Popular Android Apps Leak User Data via Third-Party SDKs

Thu, 19 Apr 2018 01:04:19 +0000

Popular mobile applications that use third-party, ready-to-go advertising Software Development Kits (SDKs) expose user data by transmitting it over the insecure HTTP protocol, Kaspersky Lab warns. read more

Russia Says to Probe Facebook After Telegram Crackdown

Wed, 18 Apr 2018 16:14:34 +0000

Russia's telecoms watchdog plans to probe Facebook before the end of the year after blocking access in the country to the popular messaging app Telegram, its head said on Wednesday. "We will conduct a probe of the company before the end of 2018," the head of state regulator Roskomnadzor, Alexander Zharov, told pro-Kremlin newspaper Izvestia. read more

Honeypot Shows the Power of Automation in the Hands of Hackers

Wed, 18 Apr 2018 15:46:03 +0000

Honeypot Experiment Shows the Commoditization of Using Bots to Perform Low-level Hacking Tasks read more

Chrome 66 Distrusts Older Symantec Certificates

Wed, 18 Apr 2018 15:13:48 +0000

Released in the stable channel on Tuesday, Chrome 66 removes trusts in website certificates that Symantec issued before June 1, 2016, while also bringing a trial of Site Isolation, and patching 62 vulnerabilities. read more

Rockwell Automation Switches Exposed to Attacks by Cisco IOS Flaws

Wed, 18 Apr 2018 15:13:31 +0000

Rockwell Automation informed customers this week that its Allen-Bradley Stratix and ArmorStratix industrial switches are exposed to remote attacks due to vulnerabilities in Cisco’s IOS software. read more

Few RSA Conference Exhibitors Implemented DMARC

Wed, 18 Apr 2018 14:37:50 +0000

A vast majority of the companies present this week at the 2018 RSA Conference in San Francisco have not implemented the DMARC email authentication system on their domains, opening the door to fraudulent and fake emails. read more

The Kiss of Death for Passwords: Machine Learning?

Wed, 18 Apr 2018 14:17:43 +0000

Since the introduction of computers, user names and passwords have been the primary method used for access control and authentication. However, as post-mortem analysis of data breaches reveals, compromised credentials have become the primary point of attack for today’s cyber adversaries. read more

Microsoft Takes Security to the Edge

Wed, 18 Apr 2018 12:34:51 +0000

Microsoft Unveils New Services and Features to Secure Internet of Things (IoT) Devices read more

Security Pros at Energy Firms Concerned About 'Catastrophic' Attacks

Wed, 18 Apr 2018 12:32:47 +0000

Many cybersecurity professionals working in the energy sector are concerned that an attack on their organization’s industrial control systems (ICS) could have “catastrophic” consequences, according to a study conducted recently by Dimensional Research on behalf of security and compliance solutions provider Tripwire. read more

Oracle Patches 254 Flaws With April 2018 Update

Wed, 18 Apr 2018 10:40:09 +0000

Oracle’s Critical Patch Update (CPU) for April 2018 contains 254 new security fixes, 153 of which address vulnerabilities in business-critical applications. read more

Drupal Sites Targeted With Backdoors, Miners in Drupalgeddon2 Attacks

Wed, 18 Apr 2018 05:27:55 +0000

The recently patched Drupal vulnerability tracked as CVE-2018-7600 and dubbed Drupalgeddon2 has been exploited in the wild to deliver backdoors, cryptocurrency miners and other types of malware. read more

Facebook Admits to Tracking Non-Users Across the Internet

Tue, 17 Apr 2018 18:38:06 +0000

Facebook this week confirmed that it indeed knows when users access websites and apps that use Facebook services, even if they don’t have an account on the social network. read more

CrowdStrike Unveils New Endpoint Protection, Threat Analysis Solutions

Tue, 17 Apr 2018 15:01:50 +0000

CrowdStrike this week unveiled its new Falcon Endpoint Protection Complete solution and announced the addition of an automated threat analysis module to its Falcon platform. read more

Trend Micro Analyzes Writing Style to Detect Email Fraud

Tue, 17 Apr 2018 14:04:42 +0000

Trend Micro on Monday unveiled a new capability that allows its products to identify email fraud attempts by using a writing style analysis system powered by artificial intelligence (AI). read more

Android Trojan Spreads via DNS Hijacking

Tue, 17 Apr 2018 13:03:18 +0000

An Android Trojan masquerading as popular mobile applications is propagating via smartphones roaming between Wi-Fi networks, Kaspersky Lab warns. read more

IBM Releases Open Source AI Security Tool

Tue, 17 Apr 2018 11:12:22 +0000

IBM today announced the release of an open source software library designed to help developers and researchers protect artificial intelligence (AI) systems against adversarial attacks. read more

US, UK Detail Networking Protocols Abused by Russian Cyberspies

Tue, 17 Apr 2018 07:17:43 +0000

A joint technical alert issued on Monday by the United States and the United Kingdom details how cyberspies believed to be working for the Russian government have abused various networking protocols to breach organizations. read more

Intel Unveils New Threat Detection Technology

Tue, 17 Apr 2018 03:08:49 +0000

Intel late on Monday announced two new security-related technologies, including a threat detection system and a framework for building protection into processors, and a strategic collaboration with Purdue University whose goal is to address the shortage of cybersecurity talent. read more

US, Britain Warn of Russian Campaign to Hack Networks

Mon, 16 Apr 2018 23:32:53 +0000

Russian government-sponsored hackers are compromising the key hardware of government and business computer networks like routers and firewalls, giving them virtual control of data flows, Britain and the United States warned Monday. read more