Threats & Malware, Vulnerabilities
August 16, 2019
Via: Help Net SecurityA newly disclosed vulnerability (CVE-2019-9506) in the Bluetooth Core Specification can be exploited by attackers to intercept and manipulate Bluetooth communications/traffic between two vulnerable devices. Researchers Daniele Antonioli, Nils Ole Tippenhauer and Kasper Rasmussen discovered the flaw and demonstrated a […]
August 14, 2019
Via: Help Net SecurityThe number of DDoS attacks might be getting higher, but they are not all massive nor do they always trigger DDoS defenses. In fact, small-scale DDoS attacks are becoming more frequent and sophisticated, according to new research from Neustar’s SOC. […]
July 16, 2019
Via: Security WeekRussia-linked threat group Turla has released new variants of the KopiLuwak Trojan in attacks detected since the beginning of this year, Kaspersky’s security researchers reveal. Also known as Venomous Bear, Waterbug, and Uroboros, the threat actor was discovered in 2014, […]
July 10, 2019
Via: Hot for SecurityUS coastal and maritime defense is at risk, warns the Coast Guard. An alert released on Monday cautions that hackers have actively been targeting the networks of commercial vessels with phishing attacks. This is not a one-time hit. In 2018, […]
Threats & Malware, Vulnerabilities
June 14, 2019
Via: Help Net SecurityIt didn’t take long for attackers to start exploiting the recently revealed Exim vulnerability (CVE-2019-10149). Amit Serper, Cybereason’s head of security research, warned on Thursday about attackers exploiting the flaw to gain permanent root access via SSH to target Linux […]
Access control, Hacker, Network security, Security, Threats & Malware
June 13, 2019
Via: Security AffairsTelegram was used by protesters in Hong Kong to evade surveillance and coordinate their demonstrations against China that would allow extraditions from the country to the mainland. The country is facing the worst political crisis ùsince its 1997 handover from […]
June 12, 2019
Via: Threat PostA sophisticated cyberattack is targeting Gmail users through fraudulent, unsolicited Google Calendar notifications. The campaign takes advantage of a common default feature for people using Gmail on their smartphone: Calendar invites automatically pop up on phones, prompting users to accept […]
June 10, 2019
Via: Help Net SecurityA sophisticated attack, called Malboard, in which a compromised USB keyboard automatically generates and sends malicious keystrokes that mimic the attacked user’s behavioral characteristics, was developed by Ben-Gurion University of the Negev (BGU) cybersecurity researchers. Using artificial intelligence Keystrokes generated […]
May 3, 2019
Via: Dark ReadingThe state of cloud security is improving — or, at the very least, it isn’t backsliding. But as cloud technology grows more prevalent and more complicated, security teams are going to need to keep innovating with improved controls and integrations. […]
April 23, 2019
Via: Help Net Security2018 had the most weaponized vulnerabilities ever (177), which represents a 139% increase compared to 2017, according to the RiskSense latest report. In addition, the rate of exploits discovered in the wild before a patch was available was nearly three […]
April 18, 2019
Via: Security WeekA team of researchers has demonstrated an interesting type of denial-of-service (DoS) attack on programmable logic controllers (PLCs), where network flooding can lead to the disruption of the physical process controlled by the device. A paper titled “You Snooze, You […]
April 15, 2019
Via: Threat PostWhen you think of a distributed denial-of-service (DDoS) attack at this point in the age of the internet, you might be thinking they’re old news. But when a multi-million-dollar business can be easily taken offline by an unskilled adversary and […]
March 19, 2019
Via: Security AffairsEuropol announced the adoption of a new protocol for law enforcement bodies in the EU and abroad to respond to major cyber cross-border cyberattacks. The protocol dubbed EU Law Enforcement Emergency Response Protocol aims at handling major attacks such as […]
Threats & Malware, Virus & Malware
March 5, 2019
Via: CSO OnlineThe decade-old Qbot financial malware has resurfaced with an improved version in a new attack against businesses that has infected thousands of systems so far. Researchers from data security solutions provider Varonis have uncovered the attack after a customer alerted […]
February 27, 2019
Via: Security IntelligenceThe greatest threats to the enterprise are often those that use social engineering to extract information or data from employees. For threat actors, this tactic rarely requires any technical know-how, so the barrier to entry is low. To make matters […]
Malware, Threats & Malware, Virus & Malware
February 19, 2019
Via: Help Net SecurityA group of researchers with CSIRO’s Data61, the digital innovation arm of Australia’s national science agency, have been working on a system for run-time detection of trojan attacks on deep neural network models. Although it has yet to be tested […]
January 22, 2019
Via: Help Net SecurityThe Nexusguard Q3 2018 Threat Report has revealed the emergence of an extremely stealthy DDoS attack pattern targeting communications service providers (CSPs). This new vector exploits the large attack surface of ASN-level (autonomous system number) CSPs by spreading tiny attack […]
January 21, 2019
Via: Help Net SecurityOne malicious tactic that has become quite prevalent in recent years is known as a ‘man in the cloud’ (MitC) attack. This attack aims to access victims’ accounts without the need to obtain compromised user credentials beforehand. Below, this article […]
January 9, 2019
Via: Threat PostBad actors are imitating high-level executives in the shipping industry to launch BEC attacks that could lead to credential theft or worse – system compromise. Scammers are honing in on the shipping industry, using “whaling,” a.k.a. business email compromise (BEC) […]
January 3, 2019
Via: CSO OnlineRyuk ransomware is believed to be the culprit behind printing and delivery issues for “all Tribune Publishing newspapers” — as well as newspapers that used to be part of Tribune Publishing. The malware was discovered and later quarantined on Friday, […]