Yearly Archives: 2017
Most PCs Running Windows and Intel Management Engine Easily Remotely Exploited
Almost every PC vendor announced the imminent release of fixes for the flaws in Intel Management Engine, but many of them will not be available until 2018. Intel has started to […]
Uber Breach of 57M Records Undisclosed For More Than One Year
Uber is silent for more than a year on a breach of data that has exposed 57 million records, and pays in secret a ransom. What’s worse than a data […]
A bug in the Android MediaProjection service lets hackers to record audio and screen activity on 77% of all devices
A flaw in the Android MediaProjection service could be exploited by an attacker to record audio and screen activity on around 77.5% of all Android devices. A vulnerability affecting Android smartphones running […]
De-authentication attack on Amazon Key could let crooks to disable your camera
Researchers with Rhino Security Labs demonstrated how to disable the camera on Amazon Key, which could let a rogue courier to access the customers’ home. Earlier this month, Amazon announced […]
US retailer Forever 21 Warns customers of payment card breach at some locations
The US clothes retailer FOREVER 21 announced it has suffered a security breach, hackers stole payment card data at some locations. Another data breach made the headlines, this time the […]
Bug bounty programs and a vulnerability disclosure policy Hackers allowed Pentagon fix thousands of flaws
Bug bounty programs allowed the US agency to receive 2,837 valid bug reports from 650 white hat hackers located in 50 countries around the world. Bug bounty program ‘Hack the Pentagon’ launched […]
DHS – Tests demonstrate Boeing 757 airplanes vulnerable to hacking
Researchers and private industry experts, along with DHS officials, remotely hacked a Boeing 757 airplane that was parked at the airport in Atlantic City. A group of researchers and private […]
A regular GitHub user accidentally triggered a flaw Ethereum Parity Wallet that locked up $280 million in Ether
A GitHub user accidentally triggered a flaw in the Parity Wallet library contract of the standard multi-sig contract that locked up $280 million in Ether. Ethereum made again the headlines, someone has […]
Vietnamese APT32 group is one of the most advanced APTs in the threat landscape
According to the incident response firm Volexity, Vietnamese APT32 group is today one of the most advanced APTs in the threat landscape According to the incident response firm Volexity, the cyber espionage […]
Training to Tackle Insider Threats
Training to Tackle Insider Threats By Pete Burke, technical consultant at Force 3 Much like the age-old horror movie trope, when it comes to cybersecurity, the calls are coming from […]
Malware signed with stolen Digital code-signing certificates continues to bypass security software
A group of researchers demonstrated that malware signed with stolen Digital code-signing certificates continues to bypass security software. A recent study conducted by the Cyber Security Research Institute (CSRI) revealed […]
Measuring Success in Cyber Security
Is no news good news when it comes to cyber security in your business? What are the hallmarks of excellence in this field? Phil Cracknell, Chief Information Security Officer (CISO) […]
InfoSec Awards 2018 Submission
Cyber Defense Magazine 2018 InfoSec Awards are now open for entry. Early Bird Registration ends December 15th, 2017 Deadline for Submission for our Judges is: January 31, 2018 Finalists announced February […]
Hacker threatens Canadian University to dump student info unless the university pay a ransom
A hacker is attempting to extort the Canadian University of Fraser Valley (UFV), threatening to dump student information unless the university pays a ransom. Extortion is a winning criminal model […]
Halting Hackers for the Holidays
October was National Cyber Security Awareness month and during that time with nearly 2 billion records stolen in the first half of 2017 in the US alone and the Global […]
iPhone Apps you granted camera access can secretly take photos and record video
A serious privacy issue in iPhone that could be exploited by iOS app developers to silently take your photos and record your live video by enabling cameras. Do you use an […]
Vulnerabilities in Google Issue Tracker exposed details about unpatched flaws
A flaw in the Google Issue Tracker, also known as the “Buganizer,” might have exposed details about unpatched flaws listed in the database. A vulnerability in the Google Issue Tracker, […]
MFT: Still Young and Growing
Occasionally, I attend events with other technology professionals to talk about managed file transfer. When I bring it up, it’s not unusual that someone may give me an incredulous look […]
IOActive disclosed 2 critical flaws in global satellite telecommunications Inmarsat’s SATCOM systems
Flaws in Stratos Global AmosConnect 8 PC-based SATCOM service impact thousands of customers worldwide running the newest version of the platform that is used in vessels. Security researchers at IOActive […]
Next Generation Managed Security Service Provider: Herjavec Group
A Cyber Defense Magazine Exclusive Interview with Founder & CEO Robert Herjavec I remember many years ago, Eric Lundquist, Editor and Chief of eWeek (formerly PC Week) gave me my […]
Zero Day Malware Discovered: Wonder Botnet
Introduction Surfing the darknet, we found a forum in which some users shares many cracked software each other. One of these software promises to generate Premium Account for Netflix […]
Proton malware spreading through supply-chain attack, victims should wipe their Macs
The dreaded Proton malware was spreading through a new supply-chain attack that involved the Elmedia apps, victims should wipe their Macs Bad news for Mac users, a new malware is threatening […]
CUTLET MAKER ATM malware offered for 5000 USD on darknet forum
Hacking ATM could be very easy thanks to the availability of the CUTLET MAKER ATM malware on an underground hacking forum. Wannabe crooks can buy an ATM malware on a […]
BAE Systems report links Taiwan heist to North Korean LAZARUS APT
Researchers at BAE Systems investigated the recent cyber-heist that targeted a bank in Taiwan and linked the action to the notorious Lazarus APT group. The activity of the Lazarus APT Group […]
Ransomware News: September Wrapup
Top ransomware records for September 2017 Whereas September was generally slow ransomware-wise, it was a month of really weird strains. One of them asked for nude pictures of the user […]
5 NEW CYBERSECURITY TOOLS FOR BUSINESSES
This National Cyber Security Awareness Month, check out the latest cybersecurity technology to help protect your company from an attack. [This is a small excerpt of the entire article, please […]
10 Tips on How to Get a Job in Cyber Security
10 tips on how to get a job in cyber security by Cyber Security Jobs Research Read as much as you can about protecting Information, confidentiality, information assurance, penetration testing, […]
BAE Systems report links Taiwan heist to North Korean LAZARUS APT
Researchers at BAE Systems investigated the recent cyber-heist that targeted a bank in Taiwan and linked the action to the notorious Lazarus APT group. The activity of the Lazarus APT Group […]
Iranian hackers compromised the UK leader Theresa May’s email account along with other 9,000 emails
Iranian hackers compromised 9,000 UK emails in ‘brute force’ cyber attack that was initially attributed to Russian state-sponsored hackers. On June 23, around 9,000 email accounts, including those belonging to […]
Hyatt Hotels suffered a new payment card breach, the second in two years
The Hyatt Hotels Corporation notified customers that their credit card information may have been stolen by crooks, the second time in 2 years. The Hyatt Hotels Corporation made the headlines […]