admin

0 Comments
Check Point researchers discovered WhatsApp vulnerabilities that can enable threat actors to get around the app’s end-to-end encryption and intercept, and even manipulate, messages. How do these attacks work? At the top of every WhatsApp chat, there is a message that either says, “Messages to this chat and calls are now secured with end-to-end encryption,”
0 Comments
Over two-fifths of organizations have fallen victim to a so-called Business Process Compromise (BPC) attack, despite widespread ignorance from senior execs about the threat, according to Trend Micro. The security giant polled over 1100 IT decision makers responsible for security across the UK, US, Germany, Spain, Italy, Sweden, Finland, France, Netherlands, Poland, Belgium and the
0 Comments
by Paul Ducklin On the Naked Security podcast this week: Marriott’s huge and scary data breach, a bug in software management software could be a data thief’s goldmine, and a self-righteous “hacker” prints out an advert on 50,000 internet printers. With Anna Brading, Mark Stockley, Matthew Boddy and Paul Ducklin. LISTEN NOW (Audio player above
0 Comments
It’s a busy week for Epic Games . Fresh from pushing out a major season 7 update for Fortnite, so the gaming giant has taken the wraps off its own games store. First announced earlier this week, the Epic Games Store is targeted squarely at Steam — the giant in the digital game commerce space
0 Comments
Rockstar Games’ Red Dead Redemption 2 has struck a popular chord with many online gamers. Unfortunately, the Western-themed action-adventure game has also become a popular vessel for malicious activity among cybercriminals as well. Scammers are tricking gamers into giving up their personal information with phony “free” downloads of the online game, while simultaneously making a
0 Comments
ESET research shows that DanaBot operators have been expanding the malware’s scope and possibly cooperating with another criminal group DanaBot appears to have outgrown the banking Trojan category. According to our research, its operators have recently been experimenting with cunning email-address-harvesting and spam-sending features, capable of misusing webmail accounts of existing victims for further malware
0 Comments
Looking for an automated malware analysis software? Something like a 1-click solution that doesn’t require any installation or configuration…a platform that can scale up your research time… technology that can provide data-driven explanations… well, your search is over! Israeli cybersecurity and malware researchers today at Black Hat conference launch a revolutionary machine learning and artificial
0 Comments
It’s been a rocky year for MoviePass, something that CEO Mitch Lowe acknowledged in an interview this week with Variety. “We have a lot to prove to all our constituents,” Lowe said. “We don’t just have to prove ourselves to our members, we also have to prove ourselves to the investment community, our employees, and
0 Comments
Stratecast/Frost & Sullivan Information security, network security, cybersecurity: The industry is flooded with terms to describe how enterprises secure their network data. While the experience of wading through a mishmash of terminology to describe a specific operation or function is not limited to the networking industry, the use of various terms complicates the process of
0 Comments
Speaking at Black Hat Europe in London, Nahman Khayet, security researcher and Shlomi Boutnaru, CTO at Rezilion, explored the current cybersecurity skills shortage and its link to the education system. Khayet explained that there are three main characteristics of security experts, which are ‘thinking outside the box,’ ‘adversarial thinking’ and ‘technical knowledge.’ He also cited
0 Comments
M17, the Taiwanese streaming company that controversially priced on the NYSE but didn’t list, has returned to the private markets after it raised a $25 million funding round. The round was led by Terry Tsang — CEO of Hong Kong-based games company Madhead — with participation from Pavilion Capital, Stonebridge Ventures and existing investors. This new investment follows a $35
0 Comments
For the past 18 months, McAfee Labs has been investigating a pay-per-install developer, WakeNet AB, responsible for spreading prevalent adware such as Adware-Wajam and Linkury. This developer has been active for almost 20 years and recently has used increasingly deceptive techniques to convince users to execute its installers. Our report is now available online. During
0 Comments
ESET researchers discovered a set of previously undocumented Linux malware families based on OpenSSH. In the white paper, “The Dark Side of the ForSSHe”, they release analysis of 21 malware families to improve the prevention, detection and remediation of such threats SSH, short for Secure SHell, is a network protocol to connect computers and devices
0 Comments
Developers around the world depend on open source components to build their software products. According to industry estimates, open source components account for 60-80% of the code base in modern applications. Collaboration on open source projects throughout the community produces stronger code, squashing the bugs and catching the vulnerabilities that impact the security of organizations
0 Comments
A welcome return to the hacker conferences of yesteryear There used to just be hacker conferences, but now the societal impact of increasingly connected systems seems much higher, so specialty conferences are popping up. Seeking to bring policy-makers and influencers together, where could be a more appropriate location for CyberwarCon than Washington D.C.? Notably, it’s
0 Comments
Samsung’s Malaysian arm has some explaining to do. The company, in an effort to show off the Galaxy A8 Star’s amazing photo retouching abilities, used a cleverly-shot portrait, modified it, and then ostensibly passed it off as one taken by the A8. The trouble began when Serbian photographer Dunja Djudjic noticed someone had bought one
0 Comments
Application security testing can present many questions, and one of the most common is which systems should be tested for vulnerabilities. Should testing be performed on systems in the development environment, the staging environment, the production system or some combination of those? Because clients are often pressured into testing applications used in production, there can
0 Comments
Security researchers have discovered cybersecurity scammers in Russia are generating hundreds of thousands of dollars in profits by falsely claiming to be able to unlock encrypted files. Check Point explained that one ‘IT consultancy’ named Dr Shifro is promising customers it can help them recover from ransomware like Dharma/Crisis, for which there is no known
0 Comments
​Mixcloud​, the audio streaming platform that is popular for long-form content, such as radio shows and DJ sets, has launched a “fan-to-creator” subscription service in a bid to find new ways of monetizing and ensuring both artists and curators get paid. Dubbed “​Mixcloud Select,” the new feature lets listeners subscribe to a Select creator’s channel
0 Comments
Fitness-tracking apps use dodgy in-app payments to steal money from unaware iPhone and iPad users Multiple apps posing as fitness-tracking tools were caught misusing Apple’s Touch ID feature to steal money from iOS users. The dodgy payment mechanism used by the apps is activated while victims are scanning their fingerprint seemingly for fitness-tracking purposes. There
0 Comments
It seems as though not a day goes by without news spreading over another major cyber attack. Hackers are becoming increasingly efficient at targeting everything from small startups to Fortune 500 companies and even entire government agencies, and as the world moves further away from traditional types of warfare and more toward engaging in all-out