Security

Cyber Security Reviews – Security will bring to our readers whats happening on the Security scene around the world.

0 Comments
by Paul Ducklin Artificial intelligence, fuzzy logic, neural networks, deep learning… …any tools that help computers to behave in a way that’s closer to what we could call “thinking” are immensely useful in fighting cybercrime. That’s because what’s generally known today as machine learning is good at dealing quickly with immense amounts of threat-related data,
0 Comments
Cyber-criminals are increasingly downsizing from selling their wares on large dark web marketplaces in a bid to build trust with buyers, according to McAfee. The security giant claimed in its latest threat report for Q3 that the trend can also be seen as a response to law enforcement activity. Police effected the major takedowns of
0 Comments
Supporters of YouTube sensation PewDiePie have been at it again, this time defacing a Wall Street Journal web page in another bid to boost his subscribers. The page itself, originally sponsored by a technology giant, was apparently fixed promptly by the newspaper’s IT team, but can be viewed here. It references the WSJ’s 2017 investigation
0 Comments
Printers around the world appear to have been hijacked again with a message to subscribe to a popular YouTube vlogger, and improve their cybersecurity. Those behind the attack are thought to be the same ones that managed to get a message in support of social media star PewDiePie printed out on 50,000 machines last month.
0 Comments
Law enforcement agencies across the country spent the better part of yesterday evening investigating a slew of bomb threats delivered by email to businesses and universities across the US and Canada. The hoax email warning that an explosive device was in the recipient’s place of work evoked fear among many Americans yesterday, according to KrebsonSecurity.
0 Comments
by Danny Bradbury Google keeps tabs on much of your activity, including your browsing history and your location. Now, it turns out that its YouTube service is also reading what’s in your videos, too. Programmer Austin Burk, who goes by the nickname Sudofox, discovered the issue after discovering a cross-site scripting (XSS) flaw on another site.
0 Comments
Over 40,000 credentials for accounts on government portals around the world have been leaked online, and are most likely up for sale on the dark web. Russian security firm Group-IB said usernames and cleartext passwords were available for various local and national government entities across more than 30 countries. It’s not clear exactly how they
0 Comments
The coming year will see a mix of old and new as phishing is supercharged with AI but reported vulnerabilities continue to cause organizations problems, according to Trend Micro. The security giant claimed in its predictions report this week that phishing will continue to grow in popularity as exploit kits fade. The number of detections
0 Comments
by John E Dunn What’s the safest way for a criminal to buy counterfeit banknotes? Curiously, it’s not necessarily from the dark web, as 235 people now “detained” by police have just discovered. According to Europol, between 19 November and 3 December police forces in 13 countries searched 300 properties, uncovering caches of drugs, guns
0 Comments
by Danny Bradbury WordPress users are facing another security worry following the discovery of a massive botnet. Attackers have infected 20,000 WordPress sites by brute-forcing administrator usernames and passwords. They are then using those sites to infect even more WordPress installations. The botnet, which WordPress security company Wordfence discovered last week, infects sites using a
0 Comments
by Danny Bradbury Twelve US states are suing an electronic healthcare record provider who lost 3.9 million personal records in 2015. The Attorneys general of Arizona, Arkansas, Florida, Indiana, Iowa, Kansas, Kentucky, Louisiana, Minnesota, Nebraska, North Carolina, and Wisconsin clubbed together to file suit against Indiana-based Medical Informatics Engineering (MIE) and its subsidiary NoMoreClipboard (NMC)
0 Comments
According to the EU GDPR (General Data Protection Regulation) Implementation Review Survey conducted by IT Governance, six months after the GDPR went into effect, the majority of organizations are failing to implement the mandatory regulations. The study included 210 responses from participating organizations ranging in size from fewer than 10 to more than 1,001 employees from across
0 Comments
A series of cyber-robbery attacks have been targeting financial organizations in Eastern Europe, according to new research from Kaspersky Lab. Researchers found that the series of attacks, dubbed DarkVishnya, have affected at least eight banks in the region, with estimated losses running into the tens of millions of dollars. Based on data collected through Kaspersky Lab’s
0 Comments
If you’re among the holdouts still running Flash, you have some more updating homework to do. Adobe has issued an out-of-band patch after researchers spotted a Flash zero-day flaw being exploited in the wild. The discovery was made by Qihoo 360 which on 29 November noticed a targeted APT (Advanced Persistent Threat) attack against a
0 Comments
Australia has followed the UK in passing its own draconian surveillance laws which could force technology providers to engineer de facto backdoors into their end-to-end encryption products. The opposition Labor Party stood aside at the eleventh hour to let the bill pass, on the understanding that its amendments would be passed in the new year,
0 Comments
by Paul Ducklin On the Naked Security podcast this week: Marriott’s huge and scary data breach, a bug in software management software could be a data thief’s goldmine, and a self-righteous “hacker” prints out an advert on 50,000 internet printers. With Anna Brading, Mark Stockley, Matthew Boddy and Paul Ducklin. LISTEN NOW (Audio player above