0 Comments
Make way for another antitrust investigation into big tech. Step forward Russia’s Federal Antimonopoly Service (FAS), which has opened an official probe of Apple — following a complaint lodged in March by security company Kaspersky Labs. Kaspersky’s complaint to FAS followed a change in Apple’s policy towards a parental control app it offers, called Kaspersky
0 Comments
Online merchandise store CafePress has been criticized for poor incident response and cybersecurity after it emerged that over 23 million customers had their personal data stolen. Breach notification site HaveIBeenPwned? was apparently the first many customers heard about the incident, which it said occurred in February this year. “The exposed data included 23 million unique
0 Comments
Chinese mobile-phone and device maker Transsion will list in an IPO on Shanghai’s STAR Market,  Transsion confirmed to TechCrunch.  The company—which has a robust Africa sales network—could raise up to 3 billion yuan (or $426 million). “The company’s listing-related work is running smoothly. The registration application and issuance process is still underway, with the specific
0 Comments
Remember the reverse RDP attack? Earlier this year, researchers disclosed clipboard hijacking and path-traversal issues in Microsoft’s Windows built-in RDP client that could allow a malicious RDP server to compromise a client computer, reversely. (You can find details and a video demonstration for this security vulnerability, along with dozens of critical flaws in other third-party
0 Comments
August is often considered the black hole of venture capital fundraising. Everyone is on vacation (well, everyone who’s not a founder anyway), while half of Silicon Valley is slogging down to Black Rock City for Burning Man. It understandably can just seem like an exercise in futility to try to raise any funding at all.
0 Comments
Security researchers are warning of a new speculative execution vulnerability affecting all modern Intel processors which could allow attackers to access sensitive data stored in the kernel. The CVE-2019-1125 flaw bypasses all mitigations put in place after the discovery of Spectre and Meltdown in early 2018, according to Bitdefender. It’s said to affect all processors
0 Comments
A new variant of the Spectre (Variant 1) side-channel vulnerability has been discovered that affects modern Intel CPUs which leverage speculative-execution, and some AMD processors as well, Microsoft and Red Hat warn. Identified as CVE-2019-1125, the vulnerability could allow unprivileged local attackers to access sensitive information stored in the operating system privileged kernel memory, including passwords,
0 Comments
A new version of Matrix-themed ransomware MegaCortex is targeting organizations with demands of up to $5.8m to regain access to their encrypted data, according to Accenture researchers. In version two, the authors have improved automation and usability and made it harder to stop, according to Leo Fernandes, senior manager of the firm’s iDefense Malware Analysis
0 Comments
The Capital One hack has highlighted concerns around server-side request forgery vulnerabilities in AWS, which several security professionals said could have been a contributing factor with the breach. Last Monday, Capital One disclosed a massive data breach that saw a threat actor obtain data for more than 100 million customers and individuals who applied for
0 Comments
ESET research uncovers a cyberespionage operation targeting the Venezuelan military Latin America is often overlooked when it comes to persistent threats and groups with politically motivated targets. There is, however, an ongoing case of cyberespionage against high-profile organizations that has managed to stay under the radar. The group behind these attacks has stolen gigabytes of
0 Comments
Wear OS’s struggles have not been the result of a lack of trying from all parties. Google’s been trying in earnest to break into the wearables game for several years, and in spite of some high profile hardware partners, the company has failed to make a dent. At this point it’s honestly tough to get
0 Comments
It doesn’t matter how securely an enterprise locks down its systems if trusted third parties can’t be trusted to protect their own security. As organizations increasingly rely on a growing contingent of suppliers, customers, contractors and other third parties to securely access their sensitive resources, third-party risk management is necessary to prevent attacks on those
0 Comments
Summary and Introduction: The recent changes in Windows 10, aiming to add case sensitivity (CS) at directory level, have prompted our curiosity to investigate the potential to use CS as a mean of obfuscation or WYSINWYG (What You See is NOT What you Get). While CS was our entry point, we then ventured into other
0 Comments
A $28 million financing has made SmartNews, an AI-powered news aggregation app, a unicorn. Japan Post Capital has led the Series E round, which brings the company’s total investment to $116 million and pushes its valuation to $1.1 billion. Existing investors in SmartNews include Development Bank of Japan, SMBC Venture Capital and Japan Co-Invest L.P.
0 Comments
Roblox is big. Bigger than Minecraft big. The massively multiple online title has been around since 2006, but the game has been achieving a crazy amount of momentum of late. On Friday, it announced via blog post that it’s grown past 100 million monthly active users, pushing past Minecraft, which is currently in the (still
0 Comments
A new initiative has been announced by the Automotive Industry Action Group (AIAG) to help automotive suppliers compare their current capabilities to industry best practice. Developed in partnership with NCQ, the Cyber Safe Bundle includes a one-time virtual audit, along with either a basic or advanced enterprise risk assessment. Together, these resources allow suppliers to