Cybersecurity News, Articles and Updates

New technique can manipulate encrypted Fitbit data

Fitbit devices are prone to vulnerabilities which could enable an attacker to access personal information and even create false activity records.

Bill creating an Office of Cyber Issues in the State Department proposed

A bipartisan group of Representatives has introduced the Cyber Diplomacy Act of 2017 that if passed would establish a high-level Office of Cyber Issues at the State Department.

FA readies players for inhospitable cyber World Cup cyber environment

British World Cup team members have more to worry about than what happens on the football pitch in host country Russia as the Football Association (FA) is already expressing concerns about hackers going after the team's players and staff.

Google releases Stable Channel Update for Chrome

Google released a Stable Channel Update for Chrome desktop which included 22 security patches including six high rated bugs.

Lip reading AI bot attacks may be on the horizon

As technology improves and merges malware with artificial intelligence, timeless methods such as covering ones mouth may become more important than ever.

DJI implements bug bounty program

Drone maker DJI has launched a bug bounty program offering rewards ranging from $100 to $30,000 to those who find, disclose and remediate issues affecting the security of DJI's software.

NIAC members resign, saying president has under-prioritized cybersecurity

Eight members of the National Infrastructure Advisory Council said Trump had given "insufficient attention" to cybersecurity threats.

Android Oreo includes new Google Play Protect security feature

Google's Android Oreo includes new security features designed to protect users' devices and data from malicious apps with a host of new security features.

Mitigating medical device risks one of biggest challenges to IT pros, study

A recent study found legacy and fielded medical device risks pose the greatest cybersecurity challenge to the connect device ecosystem.

Mandiant breach hackers claim to dump FireEye data

The threat actors who two weeks ago targeted Mandiant are now claiming to have leaked FireEye documents in a second leak.

Mozilla Firefox patches 29 vulnerabilities

Mozilla Foundation released 29 CVE patches to Firefox 55 including five crucial vulnerabilities.

Study, Fuzz test averages reveal more vulnerabilities spotted sooner in IoT protocols

The study also found a common protocol used in IoT devices was using significantly more vulnerable than more mature protocols used by online shopping and banking industry.

Adobe Patch Tuesday addressees Flash bypass and code execution flaws

Adobe's Patch Tuesday this month covered 81 vulnerabilities including both a critical and important patch affecting Flash.

Google patches 10 critical remote code execution flaws in latest Android update

The update also described patches for High and Moderate level vulnerabilities which could allow similar attacks, all of which were contained in the devices' Media Framework, Broadcom, Kernal. MediaTek, and Qualcomm components.

Carbanak Bateleur Jscript backdoor targets U.S. chain restaurants

Proofpoint researchers observed a Carbanak, aka FIN7, backdoor malware targeting U.S. restaurant chains looking to steal screenshots and passwords.

After fall of AlphaBay and Hansa, other darkweb markets see uptick

Last month international authorities brought down AlphaBay and Hansa, yet researchers report business is still booming for remaining markets.

Prankster tricks Whitehouse cybersecurity advisor into thinking they're Jared Kushner

A U.K.-based email prankster managed to phish and spoof the accounts of a number of White House officials.

Microsoft announces Windows Bug Bounty Program

Microsoft announced a new bug bounty for Windows products that offers a significant bump in payouts.

A Eulogy for Flash, dead at last, dead at last

Adobe Flash may have lived long enough to see itself become the villain, as few are viewing it a hero in its passing despite its many achievements.

Teen arrested for reporting bug in Budapest transit system

An 18-year-old Budapest man was arrested after reporting a poor security glitch in the cities public transportation system.

The rise of the cyber guru - the new must-have for the rich and famous

As high net worth individuals and celebrities find their personal data under attack, so the rise of cyber-advisors to the rich and famous have begun to make an appearance.

Apple iOS patches Wi-Fi remote memory corruption bug

A researcher spotted an iOS memory corruption vulnerability which could allow an attacker to seize control of a user's device.

Wikileaks publishes Vault 7: Highrise tool for Android devices

WikiLeaks Thursday published the manual of another CIA hacking tool "Highrise" aka "TideCheck"

Research: businesses over confident about ability to fend off hackers

Combining the prioritisation of perimeter security and lack of knowledge in data security, according to Gemalto, is brewing an environment where businesses will soon lack the ability to fend off complex cyber-attacks.

As security gets tough, hackers revert to living off land, report

Symantec researchers spotted attackers increasingly making use of tools already installed on targeted computers.

Facebook, Twitter and Microsoft pushing back against gov surveillance gag orders

Facebook, Twitter and Microsoft among other tech firms are engaging in legal battles concerning imposed government surveillance gag orders.

Apple accused of playing cheap with its bug bounty

Researchers accuse Apple of playing cheap with its bug bounty payout offerings.