Check Point researchers discovered WhatsApp vulnerabilities that can enable threat actors to get around the app’s end-to-end encryption and intercept, and even manipulate, messages. How do these attacks work? At the top of every WhatsApp chat, there is a message that either says, “Messages to this chat and calls are now secured with end-to-end encryption,”
admin
Over two-fifths of organizations have fallen victim to a so-called Business Process Compromise (BPC) attack, despite widespread ignorance from senior execs about the threat, according to Trend Micro. The security giant polled over 1100 IT decision makers responsible for security across the UK, US, Germany, Spain, Italy, Sweden, Finland, France, Netherlands, Poland, Belgium and the
by Paul Ducklin On the Naked Security podcast this week: Marriott’s huge and scary data breach, a bug in software management software could be a data thief’s goldmine, and a self-righteous “hacker” prints out an advert on 50,000 internet printers. With Anna Brading, Mark Stockley, Matthew Boddy and Paul Ducklin. LISTEN NOW (Audio player above
It’s a busy week for Epic Games . Fresh from pushing out a major season 7 update for Fortnite, so the gaming giant has taken the wraps off its own games store. First announced earlier this week, the Epic Games Store is targeted squarely at Steam — the giant in the digital game commerce space
Rockstar Games’ Red Dead Redemption 2 has struck a popular chord with many online gamers. Unfortunately, the Western-themed action-adventure game has also become a popular vessel for malicious activity among cybercriminals as well. Scammers are tricking gamers into giving up their personal information with phony “free” downloads of the online game, while simultaneously making a
ESET research shows that DanaBot operators have been expanding the malware’s scope and possibly cooperating with another criminal group DanaBot appears to have outgrown the banking Trojan category. According to our research, its operators have recently been experimenting with cunning email-address-harvesting and spam-sending features, capable of misusing webmail accounts of existing victims for further malware
Looking for an automated malware analysis software? Something like a 1-click solution that doesn’t require any installation or configuration…a platform that can scale up your research time… technology that can provide data-driven explanations… well, your search is over! Israeli cybersecurity and malware researchers today at Black Hat conference launch a revolutionary machine learning and artificial
It’s been a rocky year for MoviePass, something that CEO Mitch Lowe acknowledged in an interview this week with Variety. “We have a lot to prove to all our constituents,” Lowe said. “We don’t just have to prove ourselves to our members, we also have to prove ourselves to the investment community, our employees, and
Stratecast/Frost & Sullivan Information security, network security, cybersecurity: The industry is flooded with terms to describe how enterprises secure their network data. While the experience of wading through a mishmash of terminology to describe a specific operation or function is not limited to the networking industry, the use of various terms complicates the process of
Speaking at Black Hat Europe in London, Nahman Khayet, security researcher and Shlomi Boutnaru, CTO at Rezilion, explored the current cybersecurity skills shortage and its link to the education system. Khayet explained that there are three main characteristics of security experts, which are ‘thinking outside the box,’ ‘adversarial thinking’ and ‘technical knowledge.’ He also cited
by Danny Bradbury Kubernetes, a tool that powers much modern native cloud infrastructure, just got its first big security bug – and it’s a mammoth one. The flaw could give an attacker unfettered access to the software applications that rely on the tool to operate. Kubernetes is a software tool that manages large numbers of
M17, the Taiwanese streaming company that controversially priced on the NYSE but didn’t list, has returned to the private markets after it raised a $25 million funding round. The round was led by Terry Tsang — CEO of Hong Kong-based games company Madhead — with participation from Pavilion Capital, Stonebridge Ventures and existing investors. This new investment follows a $35
For the past 18 months, McAfee Labs has been investigating a pay-per-install developer, WakeNet AB, responsible for spreading prevalent adware such as Adware-Wajam and Linkury. This developer has been active for almost 20 years and recently has used increasingly deceptive techniques to convince users to execute its installers. Our report is now available online. During
ESET researchers discovered a set of previously undocumented Linux malware families based on OpenSSH. In the white paper, “The Dark Side of the ForSSHe”, they release analysis of 21 malware families to improve the prevention, detection and remediation of such threats SSH, short for Secure SHell, is a network protocol to connect computers and devices
Developers around the world depend on open source components to build their software products. According to industry estimates, open source components account for 60-80% of the code base in modern applications. Collaboration on open source projects throughout the community produces stronger code, squashing the bugs and catching the vulnerabilities that impact the security of organizations
Video won’t start rolling on Meg Whitman and Jeffrey Katzenberg’s new bite-sized streaming service with the billion dollar backing until the end of 2019, but talent keeps signing up to come along for their ride into the future of serialization. The latest marquee director to sign on the dotted line with Quibi is Catherine Hardwicke,
Delivering the opening keynote at the Black Hat Europe conference in London, Marina Kaljurand, chair of the Global Commission on the Stability of Cyberspace, spoke of the 2007 attacks by Russia on her home nation of Estonia, and how it was “primitive by today’s standards” but enabled the country to build better defenses and its
by John E Dunn Are the underpinnings of HTTPS security as foolproof as everyone assumes they are? The answer should be a resounding ‘yes’ unless, that is, you happen to be one of a small group of researchers who spend their time formulating what have come to be known as Bleichenbacher or Vaudenay padding oracle
India finally has its answer to Spotify after Reliance Jio merged its music service with Saavn, the startup it acquired earlier this year. The deal itself isn’t new — it was announced back in March — but it has reached its logical conclusion after two apps were merged to create a single entity, JioSaavn, which is
We all share photos online: photos of our kids, photos of our trips, and photos of our meals. We think we are sharing memorable experiences with our friends and family, but are we sharing more with the public than we intend? What if hidden metadata could reveal dangerous details? In episode 20 of “Hackable?”, a
A welcome return to the hacker conferences of yesteryear There used to just be hacker conferences, but now the societal impact of increasingly connected systems seems much higher, so specialty conferences are popping up. Seeking to bring policy-makers and influencers together, where could be a more appropriate location for CyberwarCon than Washington D.C.? Notably, it’s
A new piece of ransomware is spreading rapidly across China that has already infected more than 100,000 computers in the last four days as a result of a supply-chain attack, and the number is continuously increasing every hour. What’s Interesting? Unlike almost every ransomware malware, the new virus doesn’t demand ransom payments in Bitcoin. Instead,
Samsung’s Malaysian arm has some explaining to do. The company, in an effort to show off the Galaxy A8 Star’s amazing photo retouching abilities, used a cleverly-shot portrait, modified it, and then ostensibly passed it off as one taken by the A8. The trouble began when Serbian photographer Dunja Djudjic noticed someone had bought one
Application security testing can present many questions, and one of the most common is which systems should be tested for vulnerabilities. Should testing be performed on systems in the development environment, the staging environment, the production system or some combination of those? Because clients are often pressured into testing applications used in production, there can
Security researchers have discovered cybersecurity scammers in Russia are generating hundreds of thousands of dollars in profits by falsely claiming to be able to unlock encrypted files. Check Point explained that one ‘IT consultancy’ named Dr Shifro is promising customers it can help them recover from ransomware like Dharma/Crisis, for which there is no known
by Lisa Vaas A battle for who owns the YouTube crown for top channel has been waged over the past few months between fans of Swedish video game commentary celebrity Felix “PewDiePie” Kjellberg and of the Bollywood label T-Series. This is getting serious: It’s one thing when a fan launches a PewDiePie “Bro Army,” structured
Mixcloud, the audio streaming platform that is popular for long-form content, such as radio shows and DJ sets, has launched a “fan-to-creator” subscription service in a bid to find new ways of monetizing and ensuring both artists and curators get paid. Dubbed “Mixcloud Select,” the new feature lets listeners subscribe to a Select creator’s channel
Pay-per-install, or PPI for short, is a type of software program that presents users with third-party offers while they are in the middle of another download. If a user clicks on the third-party advertisement, the software developer earns money from the download. One specific PPI program has caught the attention of our McAfee ATR team,
Fitness-tracking apps use dodgy in-app payments to steal money from unaware iPhone and iPad users Multiple apps posing as fitness-tracking tools were caught misusing Apple’s Touch ID feature to steal money from iOS users. The dodgy payment mechanism used by the apps is activated while victims are scanning their fingerprint seemingly for fitness-tracking purposes. There
It seems as though not a day goes by without news spreading over another major cyber attack. Hackers are becoming increasingly efficient at targeting everything from small startups to Fortune 500 companies and even entire government agencies, and as the world moves further away from traditional types of warfare and more toward engaging in all-out
- « Previous Page
- 1
- …
- 37
- 38
- 39
- 40
- 41
- …
- 77
- Next Page »