Cybersecurity News, Articles and Updates

Dridex campaign carries scent of Necurs with a hint of FTP

Forcepoint researchers spotted a malware laden spam campaign, similar to Necurs, using compromised FTP sites instead of the usual HTTP link.

Kaspersky filed an injunction challenging DHS ban

Kaspersky filed an injunction Wednesday challenging the U.S. government's ban of the software company's products.

Business​ ​Risk​ ​Intelligence​ ​-​ 2017​​ ​Review​,​ ​2018​ ​Flashpoints

China leads the hacking charts with the highest combination of impact factors ticked off on a matrix combining the potential capability and impact of possible attacker groups, thus presenting the highest risk.

Hackers crack BlackWallet DNS server, steal $400,000

Attackers have made off with up to $400,000 (£290,000) in cryptocurrency after an ingenious attack on Stellar Lumen (XLM) wallet, BlackWallet.

Blender 3D open source platform plagued with arbitrary code vulnerabilities

Cisco Talos researchers identified multiple unpatched vulnerabilities in the Blender Open Source 3D creation suite that could allow an attacker to run arbitrary code.

Researchers find 147 vulnerabilities in 34 SCADA mobile applications

Researchers released a whitepaper outlining 147 vulnerabilities in 34 mobile applications used in tandem with Supervisory Control and Data Acquisition (SCADA) systems.

India's 1.2 billion citizen national database reportedly breached

India's national ID database containing the information of nearly 1.2 billion people was breached with cybercriminals selling access to the information for $8.

Ukrainian software company compromised to spread Zeus banking trojan

Cybercriminals launched a cyberattack using the official website of a Ukraine-based accounting software developer to distribute a new variant of Zeus over a. Ukrainian holiday.

36 malicious apps advertised as security tools spotted in Google Play

Trend Micro researchers notified Google of a total of 36 malicious apps on Google Play posing as security tools.

Smartphone sensors exploited to steal login PINs

Nanyang Technological University researchers developed a technique to leverage a phones sensors to guess a user's PIN code.

John McAfee's Twitter and phone hacked to promote cryptocurrencies

John McAfee is warning users that anyone can be hacked after someone allegedly broke into his Twitter account to promote cryptocurrency investments.

New Jersey State Police spent $850,000 on Harris Corp. stingray devices

Information obtained via right-to-know request revealed The New Jersey State Police spent at least $850,000 on stingray devices from Harris Corp.

It was Déjà vu all over again when it came to bad passwords in 2017

The worst password of the 2016 remains the number one worst password of 2017 as "123456" tops the list of the most commonly chosen passwords spotted in data leaks.

Migos' Offset iCloud hacked, nude images of fiancé Cardi B leaked

Rapper Cardi B is threatening legal action after hackers broke into her fiancé Offset's iCloud account to steal nude images of the female rapper.

Twitter allows third party apps to be used in 2FA

Twitter recently announced the ability to use third party apps for its two-factor authentication instead of only the option of using SMS messages.

Firefox Mr. Robot ad looks like malware to users

Mozilla scared and or upset several of its users with the unannounced addition of a new plug-into promote the hacker show Mr. Robot.

Prilex and Cutlet Maker ATM malwares uniquely target users

Trend Micro researchers spotted two ATM malware families which raise concern of what's to come.

Top Google Play App Dune! leaks data and geolocates users

A Top Google Play App was found to be leaking sensitive data and to contain several OWASP flaws

Apple releases security updates in devices shortly after releasing another KRACK fix

Apple released security updates for its cellphones, set top box and Window's iCloud platform shortly after rolling out another patch for the KRACK exploits.

#OpIsrael attacks feared in response to U.S. moving embassy to Jerusalem

Anonymous collective recently declared that they would be launching attacks against any and all websites deemed to be affiliated.

Researchers Untangle Patchwork cyberespionage attacks

Trend Micro researchers trailed the activities of the Patchwork cybergang over the course of its campaigns in 2017.

Two keyless entry door locks vulnerable to unauthenticated requests

A vulnerability found in two keyless entry door locks enables local attackers to lock and unlock doors.

Janus Android exploit allows attacker to issue their own 'updates' to legitimate apps

A recently patched Android bug dubbed "Janus" allows an attacker to distribute their own updates for the legitimate apps

Top selling handgun safe vulnerable to remote cracks

A top selling electronic gun safe was found to be vulnerable to brute force attacks that could allow someone nearby to remotely open the unit.

Apple releases security updates for multiple products

Apple released security updates to patch vulnerabilities in its iOS, mac OS, tvOS and watchOS platforms.

Naked rower's site hit by DDoS following Russia ban

The website used to peddle merchandise for the University of Warwick's rowing club was hit by a DDoS attack.

Mozilla patches critical flaws in Firefox 57.0.1 update

Mozilla released a security update to address critical vulnerabilities in Firefox 57 which could allow a remote attacker to take control of an affected system.

Morrisons Supermarket held liable after employee leaks data

U.K. Supermarket chain Morrison's was found liable, in a first of its kind data leak class action suit, for the actions of a former employee who stole and leaked company data.