Monthly Archives: November 2017
Kazakhstan-born Canadian citizen pleads guilty to 2014 Yahoo hack, he admits helping Russian Intelligence
The Kazakhstan-born Canadian citizen Karim Baratov (22) has pleaded guilty to massive 2014 Yahoo hack that affected three billion accounts. The Kazakhstan-born Canadian citizen Karim Baratov (22) (Kay, a.k.a Karim Taloverov, a.k.a Karim Akehmet Tokbergenov), has […]
U.S. Indicts Chinese hackers for cyber espionage on Siemens and Moody’s
US authorities have filed official charges against three Chinese hackers part of the elite cyber-espionage unit APT3. US authorities charged three China-based hackers for stealing sensitive information from US based companies, including Siemens […]
A new Mirai variant is rapidly spreading, around 100,000 IPs running the scans in the past 60 hours
A new Mirai variant is rapidly spreading, experts observed around 100K IPs running the scans in the past 60 hours searching for flawed ZyXEL PK5001Z routers. According to Li Fengpei, […]
Imgur was hacked in 2014, 1.7 million user accounts were compromised
Imgur, the popular image sharing service, confirms email addresses and passwords were stolen in a security breach occurred in 2014. Are you an Imgur user? News of the day it that […]
Most PCs Running Windows and Intel Management Engine Easily Remotely Exploited
Almost every PC vendor announced the imminent release of fixes for the flaws in Intel Management Engine, but many of them will not be available until 2018. Intel has started to […]
Uber Breach of 57M Records Undisclosed For More Than One Year
Uber is silent for more than a year on a breach of data that has exposed 57 million records, and pays in secret a ransom. What’s worse than a data […]
A bug in the Android MediaProjection service lets hackers to record audio and screen activity on 77% of all devices
A flaw in the Android MediaProjection service could be exploited by an attacker to record audio and screen activity on around 77.5% of all Android devices. A vulnerability affecting Android smartphones running […]
De-authentication attack on Amazon Key could let crooks to disable your camera
Researchers with Rhino Security Labs demonstrated how to disable the camera on Amazon Key, which could let a rogue courier to access the customers’ home. Earlier this month, Amazon announced […]
US retailer Forever 21 Warns customers of payment card breach at some locations
The US clothes retailer FOREVER 21 announced it has suffered a security breach, hackers stole payment card data at some locations. Another data breach made the headlines, this time the […]
Bug bounty programs and a vulnerability disclosure policy Hackers allowed Pentagon fix thousands of flaws
Bug bounty programs allowed the US agency to receive 2,837 valid bug reports from 650 white hat hackers located in 50 countries around the world. Bug bounty program ‘Hack the Pentagon’ launched […]
DHS – Tests demonstrate Boeing 757 airplanes vulnerable to hacking
Researchers and private industry experts, along with DHS officials, remotely hacked a Boeing 757 airplane that was parked at the airport in Atlantic City. A group of researchers and private […]
A regular GitHub user accidentally triggered a flaw Ethereum Parity Wallet that locked up $280 million in Ether
A GitHub user accidentally triggered a flaw in the Parity Wallet library contract of the standard multi-sig contract that locked up $280 million in Ether. Ethereum made again the headlines, someone has […]
Vietnamese APT32 group is one of the most advanced APTs in the threat landscape
According to the incident response firm Volexity, Vietnamese APT32 group is today one of the most advanced APTs in the threat landscape According to the incident response firm Volexity, the cyber espionage […]
Training to Tackle Insider Threats
Training to Tackle Insider Threats By Pete Burke, technical consultant at Force 3 Much like the age-old horror movie trope, when it comes to cybersecurity, the calls are coming from […]
Malware signed with stolen Digital code-signing certificates continues to bypass security software
A group of researchers demonstrated that malware signed with stolen Digital code-signing certificates continues to bypass security software. A recent study conducted by the Cyber Security Research Institute (CSRI) revealed […]
Measuring Success in Cyber Security
Is no news good news when it comes to cyber security in your business? What are the hallmarks of excellence in this field? Phil Cracknell, Chief Information Security Officer (CISO) […]
InfoSec Awards 2018 Submission
Cyber Defense Magazine 2018 InfoSec Awards are now open for entry. Early Bird Registration ends December 15th, 2017 Deadline for Submission for our Judges is: January 31, 2018 Finalists announced February […]
Hacker threatens Canadian University to dump student info unless the university pay a ransom
A hacker is attempting to extort the Canadian University of Fraser Valley (UFV), threatening to dump student information unless the university pays a ransom. Extortion is a winning criminal model […]
Halting Hackers for the Holidays
October was National Cyber Security Awareness month and during that time with nearly 2 billion records stolen in the first half of 2017 in the US alone and the Global […]
iPhone Apps you granted camera access can secretly take photos and record video
A serious privacy issue in iPhone that could be exploited by iOS app developers to silently take your photos and record your live video by enabling cameras. Do you use an […]
Vulnerabilities in Google Issue Tracker exposed details about unpatched flaws
A flaw in the Google Issue Tracker, also known as the “Buganizer,” might have exposed details about unpatched flaws listed in the database. A vulnerability in the Google Issue Tracker, […]
MFT: Still Young and Growing
Occasionally, I attend events with other technology professionals to talk about managed file transfer. When I bring it up, it’s not unusual that someone may give me an incredulous look […]