Month: February 2019

0 Comments
Shares of JD.com, the Chinese e-commerce service that rivals Alibaba, are on the rise today after the online retailer announced better than expected results for Q4 2018, bucking uncertainty around tech companies in China. The company reported net revenue of RMB 134.8 billion ($219.6 billion) for the final quarter of last year. Despite representing the
0 Comments
Coinhive, a notorious in-browser cryptocurrency mining service popular among cybercriminals, has announced that it will discontinue its services on March 8, 2019. Regular readers of The Hacker News already know how Coinhive’s service helped cyber criminals earn hundreds of thousands of dollars by using computers of millions of people visiting hacked websites. For a brief
0 Comments
The advanced persistent threat (APT) group known since 2013 as BRONZE UNION, as well as Emissary Panda, APT 27 and LuckyMouse, is believed to be based in China, according to Secureworks. Published today, the State of the [BRONZE] UNION Snapshot and A Peek into BRONZE UNION’S Toolbox, are based on nearly two years of continuous,in-depth visibility
0 Comments
If you’re not the paying sort, Medium has a mile-wide new hole in its paywall that might interest you. (But really, you should be the paying sort.) On Wednesday, Medium CEO and Twitter co-founder Ev Williams announced that Medium is tearing down its paywall for readers that visit the site through Twitter. In tweets, Williams
0 Comments
by Paul Ducklin The Naked Security podcast investigates a massive medical data blunder, tells you how NOT to do vulnerability disclosure, and finds out whether password managers do more harm than good. With Anna Brading, Paul Ducklin, Mark Stockley and Matt Boddy. This week’s stories: Millions of “private” medical helpline calls exposed on internet Virus
0 Comments
Summary Secureworks® Counter Threat Unit™ (CTU) researchers have tracked the activities of the BRONZE UNION threat group (also known as Emissary Panda, APT 27, and LuckyMouse) since 2013. CTU™ analysis suggests that BRONZE UNION is located in the People’s Republic of China. The threat group has historically leveraged a variety of publicly available and self-developed
0 Comments
The BRONZE UNION threat group focuses on espionage and targets a broad range of organizations and groups using a variety of tools and methods. Wednesday, February 27, 2019 By: Counter Threat Unit Research Team This blog and the accompanying threat analysis, entitled A Peek Into BRONZE UNION’S Toolbox, are based on nearly two years of
0 Comments
Worse, attackers have already been spotted targeting the flaw to deliver cryptocurrency miners and other payloads Days after the team behind Drupal urged website admins to apply an update patching a highly critical vulnerability in the content management system (CMS) platform, threat actors were spotted exploiting the loophole in the wild. The remote code execution
0 Comments
Threat actors can use firmware attacks on bare-metal cloud servers to easily gain persistent access to the hardware, according to new research from hardware security startup Eclypsium. The research showed how vulnerabilities in baseboard management controllers (BMCs) and weaknesses in the reclamation process of bare-metal cloud servers can allow attackers to add other malicious implants
0 Comments
A graduate of The College of Saint Rose in Albany, New York, has been charged with damaging college computers, according to the Department of Justice’s (DoJ’s) US Attorney’s Office of the Northern District of New York. The 26-year-old Albany resident is reportedly a citizen of India who has been in the United States on a student visa.
0 Comments
Lightstream, a Chicago-based company which develops tools to augment livestreams, has raised $8 million in new funding as it looks to add monitoring, management, and monetization services to its suite of editing technologies. Last year, the company inked a partnership with Microsoft‘s live-streaming Twitch competitor, Mixer, to let streamers on the platform add professional flourishes
0 Comments
Tinder, the dating app company which, as of late, has been more fully embracing its status as the preferred hook-up app of choice for the younger generation, is today launching a new feature designed for its college-aged Tinder U users: Spring Break mode. The feature will allow students to swipe through potential matches before heading
0 Comments
Cybercriminals have actively started exploiting an already patched security vulnerability in the wild to install cryptocurrency miners on vulnerable Drupal websites that have not yet applied patches and are still vulnerable. Last week, developers of the popular open-source content management system Drupal patched a critical remote code execution (RCE) vulnerability (CVE-2019-6340) in Drupal Core that
0 Comments
Young women in West Virginia will join more than 6,000 high school girls for the second year of Girls Go CyberStart, an interactive series of digital challenges that teachers girls about cybersecurity.  First introduced in 2018, the program launched with 231 participants from 27 high schools across West Virginia. This year, according to West Virginia’s governor, Jim Justice,
0 Comments
Whether protected through copyright, trade secret, trademark, or patents, software technology companies depend on IP more so than perhaps any other business type in history. It is surprising, then, just how little founders think about protecting their own IP. Sure, “product-market fit” is an all-engrossing search for truth that tolerates no distraction, but that is
0 Comments
OnePlus promised us a 5G handset this year. At Mobile World Congress this week, the company kind of, sort of delivered. Unlike the sea of other 5G devices unveiled at the show, however, the company’s offering is still very much in the prototype phase — like, behind protective glass with all of the interesting bits
0 Comments
At NDSS Symposium 2019, a group of university researchers yesterday revealed newly discovered cellular network vulnerabilities that impact both 4G and 5G LTE protocols. According to a paper published by the researchers, “Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information,” the new attacks could allow remote attackers to bypass
0 Comments
Two US House committees will hold hearings next week, each focusing on data privacy as public pressure continues to mount for regulations that address protecting American consumers. On Tuesday, February 26, the House Consumer Protection and Commerce subcommittee will hold its hearing, “Protecting Consumer Privacy in the Era of Big Data.” The following day the
0 Comments
Traditionally, the Google Assistant always lived under the home button on Android phones, but as the company announced at MWC today, LG, Nokia, Xiaomi, TCL and Vivo are about to launch phones with dedicated assistant buttons, similar to what Samsung has long done with its Bixby assistant. The new phones with the button that are