Security

Cyber Security Reviews – Security will bring to our readers whats happening on the Security scene around the world.

0 Comments
The Department of Energy (DOE) engaged in conversations with industry partners in order to advance the cybersecurity of industrial control systems in the nation’s critical infrastructure, including power utilities and pipelines, according to FedScoop and E&E News. “Private entities and key agencies formed a consortium over concerns industrial control systems (ICS) are increasingly being targeted by
0 Comments
by Danny Bradbury Hackers just infiltrated virtual reality (VR), enabling them to manipulate users’ immersive 3D worlds. At the Recon cybersecurity show in Montreal, researchers Alex Radocea and Philip Pettersson demonstrated how to hack virtual reality worlds on three platforms. The first was VR Chat, a virtual chat room available via online gaming platform Steam
0 Comments
A cryptominer campaign has been targeting Linux-based servers using a new Golang malware, according to research published by F5 Labs.  Though not often seen in the threat landscape, the Golang malware was first identified in mid-2018 and has sustained throughout 2019. Researchers noted the latest operation, which has infected an estimated several thousand machines, began
0 Comments
by Lisa Vaas Bitcoin is eating up about seven gigawatts per year, according to a new tool from University of Cambridge’s Centre for Alternative Finance, called the Cambridge Bitcoin Electricity Consumption Index (CBECI). That’s a bit more than the entire country of Switzerland is using, according to the CBECI – a number that’s admittedly hard
0 Comments
by Paul Ducklin Here at Naked Security, we’re well aware that social networks aren’t for everyone, and if you’ve decided to stay away from them, we’re good with that. After all, the best way to prevent privacy blunders and data breaches is simply not to give out the data in the first place – or,
0 Comments
by Paul Ducklin We’ve written about so-called digital padlocks before, usually not very enthusiastically. That’s because we’ve usually been reporting on some sort of cybersecurity blunder that has made these locks very much less secure than their owners probably thought. To be fair, a lot of conventional padlocks and many door locks aren’t super-secure either,
0 Comments
The U.S. Food and Drug Administration (FDA) is warning patients and healthcare providers that some insulin pumps carry cybersecurity risks.  In an alert published on June 27 2019, the FDA said that certain Medtronic MiniMed™ insulin pumps carry potential cybersecurity risks and that patients with diabetes using these models should switch their insulin pump to other
0 Comments
A US-based cloud solutions provider, PCM Inc., has experienced what KrebsOnSecurity called a “digital intrusion,” which enabled hackers to access the email and file-sharing systems of some of the company’s clients.   “Sources say PCM discovered the intrusion in mid-May 2019. Those sources say the attackers stole administrative credentials that PCM uses to manage client accounts
0 Comments
Another company charged with managing and safeguarding client data, Attunity, left client data files exposed on the internet, according to a June 27 report from UpGuard. The incident has reportedly impacted clients, including Ford and the TD Bank, whose customer information was publicly accessible.  Researchers disclosed that three Amazon S3 buckets used by the data management
0 Comments
Only 10 days after malware researcher Brad Duncan reported analysis on a new variant of Dridex that bypasses mitigation of application whitelisting techniques by disabling or blocking Windows Script Host, eSentire discovered a new infrastructure pointing to a similar Dridex variant.   “Dridex malware targets banking information and is delivered via email in the form of a malicious
0 Comments
Silex, a new strain of malware that was used to brick IoT devices, is apparently the work of a 14-year-old boy from Europe, according to an Akamai researcher. The botnet works by trashing the IoT device’s storage, removing the network configuration, such as dropping firewall rules, and ultimately halting the devices, which renders them useless. Researcher Larry
0 Comments
A scam that was discovered last month that involved cyber-criminals invading Microsoft Azure Cloud Services reportedly remains ongoing. According to Malwarebytes’ threat intelligence team, the scam has continued but with a new trick: utilizing paid search results. Instead of targeting victims through false emails claiming to be from Microsoft or Apple, scammers have been buying ads