SecurityWeek

Scotland Yard Twitter and Emails Hacked

Security Week - Sat, 07/20/2019 - 10:19am

London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages.

read more

Categories: SecurityWeek

Iranian Hackers Use New Malware in Recent Attacks

Security Week - Fri, 07/19/2019 - 1:46pm

The Iran-linked cyber-espionage group OilRig has started using three new malware families in campaigns observed over the past month, FireEye reports.

read more

Categories: SecurityWeek

The Growing Threat of Targeted Ransomware

Security Week - Fri, 07/19/2019 - 12:52pm

Ransomware targeting organizations is a growing threat. The extent of that threat is not always obvious. Except for the healthcare sector, disclosure of a ransomware attack is not generally required -- so victims will not necessarily report an incident. This is exacerbated by those victims who simply pay up and recover their files without the problem becoming obvious.

read more

Categories: SecurityWeek

Author of Dryad and Rubella Macro Builders Arrested

Security Week - Fri, 07/19/2019 - 12:45pm

Dutch authorities this week announced the arrest a 20-year old man for allegedly developing and distributing Office Macro Builders. 

read more

Categories: SecurityWeek

Why Incident Response Must Adopt a Kill Chain Perspective

Security Week - Fri, 07/19/2019 - 12:20pm

Even as incident response (IR) has evolved, it has struggled to see beyond individual events and create a more complete perspective. IR tools are still very effective, particularly as advances in orchestration and automation technology have turned many IR tools into SOAR tools, but they are limited by this narrow focus.

read more

Categories: SecurityWeek

Israel Spyware Firm Can Mine Data From Social Media: FT

Security Week - Fri, 07/19/2019 - 12:11pm

An Israeli spyware firm thought to have hacked WhatsApp in the past has told clients it can scoop user data from the world's top social media, the Financial Times reported Friday.

read more

Categories: SecurityWeek

Ex-NSA Contractor to Be Sentenced in Stolen Documents Case

Security Week - Fri, 07/19/2019 - 11:01am

A former National Security Agency contractor awaits sentencing in Baltimore’s federal court for storing two decades’ worth of classified documents at his Maryland home.

read more

Categories: SecurityWeek

Google Increases Bug Bounty Program Rewards

Security Week - Fri, 07/19/2019 - 10:47am

Google on Thursday informed security researchers that they can now earn significantly higher rewards if they submit vulnerability reports through the company’s bug bounty programs.

read more

Categories: SecurityWeek

Researchers Claim They Bypassed Cylance's AI-Based Antivirus

Security Week - Fri, 07/19/2019 - 2:12am

Researchers at Australia-based cybersecurity firm Skylight claim to have found a way to trick Cylance’s AI-based antivirus engine into classifying malicious files as benign.

read more

Categories: SecurityWeek

Poland, Lithuania Probe Russian-made App Behind Viral Old Age Selfies

Security Week - Fri, 07/19/2019 - 12:39am

Poland and Lithuania said Thursday they were looking into the potential security risks of using a Russian-made face-editing app that has triggered a viral social media trend where users post "aged" selfies.

read more

Categories: SecurityWeek

Over 800,000 Systems Still Vulnerable to BlueKeep Attacks

Security Week - Thu, 07/18/2019 - 1:03pm

Users and organizations continue to patch the Windows vulnerability tracked as BlueKeep and CVE-2019-0708, but over 800,000 systems are still exposed to attacks.

read more

Categories: SecurityWeek

Biometrics: Dismantling the Myths Surrounding Facial Recognition

Security Week - Thu, 07/18/2019 - 12:14pm

Biometric Authentication is No Longer Just the Stuff of Spy Movies or Reserved for Military-Grade Installations

read more

Categories: SecurityWeek

Slack Resetting More User Passwords in Response to 2015 Breach

Security Week - Thu, 07/18/2019 - 10:15am

Slack announced on Thursday that it’s resetting passwords for accounts that users have not secured after the data breach suffered by the company back in 2015.

read more

Categories: SecurityWeek

US Senator Calls for Investigation into Russia-made FaceApp

Security Week - Thu, 07/18/2019 - 9:40am

The chart-topping Russian-made FaceApp, which allows users to see how they will look as they age, found itself in the eye of a political storm in the US Wednesday, with one senator urging an FBI investigation into its "national security and privacy risks".

read more

Categories: SecurityWeek

Malware Framework Gathers 1 Billion Ad Impressions in 3 Months

Security Week - Thu, 07/18/2019 - 8:36am

Flashpoint security researchers have discovered a new malware framework that managed to gather over one billion fraudulent ad impressions in the past three months.

read more

Categories: SecurityWeek

Report Finds California Government IT Security Flaws

Security Week - Thu, 07/18/2019 - 8:11am

California’s state auditor raised alarms Tuesday about information security in some state offices and called for additional oversight and regular assessments.

read more

Categories: SecurityWeek

StrongPity Targets Victims with Malicious WinBox Installer

Security Week - Thu, 07/18/2019 - 7:47am

A recently discovered ongoing campaign attributed to the StrongPity threat actor abuses malicious WinBox installers to infect victims, AT&T’s Alien Labs security researchers reveal.

read more

Categories: SecurityWeek

Microsoft Reports Hundreds of Election-Related Cyber Probes

Security Week - Thu, 07/18/2019 - 1:59am

Microsoft says it has detected more than 740 infiltration attempts by nation-state actors in the past year targeting U.S.-based political parties, campaigns and other democracy-focused organizations including think tanks and other nonprofits.

read more

Categories: SecurityWeek

Vulnerability Allows Hackers to Take Control of Drupal 8 Websites

Security Week - Thu, 07/18/2019 - 1:52am

Drupal developers on Wednesday informed users that version 8.7.4 is affected by a potentially serious vulnerability, and advised them to update to version 8.7.5, which addresses the issue.

read more

Categories: SecurityWeek

Pages