Security

Cyber Security Reviews – Security will bring to our readers whats happening on the Security scene around the world.

0 Comments
A new type of NetSpectre attack requires no malware or malicious JavaScript, because it instead attacks victims through network connections, according to researchers at Graz University of Technology. Four scientists at the university have published findings on a new type of Spectre attack in a paper entitled NetSpectre: Read Arbitrary Memory over Network. The paper
0 Comments
by Danny Bradbury Google has cracked down on apps that mine for cryptocurrency, banning them entirely from its official Google Play Store. The company quietly updated its developer policy page with the following statement: We don’t allow apps that mine cryptocurrency on devices. We permit apps that remotely manage the mining of cryptocurrency. The policy
0 Comments
UK Card Not Present (CNP) fraud losses have fallen for the first time since 2011, despite rising levels in many European countries, according to new stats from FICO. The fraud prevention firm’s latest interactive map is built on data from Euromonitor International and UK Finance. It revealed that the UK saw the biggest reduction in
0 Comments
Hundreds of tech-savvy inmates at several Idaho correctional facilities have been caught exploiting a software vulnerability on their state-funded tablets to artificially increase account balances. Officials claimed that 364 prisoners had been caught hacking the JPay tablets which are provided to allow them access to email, music and games. The software exploit apparently allowed them
0 Comments
by Naked Security writer Get yourself up to date with everything we’ve written in the last seven days – it’s weekly roundup time. Monday 23 July 2018 WhatsApp limits message forwarding in response to lynchings Facebook, Google, Microsoft and Twitter make leaving easier Mobile security – how to have your cake and eat it [PODCAST]
0 Comments
The US government has repeated warnings of state-sponsored cyber-attacks made possible by infiltrating the software supply chain. The report from the National Counterintelligence and Security Center (NCSC) reveals insight into foreign economic and industrial espionage against the US. It calls out China, Russia and Iran as “three of the most capable and active cyber actors
0 Comments
In an effort to deliver more robust application and data security solutions that protect enterprises against attacks from cyber-criminals, California-based Imperva Inc. announced that it will acquire the Los Angeles-based application security company Prevoty. The deal, which is expected to close in Q3 2018, has an estimated value of $140m. The Prevoty office will become an Imperva location.
0 Comments
A flaw in the website design for LifeLock, a company charged with protecting the identity of its online customers, resulted in millions of customer accounts being exposed, according to KrebsonSecurity. A vulnerability in the site, which reportedly lacked authentication and security, has been fixed, but the breach highlights the larger security concerns inherent in web application security. Of
0 Comments
Android users have been warned about another Exobot banking malware source code (v. 2.5) that was leaked online. It was first detected in May 2018 and has been dubbed “Trump Edition.” The leak is expected to result in a surge of malicious Android apps given that the malware source code is now available in dark
0 Comments
by Naked Security writer Happy SysAdmin Day! If you’re a System Administrator at work, then you’re definitely IT support at home as well. In fact, if you’re reading an article on Naked Security then you’re almost certainly the least non-technical user in your family, and that means you’re IT support at home too. And that
0 Comments
by Lisa Vaas Come the end of 2020, it will be time to stick a fork in Adobe Flash. That’s when, if you’ll forgive the mixed metaphor, the malware petri dish will officially be toast. Unfortunately, that doesn’t mean that government agencies are going to toss Flash into the compost pile After all, the government
0 Comments
by Paul Ducklin A few years ago – make that quite a few, actually – Sophos was a lot smaller than it is now. Recruitment was different too – back then we weren’t so much writing cybersecurity software as helping to invent the entire field of anti-malware research. One of the paradoxical things that’s important
0 Comments
by Danny Bradbury Google took its efforts to protect online accounts up a notch this week, announcing its own hardware-based security key. Announced at Google’s Cloud Next conference, the Titan keys are a two-factor authentication (2FA) solution, designed to combat one of the most prevalent forms of online attack: account hijacking. Without 2FA, attackers who
0 Comments
by Mark Stockley So you’re a sysadmin – blue team, red pill, grey hat. Your brain works at the speed of a hyperloop inside a rocket ship slingshotting around a black hole that’s slingshotting around another black hole. You make the impossible possible, you make the improbable into the everyday and for everything else there’s