Security

Cyber Security Reviews – Security will bring to our readers whats happening on the Security scene around the world.

0 Comments
Malicious code was lurking about in two different apps within the Google Play store, according to researchers at Trend Micro who have disclosed that they discovered a banking Trojan in what seemed like legitimate apps. Both the currency converter and the battery-saving app have been removed from Google Play, but not before they were downloaded thousands
0 Comments
The new year is a time for resolutions and promises of change, so much so that even malware has returned from a bit of time off with some new features, including a new Flash exploit, according to Malwarebytes head of investigations, Jérôme Segura. The Fallout exploit kit (EK) took a little respite over the first few
0 Comments
by John E Dunn The Have I Been Pwned? (HIBP) website has revealed another huge cache of breached email addresses and passwords discovered last week circulating among criminals. Named “Collection #1”, its statistics are as impressive as they are worrying: 87GB of data, 12,000 files, and 1.16 billion unique combinations of email addresses and passwords.
0 Comments
The third annual CyberFirst Girls competition will kick off on Monday as GCHQ looks to help address a chronic gender imbalance and skills shortage in the industry. Over the past two years, the intelligence service’s National Cyber Security Centre (NCSC) has managed to attract 12,500 female pupils from schools across the UK to take part.
0 Comments
The vast majority of senior decision makers across the globe expect data theft and cyber-disruption to increase in 2019, according to the latest report from the World Economic Forum (WEF). The annual Global Risks Report for 2019 uses interviews with risk experts, business leaders, academics and others to better understand the challenges facing the world
0 Comments
The British Security Industry Association (BSIA) has published a summary of current guidelines to minimize the exposure to digital sabotage of network connected equipment, software and systems used in electronic security. The 335 Cyber Secure It – Best Practice Guidelines for Connected Security Systems document, designed by the Cyber Security Product Assurance Group (CySPAG) and leading
0 Comments
by Naked Security writer Get yourself up to date with everything we’ve written in the last seven days – it’s weekly roundup time. Monday 7 January 2019 No Android passcode? No problem! Skype unlocked it for you Hacker doxes hundreds of German politicians Update now! Adobe Acrobat and Reader have critical flaws Tuesday 8 January
0 Comments
For the second time in less than two months, the New York Times has reported that a progressive group of Democrats allegedly leveraged social media sites in a secret project intended to spread false information and sway the 2017 Senate race in Alabama. According to the New York Times, “The ‘Dry Alabama’ campaign, not previously
0 Comments
by Danny Bradbury Old Twitter posts could reveal more about you than you think, according to a research paper released this month. Tweets could reveal places you visited and things you did, even if you didn’t explicitly mention them. Researchers from the Foundation for Research and Technology in Greece and the University of Illinois found
0 Comments
The healthcare sector continues to be the target of cyberattacks, with Managed Health Services (MHS) of Indiana Health Plan announcing recently that a third-party data breach potentially exposed up to 31,000 patients’ personal data in one of two security incidents the company has disclosed in the past month. The organization reportedly manages Indiana’s Hoosier Healthwise
0 Comments
The US government shutdown is having a chilling effect on national cybersecurity, with 80 government web certificates having already expired without being renewed and FBI agents issuing a stark warning. Vendor Netcraft claimed on Thursday that the lapsed certificates include those affecting “sensitive government payment portals and remote access services” at agencies like NASA, as
0 Comments
by Lisa Vaas It’s time to crown a new sysadmin From hell. Or from heaven, if you’re law enforcement. His name is Cristian Rodríguez: a Colombian IT geek who wound up working for drug kingpin “El Chapo” Joaquin Guzmán, got flipped by the FBI, and is likely going to go down in history as being
0 Comments
Security researchers have spotted a new series of DNS hijacking attacks successfully targeting organizations globally on a large scale and traced back to Iran. The attacks have managed to compromise “dozens” of domains run by government, telecommunications and internet infrastructure in the Middle East and North Africa, Europe and North America. In so doing, they
0 Comments
by John E Dunn For decades hot tubs were simple water-bearing garden luxuries that owners looked forward to relaxing in of an evening. More recently, manufacturers started adding exciting Internet of Things (IoT) features that product marketing departments worked themselves into a lather promoting as the next must-have. These IoT-enabled hot tubs look identical to
0 Comments
NHS Digital’s first chief information security officer (CISO) has resigned just three months into the job, dealing a blow to efforts to improve cybersecurity across the UK’s health service. In a memo to staff seen by HSJ, NHS Digital deputy CEO, Rob Shaw, said that Robert Coles’ departure was due to personal reasons and that
0 Comments
Security researchers have warned users of P2P sites of a new malvertising campaign featuring a twin threat: info-stealing malware and ransomware. By registering rogue advertising domains, the attackers are able to direct torrent site visitors to two different exploit kits: Fallout EK and GrandSoft EK, according to Malwarebytes. Those unlucky enough to be pushed according
0 Comments
Three-fifths (60%) of US organizations have experienced security incidents related to their use of containers over the past year, according to new research from Tripwire. The vendor polled over 300 IT security professionals who manage these environments at firms of over 100 employees to better understand the challenges associated with deployment of the lightweight software
0 Comments
by John E Dunn For anyone who believes vein authentication is more secure than fingerprints or facial recognition, we have good news – researchers have just showed how the technology can be beaten. Before we explain why that statement isn’t a contradiction, let’s dive a bit deeper into what researchers Jan Krissler and Julian Albrecht
0 Comments
A unique phishing template using fake fonts to evade detection and to better steal user credentials for a major US bank has been discovered, according to new research from Proofpoint. Researchers identified what they are calling a first-of-its kind phishing template that uses fake fonts to exploit web font features typically used by developers to deploy a