0 Comments
by Lisa Vaas It’s one thing to slip spyware onto somebody’s phone so you can surreptitiously intercept text messages, call logs, emails, location tracking, calendar information and record conversations – that kind of privacy-spurning stuff. It’s another thing entirely to be the company that makes and markets the software… and – the coup de GAH!
0 Comments
Since January 1st of 2018, a barrage of cyber attacks and data breaches have hit almost every industry, targeting businesses large and small, many of which are now from IoT devices. By 2025, it is estimated that there will be approximately 75 billion connected devices around the world. With more IoT devices ­–from wearables and
0 Comments
Far-fetched though it may sound, the answer is yes, according to researchers, who show that electrical grids and smart home appliances could make for a dangerous mix Cybercriminals could rope internet-connected household appliances into a botnet in order to manipulate the demand side of the power grid and, ultimately, cause anything from local outages to
0 Comments
Malware from newly uncovered group PowerPool exploits zero-day vulnerability in the wild, only two days after its disclosure On August 27, 2018, a so-called zero-day vulnerability affecting Microsoft Windows was published on GitHub and publicized via a rather acerbic tweet. Source: Twitter It seems obvious that this was not part of a coordinated vulnerability disclosure
0 Comments
Dutch security researcher Willem de Groot, who’s particularly interested in security problems on online payment sites, recently wrote about a long-running Magento malware campaign. Magento is to ecommerce what WordPress is to blogging – you can run the open source version on your own servers; you can use an ecommerce partner who’ll run a Magento
0 Comments
Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks. Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially vulnerable MikroTik routers, more than 7,500 devices have been compromised to enable
0 Comments
Google has started restricting ads for tech support services ahead of rolling out a verification program to deal with rising levels of fraud enabled by advertising on its search platform. The search giant claimed to have taken down more than 3.2 billion ads that violated its advertising policies: amounting to over 100 per second. However,
0 Comments
At least one malicious actor began exploiting a critical vulnerability in Apache Struts in the wild, despite a patch being issued last week. According to researchers at Volexity, a cybersecurity company based in Washington, D.C., the exploits of the Apache Struts vulnerability surfaced in the wild not long after a proof-of-concept (PoC) exploit was published
0 Comments
A recent survey of nearly 200 IT professionals about insider threats found that nearly half of the participants believed they could successfully attack their organizations from the inside. In a blog post earlier this week Imperva researchers reported on insider threats and revealed the findings of the recent survey.  Of the 179 IT professionals who participated in the
0 Comments
Few would equate human life with battery life, but for many migrants escaping war or famine, a single percentage point of battery can mean getting the right information at the right time – or not surviving at all. Smartphones today have become an integral part of a forced migrant’s journey. From navigating mountains in Central
0 Comments
Instagram is growing quickly—and with the second most popular social media network in the world (behind just Facebook), the photo-sharing network absolutely dominates when it comes to user interactions. And with great success comes great responsibility—responsibility to keep users’ accounts safe, responsibility to fight fake accounts and news, and responsibility of being transparent. You might
0 Comments
A campaign recently reported by Farsight Security involved an internationalized domain name (IDN) “homograph-based” phishing website that tricked mobile users into inputting their personal information. The suspected phishing websites presented as commercial airline carriers – specifically Delta Airlines, easyJet and Ryanair – and offered free tickets, fooling users with the age-old bait-and-switch technique. Users were asked