side-channel attack, which is related to Spectre variant 1, abuses speculative execution to perform bounds-check
Following Apple’s lead in banning cryptocurrency mining apps, Google has also updated its Play Store policy this week to ban apps that mine cryptocurrencies on users’ devices in the background. However, there are countless cryptocurrency mining apps, including MinerGate, AA Miner, NeoNeonMiner, and Crypto Miner, still available on the Play Store. Cryptocurrency mining is not