Cyber Security

This is where news and updates on Cyber Security are published on a daily basis.

0 Comments
Completing its acquisition of AlienVault, as revealed in July, AT&T will turn the threat intelligence vendor into its standalone Cybersecurity Solutions Division. To be led by AlienVault CEO Barmak Meftah and AT&T Business CEO Thaddeus Arroyo, the division will combine AlienVault’s foundational unified security management platform and Open Threat Exchange with AT&T’s suite of managed
0 Comments
The latest ESET research offers a rare glimpse into the mechanics of a particularly stealthy and resilient backdoor that the Turla cyberespionage group can fully control via PDF files attached to emails ESET researchers have investigated a distinctive backdoor used by the notorious Advanced Persistent Threat (APT) group known as Turla (or Snake, or Uroburos)
0 Comments
Semmle security researcher Man Yue Mo has disclosed a critical remote code execution vulnerability in the popular Apache Struts web application framework that could allow remote attackers to run malicious code on the affected servers. Apache Struts is an open source framework for developing web applications in the Java programming language and is widely used
0 Comments
A leading US healthcare organization (HCO) has admitted that a phishing attack last September may have led to the compromise of highly sensitive data on nearly half a million patients. Georgia-based Augusta University Health claimed it was notified by investigators on July 31 that a September 2017 phishing attack on hospital staff may have given the
0 Comments
Internet-connected irrigation systems suffer from security gaps that could be exploited by attackers aiming, for example, to deplete a city’s water reserves, researchers warn Security researchers have warned of a potential attack that – using a “piping botnet” of internet-connected irrigation systems that water simultaneously – could impact a city’s water system to the point
0 Comments
A new malware program called the Skygofree Trojan was discovered targeting Android smartphones and tablets with extensive spyware capabilities in order to gain access to user information and gather data from apps. How does this Trojan work and what makes it unique compared to other types of spyware? Antimalware vendors have a category — greyware —
0 Comments
New research from think tank Parliament Street has revealed that The National Health Service (NHS) has misplaced almost 10,000 records in the last year. Parliament Street liaised with 68 NHS Trusts to examine levels of reported missing or lost patient records, compiling its findings into the report NHS Data Security: Protecting Patient Records. The total
0 Comments
‘Insight’ into Home Automation Reveals Vulnerability in Simple IoT Product Eoin Carroll, Charles McFarland, Kevin McGrath, and Mark Bereza contributed to this report.  The Internet of Things promises to make our lives easier. Want to remotely turn lights and appliances on and off and monitor them online? A “smart plug,” a Wi-Fi–connected electric outlet, is
0 Comments
An overview of some of the cyberattacks that Canadian organizations faced in the summer months of 2018. The summer season often seems like a quieter time of year. The past few months have been eventful in Canada, however, as several incidents reported in the media have highlighted the importance of cybersecurity once again. First, several
0 Comments
The increased number of firewalls within security infrastructures has created challenges, leaving many organizations struggling with basic firewall management, according to a new report from FireMon. In its fourth annual State of the Firewall report, FireMon polled 334 C-suite executives, IT practitioners and security professionals at global companies of all sizes to understand both the
0 Comments
by Danny Bradbury The Trump administration has rolled back rules that outlined how to launch cyberattacks on other nations. The decision, which has been under consideration for much of the year, could herald a more hawkish approach to cyberwarfare within the US government. Signed in 2012, the original Obama-era Presidential Policy Directive 20 (PPD-20) replaced
0 Comments
Aiming to protect critical infrastructure against attacks Industrial Control System (ICS) security was ramped up at Black Hat USA – with packed sessions ranging from specific attacks to vulnerable hardware – all with the aim of protecting critical infrastructure, whose security shortcomings so frequently hit the headlines these days. While industrial control protocols themselves are
0 Comments
A new set of Spectre-like flaws that can, theoretically, be exploited to steal sensitive information was discovered in Intel products. Two separate teams of researchers discovered the new vulnerabilities within a few weeks of each other in January and reported it to Intel. Intel was then able to identify two closely related variants and disclosed
0 Comments
by John E Dunn For Intel and more than a billion computers that depend on Intel CPUs, the microprocessor flaws just keep coming. This time, the company was the bearer of its own bad news when it disclosed a weakness dubbed ‘Foreshadow/Foreshadow-NG’ in a security technology called Software Guard Extensions (SGX) that has been baked