Network Security | SC Media

Network Security

Fearing backlash, IoT hacker ‘TheHackerGiraffe’ no longer sticking neck out for PewDiePie

By

The hacker who’s taken credit for compromising connected devices such as printers and smart televisions in support of YouTube star PewDiePie has gone dark, apparently due to fears of prosecution as well as death threats. According to multiple reports, the individual known as TheHackerGiraffe deleted his (or her/their) accounts on Twitter, Cloudflare, Patreon and other…

Candid Candiru: Report dredges up details on secretive spyware company

By

A report from Israeli news outlet Haaretz has ever so slightly lifted the veil on what may be Israel’s second largest commercial provider of offensive cyber tools and spyware, a clandestine company called Candiru. The candiru is South American parasitic catfish that, according to legend, invades swimmers’ urethras. Much like the fish after which it…

Adobe tackles two critical bugs in Acrobat and Reader update

By

Adobe Systems today released an unscheduled security update for Acrobat and Reader for both the Windows and MacOS operating systems, fixing two critical vulnerabilities in the process. The San Jose, Calif.-based software company identified the issues as a use-after-free bug that can result in arbitrary code execution (CVE-2018-16011) and a security bypass flaw that can lead…

Cisco patches privilege escalation flaw in Adaptive Securty Appliance software

By

Cisco Systems this week issued an update for its Adaptive Security Appliance (ASA) software, fixing a high-severity vulnerability that could allow authenticated attackers with low-level access to remotely escalate their privileges on Cisco devices with web management access enabled. Designated CVE-2018-15465, the flaw is the result of an improper validation process while using the web management interface.…

IE, Firefox, Chrome and Safari's protection against phishing was tested.

Microsoft issues out-of-band patch for exploited memory corruption bug in Internet Explorer

By

Microsoft Corporation yesterday released an emergency patch for a remote code execution vulnerability in Internet Explorer that attackers have been actively exploiting in the wild. Designated CVE-2018-8653, the zero-day memory corruption bug results from the mishandling of objects in memory by the JScript component of Internet Explorer’s scripting engine, according to an official advisory from Microsoft, as…

2019 Cybersecurity Predictions: Artificial Intelligence

By

WatchGuard Threat Lab research team AI-driven chatbots go rogue In 2019, cyber criminals and black hat hackers will create malicious chatbots on legitimate sites to socially engineer unknowing victims into clicking malicious links, downloading files containing malware, or sharing private information. Candace Worley, Chief Technical Strategist, McAfee There are myriad decisions that must be made…

DoD Inspector General finds multiple flaws in missile defense system cybersecurity

By

The potential scenario of this cybersecurity flaw being exploited is not as severe, as say, the plot from the movie Wargames, but several major holes have been found in defense facilities housing technical information on the nation’s ballistic missile defense systems (BMDS) that could prove disastrous to America’s ability to defend itself against an ICBM attack.…

v2printer.jpg

Hacker forces thousands of printers to churn out PewDiePie support message

By

For the second time in less than three weeks, a hacker has forced thousands of internet-connected printers to spit out messages in support of Swedish video game commentator and YouTube star PewDiePie. The prankster said he (or she) is doing it to raise cybersecurity awareness, according to a BBC report, and claims he could even…

Google updates Chrome for desktop, Android

By

Google yesterday issued a stable channel update for the desktop version of its Chrome browser for Windows, Mac and Linux, addressing a high-level vulnerability in the process. The bug, CVE-2018-17481, is a use after free flaw in PDFium that was originally repaired in an earlier Chrome release. However, yesterday’s update to version 71.0.3578.98 introduces additional…

Australian flag

Australia passes law forcing tech giants to circumvent encryption on target devices

By

Australia’s parliament on Thursday passed groundbreaking legislation that instructs tech developers to help law enforcement investigations by intercepting the encrypted communications of suspects’ devices. Known as the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018, the law contains language requiring companies in some cases to build new capabilities to decrypt protected communications if…

Next post in Home