News

0 Comments
Mitre has entered the security product testing and evaluation fray, and the organization is using its Mitre ATT&CK framework to judge vendors. Seven vendors of endpoint detection and response (EDR) products submitted their endpoint security products to Mitre for evaluation testing. The objective of the evaluation was to demonstrate how the endpoint detection and response
0 Comments
The world’s biggest hotel chain Marriott International today disclosed that unknown hackers compromised guest reservation database its subsidiary Starwood hotels and walked away with personal details of about 500 million guests. Starwood Hotels and Resorts Worldwide was acquired by Marriott International for $13 billion in 2016. The brand includes St. Regis, Sheraton Hotels & Resorts,
0 Comments
Multinational computer technology company Dell disclosed Wednesday that its online electronics marketplace experienced a “cybersecurity incident” earlier this month when an unknown group of hackers infiltrated its internal network. On November 9, Dell detected and disrupted unauthorized activity on its network attempting to steal customer information, including their names, email addresses and hashed passwords. According
0 Comments
The Department of Justice announced Wednesday charges against two Iranian nationals for their involvement in creating and deploying the notorious SamSam ransomware. The alleged hackers, Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah, 27, have been charged on several counts of computer hacking and fraud charges, the indictment unsealed today at New Jersey court revealed.
0 Comments
In the recent “Cybercrime tactics and techniques: Q3 2018” report by Malwarebytes, banking Trojans were found to be the number one most detected malware for both businesses and consumers. Why have banking Trojans surged this year and how have they evolved over the past quarter? We asked Adam Kujawa, director of malware intelligence at Malwarebytes,
0 Comments
Positive Technologies researchers found two serious vulnerabilities that affect ATMs made by NCR. Researchers were able to launch black box attacks that forced the machines to dispense cash without authorization. What are these ATM vulnerabilities, and how does a black box attack work? Researchers from Positive Technologies — Vladimir Kononovich and Alexey Stennikov — found
0 Comments
Researchers at Qihoo 360 Netlab discovered hackers using vulnerable MikroTik routers to hijack TaZmen Sniffer Protocol traffic and send it to domains under their control. What is TZSP traffic and how are attackers gaining control of routers with this MikroTik router hack? The TaZmen Sniffer Protocol (TZSP) is an open protocol designed to encapsulate other
0 Comments
Building on work that had sought to create fake partial fingerprints for fooling biometric scanners, researchers have used machine learning and artificial intelligence to construct full images of fake fingerprints. Philip Bontrager, Aditi Roy, Julian Togelius and Nasir Memon, researchers at New York University Tandon, and Arun Ross, researcher at Michigan State University, developed DeepMasterPrints,
0 Comments
Building on work that had sought to create fake partial fingerprints for fooling biometric scanners, researchers have used machine learning and artificial intelligence to construct full images of fake fingerprints. Philip Bontrager, Aditi Roy, Julian Togelius and Nasir Memon, researchers at New York University Tandon, and Arun Ross, researcher at Michigan State University, developed DeepMasterPrints,
0 Comments
The real identity of Tessa88—the notorious hacker tied to several high-profile cyber attacks including the LinkedIn, DropBox and MySpace mega breaches—has been revealed as Maksim Vladimirovich Donakov (Максим Владимирович Донаков), a resident of Penza, Russian Federation. In early 2016, a hacker with pseudonym Tessa88 emerged online offering stolen databases from some of the biggest social
0 Comments
This is why you should always think twice before opening innocent looking email attachments, especially word and pdf files. Cybersecurity researchers at Cisco Talos have once again discovered multiple critical security vulnerabilities in the Atlantis Word Processor that allow remote attackers to execute arbitrary code and take over affected computers. An alternative to Microsoft Word,
0 Comments
Mozilla’s security-focused Firefox Monitor tool is expanding to be more proactive at notifying users about past data breaches, but one expert worries about the consequences. Mozilla began testing the initial integration between Firefox Monitor and Have I Been Pwned (HIBP) — a website that enables users to find out if their email addresses were in
0 Comments
Even in the best-case scenario, with effective network security infrastructure in place and an expert staff at the ready, network security can be a thorny task. Then, consider most organizations contend with serious resource limitations, and the picture becomes darker. As network security threats continue to evolve, here are some of the top network security
0 Comments
At Pwn2Own 2018 mobile hacking competition held in Tokyo on November 13-14, white hat hackers once again demonstrated that even the fully patched smartphones running the latest version of software from popular smartphone manufacturers can be hacked. Three major flagship smartphones—iPhone X, Samsung Galaxy S9, and Xiaomi Mi6—were among the devices that successfully got hacked
0 Comments
Traditional network security vulnerabilities are bad enough without adding SDN security issues to the mix. But, as organizations deploy SDN, they risk exposing their networks to new types of threats and attacks, especially if they don’t have proper plans in place. A prevalent concern with SDN security focuses on the SDN controller. The controller contains
0 Comments
Has Wikileaks founder Julian Assange officially been charged with any unspecified criminal offense in the United States? — YES United States prosecutors have accidentally revealed the existence of criminal charges against Wikileaks founder Julian Assange in a recently unsealed court filing in an unrelated ongoing sex crime case in the Eastern District of Virginia. Assistant
0 Comments
Okta Inc. researchers discovered a bypass that allows threat actors to create malware that can pose as legitimate software files signed by Apple. What is this bypass and who does it affect? Because regular users sometimes find it difficult to know what is and isn’t safe on the internet or when installing software, software developers