Cybersecurity News, Articles and Updates

Two-thirds of online banking systems in 2017 contained high-risk vulnerabilities

75 percent of online banking systems contained cross-site scripting flaws, 69 percent lacked protection from data interception, 63 percent had insufficient authorisation, 50 percent were vulnerable to sensitive data disclosure.

PyRoMine uses NSA exploits to mine Monero and disable security features

In the age where cryptomining software is beating out ransomware as the go to for most hackers, a Python-based Monero miner is using stolen NSA exploits to gain an edge

Norfolk State University dedicates multimillion dollar cybersecurity facility, Naval academy announces boost in recruits.

Norfolk State University dedicated a new multimillion-dollar cybersecurity complex Monday afternoon at the same the Navy announced a major increase in cyber operations majors.

SC Video: Cisco's Tom Gilheany discusses the cybersecurity talent gap

SC Media's Rob Abel sits down with Cisco's Tom Gilheany to discuss some of the ways to improve the cybersecurity talent pool as well as retain talent within your own organization.

'SquirtDanger' Swiss Army Knife malware steals cryptocurrency, takes screenshots

Palo Alto's Unit 42 researchers identified a new botnet malware family described as "Swiss Army Knife Malware" that was designed by a veteran threat actor.

FDA pushes for medical devices to include mandatory built in update mechanisms

As researchers continue to find security flaws in medical devices and threat actors continue to target the healthcare sector, the FDA is looking to impose new security measures.

Ikea's TaskRabbit investigating cybersecurity incident

Ikea's freelance labor marketplace task rabbit temporarily shut down its app and website amid the investigation of a "cyber-security incident"

Intel announces new chip designs with built-in security

Intel Monday announced three new measures that will be implemented in a future chip design to bake security into the hardware following last year's Spectre/Meldown vulnerability.

RSA's Ghai stresses positive thinking, teamwork and diversity

The 27th RSA Conference officially kicked off this morning with RSA President Rohit Ghia welcoming attendees and trying to set a positive mood for the show.

Celebgate hacker who stole Jennifer Lawrence nudes pleads guilty of breaking into nearly 240 iCloud accounts

A Connecticut man admitted to hacking into the iCloud accounts of prominent females celebrities including "Red Sparrow" actress Jennifer Lawrence and more than 200 others.

Remotely hosted objects used to spread Formbook malware

Cybercriminals are once again abusing trusted applications, such as Microsoft Office, to launch multi-stage attacks inside malicious documents to deliver Formbook malware

AMD Processors address Spectre vulnerabilities

AMD announced the release of processor security updates for vulnerabilities concerning the Spectre Variant 2 vulnerability or Microsoft Windows users.

£13.5 million cyber-innovation centre to be built at London Olympic Park,

A £13.5 million cyber-innovation centre is to be built at London's Queen Elizabeth Olympic Park, intended to boost the thriving East London digital cluster and help create 2,000 UK jobs in cyber-security.

SirenJack flaw exposes problems in emergency alert system

Security researchers have found a flaw in the emergency alert warning siren system used by many local authorities - could be sounded by hackers, research finds.

Companies reversing hashed emails for as little as 2.84p per email

Hashed email addresses do not provide any significant protection for consumers as many firms are now offering services that can reverse email hashing to correctly guess consumers' email addresses, security experts warn.

Adobe Patch Tuesday includes ColdFusion updates

Adobe's April 10, 2018 Patch Tuesday addressed 14 security issues including 6 in Flash Player.

Should LinkedIn follow Facebook's lead in data restriction controls?

Facebook's recent announcement to update its data restriction policies has prompted some researchers to turn other social media platforms to review their data practices as well.

Intel urges users to delete remote keyboard app, halts Spectre fixes on older chips

Intel is instructing users of its remote keyboard to delete the app after a critical flaw was found and that the firm is halting Spectre fixes on older chips.

DHS acknowledges unauthorized foreign Stingray use in Washington D.C.

The United States government for the first time publicly acknowledged the existence of what appear to be stingray devices used by foreign intelligence in the U.S. capital region

Panera breach neglected since 2017, may have exposed data of millions

The personal data of what may have been nearly seven million customers was left exposed for eight months before being pulled offline today.

njRAT equipped with Bitcoin wallet stealer and Lime ransomware

The njRAT, also known as Bladabindi, has been upgraded to push Lime Ransomware and a bitcoin wallet stealer.

Equifax sent erroneous letters to breach victims

During the aftermath of the massive data breach which compromised the data of nearly 150 million consumers, Equifax notified some people using inaccurate letters.

Airbnb China announces it will share user data with government

Airbnb is notifying its users in China that the company will share guest's information with authorities to comply with national laws and regulations.

Malware attacks leveraging MS Word documents grew by 33% in Q4

Amidst a major rise in zero-day malware attacks in Q4 2017, researchers have observed how hackers are increasingly using Microsoft Office documents as carriers to deliver malicious payloads in enterprise systems.