NSA-Linked 'DarkPulsar' Exploit Tool Detailed

Fri, 19 Oct 2018 18:39:43 +0000

Kaspersky Lab security researchers have analyzed another exploit tool that was supposedly stolen from the National Security Agency-linked Equation Group. read more

0-Day in jQuery Plugin Impacts Thousands of Applications

Fri, 19 Oct 2018 18:09:40 +0000

Thousands of projects are possibly impacted by a jQuery File Upload plugin vulnerability that has been actively exploited in the wild, a security researcher has discovered. read more

City Pays $2,000 in Computer Ransomware Attack

Fri, 19 Oct 2018 15:22:41 +0000

A Connecticut city has paid $2,000 to restore access to its computer system after a ransomware attack. West Haven officials said Thursday they paid the money to anonymous attackers through the digital currency bitcoin to unlock 23 servers and restore access to city data. read more

Chinese Hackers Use 'Datper' Trojan in Recent Campaign

Fri, 19 Oct 2018 13:53:15 +0000

A China-linked cyber espionage group known as Tick was observed using the Datper malware in a recent campaign, Cisco Talos security researchers reveal. read more

Server With National Guard Personnel Data Target of Attack

Fri, 19 Oct 2018 13:41:57 +0000

The Indiana National Guard says a state, non-military computer server containing personal information on civilian and military Guard personnel was the target of a recent ransomware attack. The Guard said Thursday it is notifying the affected personnel that they should be alert for suspicious activity or fraudulent accounts being opened in their name. read more

FreeRTOS Vulnerabilities Expose Many Systems to Attacks

Fri, 19 Oct 2018 13:38:08 +0000

Vulnerabilities discovered in the FreeRTOS operating system can expose a wide range of systems to attacks, including smart home devices and critical infrastructure, researchers warn. read more

EU Leaders Vow Tough Action on Cyber Attacks

Fri, 19 Oct 2018 11:13:25 +0000

EU leaders on Thursday condemned the attempted hack on the global chemical weapons watchdog and vowed to step up the bloc's efforts to tackle cyber attacks. With concerns growing about the malign cyber activities of several countries around the world, notably Russia, the bloc's leaders called for work to begin to set up sanctions to punish hackers. read more

Mozilla Brings Encrypted SNI to Firefox Nightly

Fri, 19 Oct 2018 10:40:57 +0000

Mozilla says Firefox Nightly now supports encrypting the Transport Layer Security (TLS) Server Name Indication (SNI) extension, several weeks after Cloudflare announced it turned on Encrypted SNI (ESNI) across all of its network. read more

Remote Code Execution Flaws Patched in Drupal

Fri, 19 Oct 2018 09:21:02 +0000

Developers of the Drupal content management system (CMS) have patched several vulnerabilities in the 7 and 8 branches, including serious flaws that can be exploited for remote code execution. read more

Splunk Patches Several Flaws in Enterprise, Light Products

Fri, 19 Oct 2018 05:37:51 +0000

Splunk recently patched several vulnerabilities in its Enterprise and Light products, including flaws that have been rated “high severity.” read more

Flaws Open Telepresence Robots to Prying Eyes

Thu, 18 Oct 2018 18:22:08 +0000

Vulnerabilities in telepresence robots could provide an attacker not only with command execution capabilities, but also with access to a live video stream from the device, Zingbox reports. read more

NFCdrip Attack Proves Long-Range Data Exfiltration via NFC

Thu, 18 Oct 2018 17:35:44 +0000

Researchers have demonstrated that the near-field communication (NFC) protocol can be used to exfiltrate small amounts of data, such as passwords and encryption keys, over relatively long distances. read more

Apple's Revamped Privacy Website Offers Users Access to Their Data

Thu, 18 Oct 2018 13:57:54 +0000

Apple users can now get a copy of the data the tech giant has on them, directly from a refreshed and expanded privacy website rolled out this week. read more

Google Pixel 3 Improves Data Protection with Security Chip

Thu, 18 Oct 2018 13:24:25 +0000

Google has packed the recently launched Pixel 3 and Pixel 3 XL devices with Titan M, a hardened security microcontroller that can better protect information at hardware level. read more

'Operation Oceansalt' Reuses Code from Chinese Group APT1

Thu, 18 Oct 2018 12:03:02 +0000

A recently observed cyber-espionage campaign targeting South Korea, the United States and Canada is reusing malicious code previously associated with state-sponsored Chinese group APT1, McAfee reports. read more

3 Public Cloud Security Myths Debunked

Thu, 18 Oct 2018 11:58:07 +0000

As more and more organizations embrace the migration to the cloud, there are the inevitable questions that arise around its safety. Specifically, enterprises need to know that their data is going to be secure if they choose to embrace a cloud-based model, particularly a public cloud. read more

Facebook Launches 'War Room' to Combat Manipulation

Thu, 18 Oct 2018 10:45:21 +0000

In Facebook's "War Room," a nondescript space adorned with American and Brazilian flags, a team of 20 people monitors computer screens for signs of suspicious activity. read more

Ex-Virginia Teacher Charged in 2014 'Celebgate' Hacking

Thu, 18 Oct 2018 10:37:51 +0000

A former Virginia high school teacher is the fifth person charged in an investigation into the 2014 "celebgate" scandal in which hackers obtained nude photographs and other private information from more than 200 people, including celebrities. read more

Tumblr Vulnerability Exposed User Account Information

Thu, 18 Oct 2018 05:37:32 +0000

Tumblr on Wednesday disclosed a vulnerability that could have been exploited to obtain user account information, including email addresses and protected passwords. read more