Yearly Archives: 2018
New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms
Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms Security researchers at Palo Alto Networks have discovered a […]
One year later BlueBorne disclosure, over 2 Billion devices are still vulnerable
One year after the discovery of the BlueBorne Bluetooth vulnerabilities more than 2 billion devices are still vulnerable to attacks. In September 2017, experts with Armis Labs devised a new […]
Cyber attack took offline flight display screens at the Bristol Airport
The Bristol Airport was hit by a cyber attack that caused problems with operations, flight display screens were taken offline for two days. The Bristol Airport was hit by a […]
SPECIAL REPORT: Going Beyond HIPAA Compliance: A Case Study
A Case Study on how Black River Memorial Hospital Improved Security Posture HIPAA compliance is a big piece of any healthcare organization’s cybersecurity process. However, the goal of any compliance […]
New PyLocky Ransomware stands out for anti-machine learning capability
Security experts from Trend Micro have spotted a new strain of ransomware involved in attacks in July and August, the malicious code was posing as the Locky ransomware. Researchers at Trend […]
Microsoft Patch Tuesday updates for September 2018 also address recently disclosed Windows zero-day
Microsoft Patch Tuesday updates for September 2018 address over 60 vulnerabilities, including the recently disclosed zero-day flaw. Microsoft Patch Tuesday updates for September 2018 address 61 vulnerabilities in Internet Explorer […]
Hacking the Hacker – Free – Time Sensitive Offer
Cyber Defense Magazine Special Offer – Request Your Free eBook Now: “Hacking the Hacker ($13 Value) FREE For a Limited Time” Meet the world’s top ethical hackers and explore the tools of the […]
Mirai and Gafgyt target Apache Struts and SonicWall to hit enterprises
Security experts with Unit 42 at Palo Alto Networks have discovered new variants of the Mirai and Gafgyt IoT malware targeting enterprises. Both botnets appear very interesting for two main reasons: The […]
Patch Tuesday Update
September Brings Updates for Google Chrome, Adobe Flash Player; Microsoft Releases Fixes for 61 Unique CVEs Including ALPC Elevation of Privilege Vulnerability by Chris Goettl, director of product management, Security, […]
A growing number of iOS apps collect and sell location data
A growing number of iOS apps currently collect location data, WiFi network IDs and other data, from iPhone users and sell them to monetization firms. A group of security researchers that […]
Russian citizen behind JPMorgan Chase and Dow Jones attacks extradited to US
Andrei Tyurin, the man that is accused to be the responsible for major cyber attacks against financial institutions, including JPMorgan Chase, was extradited to the United States from Georgia. The Russian citizen […]
British Airways hacked, attackers stole details of 380,000 customers
Personal and payment card information of 380,000 British Airways customers were stolen by attackers, stolen data did not include travel or passport details. British Airways was hacked, customer personal and payment […]
6 Users to Put On Your Organization’s Security Watch List
Who are the most dangerous threats to your organization’s data security? Hackers and cybercriminals seem like the obvious choice. But even well-meaning employees can become security threats. Does this sound […]
Experts warn of 7,500+ MikroTik Routers that are hijacking owners’ traffic
The security firm Qihoo 360 Netlab discovered more than 7,500 MikroTik routers that have been compromised to enable Socks4 proxy maliciously Earlier August, experts uncovered a massive crypto jacking campaign that was […]
Parental control spyware app Family Orbit hacked, pictures of hundreds of monitored children were exposed
The company that sells the parental control spyware app Family Orbit has been hacked, pictures of hundreds of monitored children were left online. The company that sells the parental control […]
Critical remote code execution flaw patched in Packagist PHP package repository
Maintainers of Packagist, the largest PHP package repository, have recently addressed a critical remote code execution vulnerability. Packagist is the default package host behind Composer, it has over 435 million package installs. […]
Kaspersky warns of a new Loki Bot campaign target corporate mailboxes
Security experts from Kaspersky Lab have uncovered a new spam campaign leveraging the Loki Bot malware to target corporate mailboxes. The Loki Bot attacks started in July and aimed at stealing passwords from […]
Some of the world’s biggest crimes go unnoticed, until it’s too late
As the way we live and work becomes increasingly sophisticated, complex and connected, the benefits are clear to see as things get more streamlined and intuitive with every passing day. […]
Cryptocurrency Platform Atlas Quantum hacked, 260k users impacted
The Cryptocurrency Platform Atlas Quantum suffered a security breach, information belonging to more than 260,000 users was stolen by hackers. Hackers stole information related to over 260,000 users of the Cryptocurrency Platform Atlas […]
Android mobile devices from 11 vendors are exposed to AT Commands attacks
A group of researchers has conducted an interesting study on AT commands attacks on modern Android devices discovering that models of 11 vendors are at risk A group of researchers […]
SentinelOne Unveils H1 2018 Enterprise Risk Index Report
Report Highlights Prevalence of Ransomware and Rise of Fileless and PowerShell Attacks; Need for Next-Gen Endpoint Protection by SentinelOne SentinelOne, the autonomous endpoint protection company, today announced the findings of its H1 2018 […]
The restaurant chain Cheddar’s Scratch Kitchen has suffered a payment card breach
The restaurant chain Cheddar’s Scratch Kitchen suffered a payment card breach, hackers hacked the company network between Nov. 3, 2017 and Jan. 2, 2018 Once again here we are to […]
North Korea-linked Lazarus APT uses first Mac malware in cryptocurrency exchange attack
North Korea-linked Lazarus APT group leveraged for the first time on a MacOS variant of the Fallchill malware in a cryptocurrency exchange attack. According to Kaspersky, the North Korea-linked Lazarus group […]
Expert discovered a Critical Remote Code Execution flaw in Apache Struts (CVE-2018-11776)
Maintainers of the Apache Struts 2 open source development framework has released security updates to address a critical remote code execution vulnerability. Security updates released this week for the Apache Struts […]
Dark Tequila Banking malware targets Latin America since 2013
Kaspersky Labs detected a sophisticated piece of banking malware dubbed Dark Tequila that was used to target customers of several Mexican banks. Security experts from Kaspersky Labs have spotted a sophisticated […]
2.6 billion records exposed in 2,308 disclosed data breaches in H1
According to a report from cyber threat intelligence firm Risk Based Security some 2.6. billion data records have been exposed in data breached in the first half of 2018. According to a […]
Breaking News: Supply Chain Attack Operation Red Signature Targets South Korean Organizations
Trend Micro Research, along with researchers from IssueMakersLab, recently discovered a supply chain attack targeting South Korean organizations, named Operation Red Signature. The attack was targeted to specific IP ranges […]
Unusual Malspam campaign targets banks with Microsoft Publisher files
Researchers from Trustwave have uncovered a malspam campaign targeting banks with the FlawedAmmyy RAT. The peculiarity of this malspam campaign is the unusual use of a Microsoft Office Publisher file to infect victims’ systems. Experts noticed an […]
An Australian schoolboy hacked into Apple Servers and stole 90GB of secure files
According to Australian media, a teen hacker broke into Apple mainframe and downloaded 90GB of secure files. He dreams to work for the Tech Giant. I believe it is time […]
Breaking News: NIST Small Business Cybersecurity Law
President Donald J. Trump has just signed the NIST Small Business Cybersecurity Act into law. Now part of the U.S. federal law S.770, it requires the director of the National […]