News aggregator

Google offers up to $1.5 million bounty for remotely hacking Titan M chip

THN - Fri, 22/11/2019 - 10:52
With its latest announcement to increase bug bounty rewards for finding and reporting critical vulnerabilities in the Android operating system, Google yesterday set up a new challenging level for hackers that could let them win a bounty of up to $1.5 million. Starting today, Google will pay $1 million for a "full chain remote code execution exploit with persistence which compromises the Titan

Russian Hacker Behind NeverQuest Banking Malware Gets 4 Years in U.S. Prison

THN - Fri, 22/11/2019 - 06:06
A Russian hacker who created and used Neverquest banking malware to steal money from victims' bank accounts has finally been sentenced to 4 years in prison by the United States District Court for the Southern District of New York. Stanislav Vitaliyevich Lisov, 34, was arrested by Spanish authorities at Barcelona–El Prat Airport in January 2017 on the request of the FBI and extradited to the

T-Mobile Suffers Data Breach Affecting Prepaid Wireless Customers

THN - Fri, 22/11/2019 - 04:27
Are you a T-Mobile prepaid customer? If yes, you should immediately create or update your associated account PIN/passcode as additional protection. The US-based telecom giant T-Mobile today disclosed a yet another data breach incident that recently exposed potentially personal information of some of the customers using its prepaid services. What happened? In a statement posted on its website

The Ultimate 2019 Security Team Assessment Template

THN - Wed, 20/11/2019 - 12:51
Assessing the performance of your security team is critical to both knowing your current posture, as well as planning ahead. 'The Ultimate 2019 Security Team Assessment Template' is the first attempt to capture all the main KPIs of the security team main pillars, saving CIOs and CISOs the time and effort of creating such an assessment from scratch and providing them with a simple and

Official Monero Site Hacked to Distribute Cryptocurrency Stealing Malware

THN - Wed, 20/11/2019 - 06:58
What an irony — someone hacked the official website of the Monero cryptocurrency project and quietly replaced legitimate Linux and Windows binaries available for download with malicious versions designed to steal funds from users' wallets. The latest supply-chain cyberattack was revealed on Monday after a Monero user spotted that the cryptographic hash for binaries he downloaded from the

New Flaw Lets Rogue Android Apps Access Camera Without Permission

THN - Wed, 20/11/2019 - 03:48
An alarming security vulnerability has been discovered in several models of Android smartphones manufactured by Google, Samsung, and others that could allow malicious apps to secretly take pictures and record videos — even when they don't have specific device permissions to do so. You must already know that the security model of the Android mobile operating system is primarily based on device

Louisiana State Government Hit by Ransomware Attack Forcing Server Shutdowns

THN - Tue, 19/11/2019 - 11:35
Targeted ransomware attacks on banking and finance, government, healthcare, and critical infrastructure are on the rise, with the latest victim being the state government of Louisiana. The state government of Louisiana was hit by a large-scale coordinated ransomware attack yesterday, which forced the state to take several state agency servers offline, including government websites, email

7 Courses That Will Help You Start a Lucrative Career in Information Security

THN - Sun, 17/11/2019 - 08:00
As the world becomes more interconnected by the day, more and more companies of all sizes and industries are finding themselves under attack by fearless cybercriminals who can access their entire server farms from across the globe with only a few lines of code. And it's not just private corporations that are suffering. A wide range of government agencies are also constantly under attack, and

New WhatsApp Bug Could Have Let Hackers Secretly Install Spyware On Your Devices

THN - Sat, 16/11/2019 - 08:46
The recent controversies surrounding the WhatsApp hacking haven't yet settled, and the world's most popular messaging platform is in choppy waters once again. The Hacker News has learned that WhatsApp has recently patched yet another critical vulnerability that could have allowed attackers to remotely compromise targeted devices and potentially steal secured chat messages and files stored on

Two Arrested for Stealing $550,000 in Cryptocurrency Using Sim Swapping

THN - Fri, 15/11/2019 - 07:32
It appears that at least the United States has started taking the threat of Sim Swapping attacks very seriously. Starting with the country's first-ever conviction for 'SIM Swapping' this February, U.S. Department of Justice has since then announced charges against several individuals for involving in the scheme to siphon millions of dollars in cryptocurrency from victims. In the latest

New Group of Hackers Targeting Businesses with Financially Motivated Cyber Attacks

THN - Thu, 14/11/2019 - 12:22
Security researchers have tracked down activities of a new group of financially-motivated hackers that are targeting several businesses and organizations in Germany, Italy, and the United States in an attempt to infect them with backdoor, banking Trojan, or ransomware malware. Though the new malware campaigns are not customized for each organization, the threat actors appear to be more

Qualcomm Chip Flaws Let Hackers Steal Private Data From Android Devices

THN - Thu, 14/11/2019 - 09:38
Hundreds of millions of devices, especially Android smartphones and tablets, using Qualcomm chipsets, are vulnerable to a new set of potentially serious vulnerabilities. According to a report cybersecurity firm CheckPoint shared with The Hacker News, the flaws could allow attackers to steal sensitive data stored in a secure area that is otherwise supposed to be the most protected part of a

Company Detected Years-Long Breach Only After Hacker Maxed Out Servers' Storage

THN - Thu, 14/11/2019 - 07:07
What could be even worse than getting hacked? It's the "failure to detect intrusions" that always results in huge losses to the organizations. Utah-based technology company InfoTrax Systems is the latest example of such a security blunder, as the company was breached more than 20 times from May 2014 until March 2016. What's ironic is that the company detected the breach only after it

4 Best Free Online Security Tools for SMEs in 2020

THN - Thu, 14/11/2019 - 05:00
Cyberattacks on small and midsized companies in 2019 cost $200,000 per company on average, mercilessly putting many of them out of business, says CNBC in its analysis of a recent Accenture report. In light of the global cybersecurity skills shortage, the number is set to soar in 2020. Solely in the UK, over 50,000 British SMEs could collapse next year following a cyberattack. This article

New ZombieLoad v2 Attack Affects Intel's Latest Cascade Lake CPUs

THN - Wed, 13/11/2019 - 13:46
Zombieload is back. This time a new variant (v2) of the data-leaking side-channel vulnerability also affects the most recent Intel CPUs, including the latest Cascade Lake, which are otherwise resistant against attacks like Meltdown, Foreshadow and other MDS variants (RIDL and Fallout). Initially discovered in May this year, ZombieLoad is one of the three novel types of microarchitectural data

The Comprehensive Compliance Guide (Get Assessment Templates)

THN - Wed, 13/11/2019 - 08:01
Complying with cyber regulations forms a significant portion of the CISO's responsibility. Compliance is, in fact, one of the major drivers in the purchase and implementation of new security products. But regulations come in multiple different colors and shapes – some are tailored to a specific vertical, while others are industry-agnostic. Some bare explicit consequences for failing to comply

Researchers Discover TPM-Fail Vulnerabilities Affecting Billions of Devices

THN - Wed, 13/11/2019 - 07:29
A team of cybersecurity researchers today disclosed details of two new potentially serious CPU vulnerabilities that could allow attackers to retrieve cryptographic keys protected inside TPM chips manufactured by STMicroelectronics or firmware-based Intel TPMs. Trusted Platform Module (TPM) is a specialized hardware or firmware-based security solution that has been designed to store and protect

Is Facebook Secretly Accessing Your iPhone's Camera? Some Users Claimed

THN - Tue, 12/11/2019 - 16:25
It appears that Facebook at the center of yet another issue involving privacy. Reportedly, multiple iPhone users have come forward on social media complaining that the Facebook app secretly activates their smartphone's camera in the background while they scroll through their Facebook feeds or looking at the photos on the social network. As shown in the Twitter videos below, when users click

Hackers Breach ZoneAlarm's Forum Site — Outdated vBulletin to Blame

THN - Mon, 11/11/2019 - 13:27
ZoneAlarm, an internet security software company owned by Israeli cybersecurity firm Check Point Technologies, has suffered a data breach exposing data of its discussion forum users, the company confirmed The Hacker News. With nearly 100 million downloads, ZoneAlarm offers antivirus software, firewall, and additional virus protection solutions to home PC users, small businesses, and mobile

Amazon's Ring Video Doorbell Lets Attackers Steal Your Wi-Fi Password

THN - Thu, 07/11/2019 - 12:58
Security researchers at Bitdefender have discovered a high-severity security vulnerability in Amazon's Ring Video Doorbell Pro devices that could allow nearby attackers to steal your WiFi password and launch a variety of cyberattacks using MitM against other devices connected to the same network. In case you don't own one of these, Amazon's Ring Video Doorbell is a smart wireless home


Subscribe to Shiga Tecnologia aggregator