Events News, Articles and Updates

Apple discloses new protections against snoopy apps and websites at WWDC event

Apple's newest enhancements to its Safari browser will inhibit websites and apps -- including Facebook -- from using cookies and fingerprinting techniques to track users across the internet.

Mobile users ignore shady app permissions at their own risk, warns NY State Cyber Command

Mobile users who download untrustworthy apps on their phone often agree to dangerous permissions requests that give attackers essentially unfettered access to their devices' data and functions -- as demonstrated yesterday by two New York State Cyber Command employees at SC Media's RiskSec NY 2018 conference.

New Desert Scorpion spyware found in malicious chat app aimed at Palestinians

A malicious chat app that was advertised on Facebook and sold in the Google Play store was discovered to execute a previously undiscovered spyware program linked to APT-C-23, an advanced persistent threat group allegedly with ties to Hamas.

U.K. intel director discloses offensive cyber campaign against ISIS, lambastes Russia

In his first public speech, the U.K.'s GCHQ Director Jeremy Fleming acknowledged that the agency recently coordinated a major cyber offensive operation against ISIS, significantly crippling the terrorist group's ability to recruit and coordinate attacks online.

Pwn2Own competition flushes out five Apple bugs, four Microsoft flaws

Independent researchers collected $267,000 in bug purchases this week at the annual Pwn2Own contest at CanSecWest in Vancouver, after demonstrating vulnerability exploits in Apple (5 bugs), Microsoft (4), Oracle (2), and Mozilla software (1).

Former CISO: Knowledge of cyber should be requirement to join board of directors

A CISO carries many weighty responsibilities, but teaching cybersecurity to a company's board of directors in order to should not be one of them, according to Edward Amoroso, founder and CEO of cybersecurity advisory firm TAG Cyber LLC.

We're not suggesting you should hack cyberattackers back. But if we were...

The C&C infrastructures that cybercriminals rely on to compromise their victims can be just as vulnerable to exploits as the machines they infected in the first place, making them susceptible to possible retribution attacks.

Researcher: In two decades, adversaries at war could cause mass destruction via IoT attacks

Two decades from now, warring adversaries could conceivably attack each other by sabotaging a population's IoT consumer devices en masse, respected cybersecurity expert Mikko Hypponen predicted at Black Hat on Thursday.

Researchers deliberately get phished, learn that account exploitation often takes more than 24 hours

Researchers at Imperva recently set up fake online accounts and intentionally allowed themselves to be phished by scammers in order to observe how behavior cybercriminals act after they come into possession of a victim's credentials.

Shared Services Canada shielded government from WannaCry's wrath

Canadian federal agencies withstood the May WannaCry ransomware campaign, thanks in no small part to Shared Services Canada, the Canadian government's IT services provider, according to John Glowacki Jr., COO of SSC.

Senior U.S. cybersecurity specialists made average of roughly $118K in Q1, researcher notes

The average salary of U.S. senior cybersecurity specialists in Q1 of 2017 was $118,887, according to research from David Foote, cyber analyst at Foote Partners LLP, in a presentation Monday at RiskSec Toronto 2017.