SecurityWeek

BEC Scam Losses Top $12 Billion: FBI

Security Week - 54 min 40 sec ago

The losses and potential losses reported as a result of business email compromise (BEC) and email account compromise (EAC) scams exceed $12 billion globally, according to an alert published last week by the FBI.

read more

Categories: SecurityWeek

US Lifts Export Ban on Suppliers to China's ZTE

Security Week - Sun, 07/15/2018 - 11:33pm

The United States on Friday formally lifted a crippling ban on exports to China's ZTE, rescuing the smartphone maker from the brink of collapse after it was denied key components.

The US Commerce Department said it would continue to monitor the company to prevent further violations of US sanctions on Iran and North Korea.

read more

Categories: SecurityWeek

Trump Says 'Might' Ask Putin to Extradite Accused Russian Hackers

Security Week - Sun, 07/15/2018 - 8:47am

Donald Trump has said he may ask Vladimir Putin during their upcoming summit meeting to extradite to the US 12 Russian intelligence officers accused of attempting to interfere with the 2016 presidential election.

read more

Categories: SecurityWeek

BREAKING: 12 Russian Intelligence Officers Indicted for Hacking U.S. Democrats

Security Week - Fri, 07/13/2018 - 12:29pm

Twelve Russian intelligence officers were indicted by a US grand jury on Friday, just three days before President Donald Trump is scheduled to meet with Russian leader Vladimir Putin, for interfering in the 2016 presidential election.

read more

Categories: SecurityWeek

Attackers Target iPhones Using Open Source MDM Solution

Security Week - Fri, 07/13/2018 - 10:28am

Recently discovered cyber attacks targeting iPhone users have been using an open source mobile device management (MDM) system to control enrolled devices, Talos reports.

read more

Categories: SecurityWeek

Flaws Expose Siemens Protection Relays to DoS Attacks

Security Week - Fri, 07/13/2018 - 9:56am

Siemens has informed customers that some of the company’s SIPROTEC protection relays are exposed to denial-of-service (DoS) attacks due to a couple of vulnerabilities present in the EN100 communication module.

read more

Categories: SecurityWeek

Cisco Patches High Risk Flaws in StarOS, IP Phone

Security Week - Fri, 07/13/2018 - 9:45am

Cisco this week released a set of security patches to address several vulnerabilities in its products, including High risk issues impacting StarOS and 6800, 7800, and 8800 Series IP Phones.

read more

Categories: SecurityWeek

Support for Python Packages Added to GitHub Security Alerts

Security Week - Fri, 07/13/2018 - 8:23am

GitHub announced on Thursday that developers will be warned if the Python packages used by their applications are affected by known vulnerabilities.

read more

Categories: SecurityWeek

VPNFilter Malware Hits Critical Infrastructure in Ukraine

Security Week - Fri, 07/13/2018 - 1:33am

The Security Service of Ukraine (SBU) revealed this week that the VPNFilter malware, which it attributed to Russian intelligence agencies, had targeted a critical infrastructure organization.

read more

Categories: SecurityWeek

Dark Web Chatter Helpful in Predicting Real World Hacks, Firm Says

Security Week - Thu, 07/12/2018 - 1:50pm

Some hacks are serendipitous events for skiddies who happen across a website with an easily exploitable common vulnerability. Others, especially the major breaches of major enterprises, are planned and executed with care. Such planning often leaves traces of noise across the internet. IntSights, founded in 2015, searches both the surface and deep web for this noise, and converts it into actionable intelligence. It looks for evidence of planned attacks before they actually occur.

read more

Categories: SecurityWeek

Arch Linux AUR Repository Compromised

Security Week - Thu, 07/12/2018 - 10:10am

A user-maintained Arch Linux AUR (Arch User Repository) software repository was pulled earlier this week after it was found to contain malware.

read more

Categories: SecurityWeek

HackerOne Bug Bounty Programs Paid Out $11 Million in 2017

Security Week - Thu, 07/12/2018 - 9:54am

White hat hackers who responsibly disclosed vulnerabilities through bug bounty programs hosted by HackerOne earned more than $11 million last year, according to the company’s 2018 Hacker-Powered Security Report.

read more

Categories: SecurityWeek

Timehop Shares More Details on Data Breach

Security Week - Thu, 07/12/2018 - 8:47am

Timehop has shared additional details about the recent data breach that impacted roughly 21 million user accounts, including what the attackers did once they gained access to the company’s systems and what other type of information was compromised.

read more

Categories: SecurityWeek

Five Steps to Security Automation

Security Week - Thu, 07/12/2018 - 6:22am

Two weeks ago, Volvo, the Swedish automaker, announced plans for a Level 4 self-driving car by 2021.

read more

Categories: SecurityWeek

Three Emerging Technologies to Accelerate Incident Readiness

Security Week - Thu, 07/12/2018 - 6:08am

Purple Teaming is a Boon to Incident Readiness and Response

read more

Categories: SecurityWeek

Broadcom Buys Business Software Firm CA for $18.9 Billion

Security Week - Thu, 07/12/2018 - 5:18am

Semi-conductor giant Broadcom, which recently failed in a bid to buy US rival Qualcomm, on Wednesday announced a cash deal to buy software and services firm CA Technologies for $18.9 billion.

read more

Categories: SecurityWeek

Hackers Can Chain Multiple Flaws to Attack WAGO HMI Devices

Security Week - Wed, 07/11/2018 - 5:03pm

Germany-based industrial automation company WAGO has patched several vulnerabilities in its e!DISPLAY 7300T Web Panel human-machine interface (HMI) products that can be chained to take control of affected devices.

read more

Categories: SecurityWeek

Hacker Offers Access to Machine at International Airport for $10

Security Week - Wed, 07/11/2018 - 1:16pm

The cost of RDP (Remote Desktop Protocol) access to a system located at a major international airport is of only $10 on the Dark Web, McAfee has discovered. 

read more

Categories: SecurityWeek

AT&T to Acquire Threat Management Firm AlienVault

Security Week - Wed, 07/11/2018 - 12:15pm

AT&T on Tuesday said it would acquire San Mateo, Calif.-based threat management and intelligence firm AlienVault for an undisclosed sum.

read more

Categories: SecurityWeek

Pages