Tag: attack

August 16, 2019

A newly disclosed vulnerability (CVE-2019-9506) in the Bluetooth Core Specification can be exploited by attackers to intercept and manipulate Bluetooth communications/traffic between two vulnerable devices. Researchers Daniele Antonioli, Nils Ole Tippenhauer and Kasper Rasmussen discovered the flaw and demonstrated a […]

August 14, 2019

The number of DDoS attacks might be getting higher, but they are not all massive nor do they always trigger DDoS defenses. In fact, small-scale DDoS attacks are becoming more frequent and sophisticated, according to new research from Neustar’s SOC. […]

July 16, 2019

Russia-linked threat group Turla has released new variants of the KopiLuwak Trojan in attacks detected since the beginning of this year, Kaspersky’s security researchers reveal. Also known as Venomous Bear, Waterbug, and Uroboros, the threat actor was discovered in 2014, […]

July 10, 2019

US coastal and maritime defense is at risk, warns the Coast Guard. An alert released on Monday cautions that hackers have actively been targeting the networks of commercial vessels with phishing attacks. This is not a one-time hit. In 2018, […]

June 14, 2019

It didn’t take long for attackers to start exploiting the recently revealed Exim vulnerability (CVE-2019-10149). Amit Serper, Cybereason’s head of security research, warned on Thursday about attackers exploiting the flaw to gain permanent root access via SSH to target Linux […]

June 13, 2019

Telegram was used by protesters in Hong Kong to evade surveillance and coordinate their demonstrations against China that would allow extraditions from the country to the mainland. The country is facing the worst political crisis ùsince its 1997 handover from […]

June 12, 2019

A sophisticated cyberattack is targeting Gmail users through fraudulent, unsolicited Google Calendar notifications. The campaign takes advantage of a common default feature for people using Gmail on their smartphone: Calendar invites automatically pop up on phones, prompting users to accept […]

June 10, 2019

A sophisticated attack, called Malboard, in which a compromised USB keyboard automatically generates and sends malicious keystrokes that mimic the attacked user’s behavioral characteristics, was developed by Ben-Gurion University of the Negev (BGU) cybersecurity researchers. Using artificial intelligence Keystrokes generated […]

May 3, 2019

The state of cloud security is improving — or, at the very least, it isn’t backsliding. But as cloud technology grows more prevalent and more complicated, security teams are going to need to keep innovating with improved controls and integrations. […]

April 23, 2019

2018 had the most weaponized vulnerabilities ever (177), which represents a 139% increase compared to 2017, according to the RiskSense latest report. In addition, the rate of exploits discovered in the wild before a patch was available was nearly three […]

April 18, 2019

A team of researchers has demonstrated an interesting type of denial-of-service (DoS) attack on programmable logic controllers (PLCs), where network flooding can lead to the disruption of the physical process controlled by the device. A paper titled “You Snooze, You […]

April 15, 2019

When you think of a distributed denial-of-service (DDoS) attack at this point in the age of the internet, you might be thinking they’re old news. But when a multi-million-dollar business can be easily taken offline by an unskilled adversary and […]

March 19, 2019

Europol announced the adoption of a new protocol for law enforcement bodies in the EU and abroad to respond to major cyber cross-border cyberattacks. The protocol dubbed EU Law Enforcement Emergency Response Protocol aims at handling major attacks such as […]

March 5, 2019

The decade-old Qbot financial malware has resurfaced with an improved version in a new attack against businesses that has infected thousands of systems so far. Researchers from data security solutions provider Varonis have uncovered the attack after a customer alerted […]

February 27, 2019

The greatest threats to the enterprise are often those that use social engineering to extract information or data from employees. For threat actors, this tactic rarely requires any technical know-how, so the barrier to entry is low. To make matters […]

February 19, 2019

A group of researchers with CSIRO’s Data61, the digital innovation arm of Australia’s national science agency, have been working on a system for run-time detection of trojan attacks on deep neural network models. Although it has yet to be tested […]

January 22, 2019

The Nexusguard Q3 2018 Threat Report has revealed the emergence of an extremely stealthy DDoS attack pattern targeting communications service providers (CSPs). This new vector exploits the large attack surface of ASN-level (autonomous system number) CSPs by spreading tiny attack […]

January 21, 2019

One malicious tactic that has become quite prevalent in recent years is known as a ‘man in the cloud’ (MitC) attack. This attack aims to access victims’ accounts without the need to obtain compromised user credentials beforehand. Below, this article […]

January 9, 2019

Bad actors are imitating high-level executives in the shipping industry to launch BEC attacks that could lead to credential theft or worse – system compromise. Scammers are honing in on the shipping industry, using “whaling,” a.k.a. business email compromise (BEC) […]

January 3, 2019

Ryuk ransomware is believed to be the culprit behind printing and delivery issues for “all Tribune Publishing newspapers” — as well as newspapers that used to be part of Tribune Publishing. The malware was discovered and later quarantined on Friday, […]