• Home
  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Related Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact Us
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Login / Register

CSIAC

Cyber Security and Information Systems Information Analysis Center

  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Cybersecurity
  • Modeling & Simulation
  • Knowledge Management
  • Software Engineering

Cybersecurity

Group logo of Cybersecurity
Public Group active 4 hours, 58 minutes ago

Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.

  • Home
  • Forum

Cybersecurity (CS) Digest Article Suggestions

  • This topic has 568 replies, 85 voices, and was last updated 5 months, 1 week ago by albertc00leman.
  • Creator
    Topic
  • 2017-01-16 at 13:57 #8450
    CSIACAdmin
    Keymaster

    The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.

    Please reply to this topic with article suggestions for the CS Digest.

    Past issues of the CS Digest can be viewed here: https://www.csiac.org/cs-digest/

    To subscribe to the CS Digest visit here: https://www.csiac.org/subscription-manager/

  • Creator
    Topic
Viewing 545 reply threads
  • Author
    Replies
    • 2020-10-28 at 14:49 #69459
      albertc00leman
      Participant

      Cybersecurity issues have become crucial in terms of COVID-19, particularly for companies. I’ve heard a lot of stories about Zoom meetings being hacked and stolen data.
      But it’s also impossible to be 100% sure that your worker is productive at home as well as in the office. That’s why we had to set up a secure VPN, host a remote server, install tracking tools to prevent data leakage. We also had to teach our employees how to use zoom, worktime software, Trello, and other remote office tools. But I believe it will take some time for others to adjust to the new corona reality.

    • 2020-10-23 at 04:21 #69462
      albertc00leman
      Participant

      Cybersecurity issues have become crucial in terms of COVID-19, particularly for companies. I’ve heard a lot of stories about Zoom meetings being hacked (https://www.chicagotribune.com/coronavirus/ct-coronavirus-zoombombing-20200401-wf2pvzqhbngitankuokvinvk2m-story.html) and stolen data (https://www.zdnet.com/article/barnes-noble-confirms-cyberattack-customer-data-breach/).
      But it’s also impossible to be 100% sure that your worker is productive at home as well as in the office. That’s why we had to set up a secure VPN, host a remote server, install tracking tools to prevent data leakage. We also had to teach our employees how to use zoom https://zoom.us/, worktime software https://www.worktime.com/, Trello https://trello.com/en-US, and other remote office tools. But I believe it will take some time for others to adjust to the new corona reality.

    • 2020-09-07 at 22:56 #68071
      Kenan_Smajkan
      Participant

      This was actually extremely smart on the FBI’s end and its a great way to introduce children and older students into safely browsing the web without being subject to scams and or identity fraud tactics.

      Here’s the link to the page.

    • 2020-08-11 at 00:50 #67653
      shyam_nair
      Participant

      Gain complete visibility inside your assets and network activity, check vulnerabilities possessed by your assets and the risks they pose and detect & respond to threats targeting your network with LTS Secure SOC BOX essential security capabilities

      to know more about FFIEC Compliance

    • 2020-08-11 at 00:48 #67652
      shyam_nair
      Participant

      Tackle three prime areas of cybersecurity for banks and credit unions with Bank Network Security Monitoring, Information Security Risk Assessment and Integrated Threat Intelligence with LTS Secure’s comprehensive cybersecurity solutions

      to know more>>https://ltssecure.com/cyber-security-compliance-management-ffiec

    • 2020-04-01 at 07:05 #64901
      lalitsinghh
      Participant

      Thank you for sharing this information with us.

    • 2020-03-24 at 17:20 #64497
      vpescaru
      Participant

      rickBot Pushing a 2FA Bypass App to Bank Customers in Germany

      TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

    • 2020-03-23 at 12:28 #64440
      jm314
      Participant

      https://www.csoonline.com/article/3533455/new-yorks-shield-act-could-change-companies-security-practices-nationwide.html?&web_view=true

      More and more States should adapt GDPR. New York is joining the band wagon.

    • 2020-03-23 at 10:14 #64425
      NitishD
      Participant

      COVID19 has become the new talk to talk about and to take care from all over the world. I came across this article in which Canada’s Health Sector is at risk of cyber attacks due to the fear of COVID19. It is an interesting article and could give a rise in ransomware attacks. The safety of the confidential information they would be possessing of the patients, doctors, etc. also could be at risk. Something every country needs to look out for and be well prepared with defenses to stop such an attack or be well prepared to resolve it.

      https://www.cbc.ca/news/politics/health-covid-cyberattack-pandemic-1.5502968

    • 2020-03-22 at 12:11 #64376
      James112
      Participant

      For those in the medical device / connected device field, useful article/announcement about BLE vulnerability impacting several chip manufacturers.

      https://www.fda.gov/medical-devices/safety-communications/sweyntooth-cybersecurity-vulnerabilities-may-affect-certain-medical-devices-fda-safety-communication

    • 2020-03-12 at 10:16 #64232
      capatch
      Moderator

      https://www.msn.com/en-us/news/politics/panel-outlines-massive-federal-cybersecurity-overhaul/ar-BB111T08?ocid=spartanntp

      Highly recommend it.

    • 2020-03-02 at 15:17 #64080
      plosiewicz
      Moderator

      Very interesting mobile security piece on 2FA…

      https://www.tomsguide.com/news/mobile-auth-app-hack-rsa20

      • 2020-03-22 at 22:59 #64414
        vpescaru
        Participant

        Thank you for sharing the article. Hot topic 2FA mobile security.

    • 2020-03-02 at 15:16 #64078
      plosiewicz
      Moderator

      Very interesting mobile security piece on 2FA…

      https://www.tomsguide.com/news/mobile-auth-app-hack-rsa20

    • 2020-02-14 at 12:47 #63761
      plosiewicz
      Moderator

      OK All. New Mobile Cybersecurity Conundrum:

      https://arstechnica.com/information-technology/2020/02/researcher-says-nasty-android-infection-survived-a-factory-reset/

      How does an internal file pretend to exist on an external SD card?

      Paul

    • 2019-11-20 at 14:04 #62745
      plosiewicz
      Moderator

      Hybrid System Cloud Data Security

      Useful if you want to share AI/ML data sets for R&D.

      https://www.zdnet.com/article/ibm-launches-cloud-pak-for-security-to-boost-cybersecurity-response-in-hybrid-environments/

    • 2019-11-16 at 14:05 #62691
      nd14
      Participant

      https://www.cpomagazine.com/cyber-security/cybersecurity-workforce-shortage-continues-to-grow/

      According to a survey, 63% of those in cybersecurity roles say that their organization is lacking in cyber security professionals.

    • 2019-11-11 at 16:35 #62575
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/91252-cisa-launches-cybersecurity-essentials-for-small-enterprises

      The Cyber security and Infrastructure Security Agency has made an effort to inform small businesses that do not know about cyber risks to protect their company. This new effort will reduce the amount of cyber security attacks and make small businesses know about the risks that are on the internet.

    • 2019-11-07 at 22:39 #62477
      NStockton09
      Participant

      https://threatpost.com/trend-micro-rogue-employee-68k-customers/149946/

      Employee that worked for Trend Micro stole and sold 68,000 customers data to third party buyers. They did this through accessing a database in which all the information was stored on the company’s server. Not yet known if malicious attacks are being made. Customers are being urged to look out for spam calls and possibly phishing emails.

    • 2019-11-06 at 16:18 #62419
      nd14
      Participant

      https://thehackernews.com/2019/11/chrome-zero-day-update.html

      A new 0 day bug has been identified that attacks chrome users. The bug effects Chrome’s audio component and another the PDFium library.

    • 2019-11-06 at 16:15 #62417
      nd14
      Participant

      https://thehackernews.com/2019/11/hacking-voice-assistant-laser.html

      A team of researchers have discovered a way to command voice controlled devices using a laser instead of voice commands.

    • 2019-11-06 at 16:12 #62415
      nd14
      Participant

      https://thehackernews.com/2019/11/facebook-groups-data-leak.html

      More personal data leaked from FACEBOOK. Over 100 app developers may have had unauthorized access to facebook user accounts.

    • 2019-11-06 at 15:44 #62413
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/91211-number-of-data-breach-reports-skyrocket-in-canada-since-privacy-law-came-into-effect

      Since a new act was initiated in Canada the number of security breaches raised exponentially and people are blaming the new act. The new act makes people report breaches so the amount of breaches before the act is not certain.

    • 2019-11-06 at 15:41 #62411
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/91220-asuswrt-and-amazon-alexa-products-compromised-in-data-breach

      AsusWRT was compromised, which is apart of the chain of alexa devices and the customers of these products had their ip addresses, usernames, and other personal information leaked.

    • 2019-11-06 at 15:38 #62409
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/91224-cybersecurity-workforce-needs-to-grow-145-to-close-skills-gap

      In a resent study in cyber security hows the lack of amount of professionals in the field, there is an estimated 500,000 jobs that need to be filled. This field is growing at such a rapid pace and is still growing.

    • 2019-10-24 at 22:34 #62012
      NStockton09
      Participant

      https://gizmodo.com/internal-cybersecurity-memo-white-house-is-bound-to-ge-1839303204

      The White House seems to be actually weakening its cyber security efforts. An internal memo was sent out via the computer network defense branch chief. The memo he sent out says that the White House is bound to become attacked again. This is due to 12 top cyber security officials that worked to protect the White House from Russian attacks.

    • 2019-10-24 at 14:08 #61988
      depern
      Participant

      Very interesting Joe Rogan podcast with Edward Snowden. As Snowden talks about the NSA, why he did what he did, the government, as well as security within phones and google.

      https://youtu.be/efs3QRr8LWw

    • 2019-10-16 at 11:11 #61735
      nd14
      Participant

      https://www.ibtimes.sg/new-malware-infects-thousands-pcs-confirms-microsoft-cisco-talos-32615

      New malware, called Nodersok, has been identified by Microsoft and Cisco Talos.

    • 2019-10-15 at 12:57 #61709
      NStockton09
      Participant

      https://siliconangle.com/2019/10/14/linux-sudo-bug-opens-root-access-unprivileged-users/

      A bug in the command sudo has been found that where it can give root access to an unauthorized user through the command -u#-1. As long as the user is in the sudo privilege group then they can issue this command and gain root access even if root access is explicitly blocked to all users beside superuser. The issue is the -1 argument on the end is telling sudo to use a negative number id and sudo doesn’t know what to do and gives root instead.

    • 2019-10-13 at 13:27 #61691
      depern
      Participant

      According to threatpost, russian government and diplomatic victims have gotten attacked by a sophisticated cyberespionage platform called Attor.
      https://threatpost.com/sophisticated-spy-kit-russians-gsm-plugin/149095/

    • 2019-10-11 at 10:04 #61679
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/91080-california-to-ban-facial-recognition-on-police-body-cameras

      California is banning police officers from wearing facial recognition cameras because they have misinterpreted many people and they are not accurate. Once they successfully learn how to use the camera it will be back.

    • 2019-10-11 at 10:00 #61677
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/91083-insider-threats-are-biggest-danger-to-data-security

      People are the number one risk of danger in security and they do not know it. Over half of High level employees or CEO’s have admitted that they have clicked on a lick with a work computer that they should not have clicked, those links could lead to the businesses security to be compromised.

      • 2019-10-29 at 10:36 #62141
        ReveneerCyber
        Participant

        What’s the best way to educate employees on cybersecurity? Having them go through training seminars or test phishing attacks? There are so many threats out there now

        • This reply was modified 1 year, 5 months ago by ReveneerCyber.
    • 2019-10-10 at 14:13 #61616
      depern
      Participant

      Throughout the manufacturing sector in 2019, major attacks were happening, as in ransomware attacks, WannaCry, even BitPayment ransomware. Even 50% of organizations that are attacked by cyber attacks is the Manufacturing sector.
      https://cyware.com/news/major-attacks-that-hit-the-manufacturing-sector-in-2019-bec74e8e

    • 2019-10-10 at 14:13 #61603
      nd14
      Participant

      https://www.bbc.com/news/technology-49986737?intlink_from_url=https://www.bbc.com/news/topics/cz4pr2gd85qt/cyber-security&link_location=live-reporting-story

      Attackers use malware to steal credit card information from the Sesame Street online store, and various other e-commerce sites using software developed by Volusion

    • 2019-10-10 at 14:12 #61582
      NStockton09
      Participant

      https://www-lifehacker-com-au.cdn.ampproject.org/v/s/www.lifehacker.com.au/2019/10/malware-alert-update-these-smartphones-asap/amp?amp_js_v=0.1

      A malware alert that is now being rated high severity has popped up. A bug has been found that allows a hacker to escalate local privilege if an app with the malware is downloaded. This attack is targeting Android phones only.

    • 2019-10-08 at 20:54 #61584
      NStockton09
      Participant

      https://www.cnn.com/2019/10/08/business/ransomware-attacks-trnd/index.html

      There is an ever increasing amount of ransomware attacks that are happening recently. Many government buildings, schools, and hospitals are getting hit more and more frequently. 140 important buildings alone have been hit in the past 10 months by ransomware.

    • 2019-10-03 at 18:45 #61501
      jpilgreen23
      Participant

      Facebook and Child Sex Abuse raising issues on encryption.
      https://www.nytimes.com/2019/10/02/technology/encryption-online-child-sex-abuse.html?rref=collection%2Ftimestopic%2FComputer%20Security%20(Cybersecurity)

    • 2019-10-01 at 10:59 #61432
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/91019-cybersecurity-breaches-to-increase-nearly-70-over-the-next-5-years

      The average growth of cyber breaches annually 11% and the cost of these breaches each year is $3 trillion and it rising each year. People do not know how much of this worlds economy relies on cyber security.

    • 2019-09-30 at 22:07 #61402
      depern
      Participant

      According to threatpost there was a new legislation that was focusing on helping government agencies and others combat ransomware attacks by the United States Senate .
      https://threatpost.com/senate-passes-bill-aimed-at-combating-ransomware-attacks/148779/

    • 2019-09-26 at 22:35 #61304
      plosiewicz
      Moderator

      Acting DNI: Cuber war biggest National threat

      https://thehill.com/policy/cybersecurity/463199-acting-dni-maguire-describes-cyber-war-as-greatest-threat-to-the-country

    • 2019-09-26 at 22:35 #61302
      plosiewicz
      Moderator

      Acting DNI: Cuber war biggest National threat

      https://thehill.com/policy/cybersecurity/463199-acting-dni-maguire-describes-cyber-war-as-greatest-threat-to-the-country

    • 2019-09-25 at 13:10 #61176
      jpilgreen23
      Participant

      With attacks increasing on Power Grids, Power Companies and Utilities, I think this is a definite article that should be included. The Guide is also included in the Article.
      https://www.securitymagazine.com/articles/90985-nist-releases-cybersecurity-guide-for-energy-sector-to-improve-operational-technology

      • This reply was modified 1 year, 6 months ago by jpilgreen23. Reason: Link Text wasn't added
    • 2019-09-25 at 11:17 #61171
      plosiewicz
      Moderator

      Thwe urgent search for a cyber silver bullet against Iran…

      https://trendingpress.com/the-urgent-search-for-a-cyber-silver-bullet-against-iran/

    • 2019-09-25 at 11:16 #61168
      plosiewicz
      Moderator

      Thwe urgent search for a cyber silver bullet against Iran…

      https://trendingpress.com/the-urgent-search-for-a-cyber-silver-bullet-against-iran/

    • 2019-09-24 at 11:09 #61130
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/90962-how-data-breaches-can-make-hectic-holiday-travel-a-nightmare

      The company Orbitz had a data breach last year in 2018 and had hundreds or thousands of customers data revealed. The data that was revealed was their credit card information and 880,000 different credit cards were revealed.

    • 2019-09-20 at 13:14 #61051
      jbehr27
      Participant

      2019 has been the worst year in history in terms of data breaches. Over 3,800 data breaches were reported in the first half of the year, exposing 4.1 billion records.

    • 2019-09-19 at 14:40 #60977
      NStockton09
      Participant

      11 IT service providers have been hit by advanced hackers that are attacking them in order to gain access to their customer’s network. Two of the eleven attacks were able to gain admin level access. It primarily effected IT services in Saudi Arabia. This attack ended up compromising 100’s of hosts. It is still unknown how the attack was done.

    • 2019-09-19 at 10:24 #60960
      depern
      Participant

      Do you own a smart TV? People have been finding evidence that Samsung, LG, and other smart TV’s have been sending over sensitive user data to tech firms including Facebook, and Google.
      https://threatpost.com/smart-tvs-leak-data/148482/

    • 2019-09-18 at 10:34 #60722
      depern
      Participant

      Entercom Communications a Philadelphia broadcasting company, was infected with a ransom attack which spread to digital systems, from emails, to billing, and demanded $500,000.

      https://cyware.com/news/attackers-infected-radio-giant-entercom-with-ransomware-and-demanded-ransom-payment-of-500000-7ef8eda6

    • 2019-09-16 at 14:05 #60751
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/90908-more-than-99-percent-of-cyberattacks-need-humans-to-click

      A report done by Proofpoint has researched email based cyber attacks and almost all of them can only be used by clicking on the email or the link inside the email. This report shows that if people know about this, there will be less cyber attacks through email.

    • 2019-09-12 at 08:35 #60650
      jpilgreen23
      Participant

      Article about what the NSA’s plan for the 2020 election and some content about the new cyber security directorate. Some content may be more than a week old.

      https://www.cbsnews.com/news/the-nsa-prepares-to-defend-2020-elections-drawing-lessons-from-2018-midterms/

      • This reply was modified 1 year, 7 months ago by jpilgreen23. Reason: Spelling error
    • 2019-09-10 at 10:06 #60602
      depern
      Participant

      Recently some cybersecurity researched have found a new computer virus that is associated with a cyber-espionage group which in turns exfiltrates stolen data to an attacker-controlled server.
      https://thehackernews.com/2019/09/stealthfalcon-virus-windows-bits.html

    • 2019-09-09 at 17:32 #60596
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/90875-google-youtube-will-pay-record-170-million-for-alleged-violations-of-childrens-privacy-law

      This lawsuit is making google and youtube pay $136 million to the FTC and $36 million to New York. The settlement claims that youtube is not meeting COPPA laws. They are not making sure that children are watching the appropriate videos for their age.

    • 2019-09-08 at 12:25 #60567
      jpilgreen23
      Participant

      MasterCard launched a Program that sends employees to Middle Schools to teach Girls on Cybersecurity and Fraud. I think it would be interesting for those who are more concerned with the growth and education in the cybersecurity field.

      https://www.cnbc.com/2019/09/07/mastercard-is-betting-on-middle-school-girls-to-detect-cyberthreats.html

    • 2019-09-05 at 23:54 #60543
      NStockton09
      Participant

      https://arstechnica.com/information-technology/2019/09/android-zeroday-gives-hackers-a-way-to-elevate-attacks/

      Mobile devices seem to be getting hit a lot more lately and this is just going to make matters worse for already infected Android users, and so far there’s not much Google is doing to try and fix it.

    • 2019-08-23 at 13:35 #60286
      rtmoran
      Moderator

      Daily times Ransomware

      In this article it talked about how the daily times in water town was attacked yet again by ransomware. This attack effected there email servers and any internet based telephones.

      https://cyware.com/news/watertown-daily-times-again-gets-hit-with-ryuk-ransomware-attack-36f62397

    • 2019-05-28 at 15:52 #59648
      mongi
      Participant

      New report finds defense contractors struggling with cybersecurity requirements

      Defense Department contractors are struggling to meet the standards for protecting sensitive DOD information on their networks, as most companies fail to use key controls like multifactor authentication and incident response tests, according to a new report from cybersecurity auditing firm Sera-Brynn. The report issued last week assessed how defense contractors are implementing a provision in the Defense Federal Acquisition Regulation requiring contractors to protect controlled unclassified information (CUI) on their networks using the 110 controls in the National Institute

      https://insidedefense.com/daily-news/new-report-finds-defense-contractors-struggling-cybersecurity-requirements

    • 2019-05-28 at 11:26 #59640
      Anonymous
      Inactive

      New report finds defense contractors struggling with cybersecurity requirements

      Defense Department contractors are struggling to meet the standards for protecting sensitive DOD information on their networks, as most companies fail to use key controls like multifactor authentication and incident response tests, according to a new report from cybersecurity auditing firm Sera-Brynn. The report issued last week assessed how defense contractors are implementing a provision in the Defense Federal Acquisition Regulation requiring contractors to protect controlled unclassified information (CUI) on their networks using the 110 controls in the National Institute

      https://insidedefense.com/daily-news/new-report-finds-defense-contractors-struggling-cybersecurity-requirements

    • 2019-05-28 at 09:56 #59586
      Borgeby
      Participant

      Here is an interesting article which describes how Satan ransomware and malware evolves to become more sophisticated and more tailored against their target in order to become more lucrative.
      Satan can spread on its own and when it compromises a system, the malware attempts to execute its list of exploits against each IP addresses on the local network which makes it harder to defend against.
      https://www.darkreading.com/vulnerabilities—threats/satan-ransomware-adds-more-evil-tricks/d/d-id/1334779

    • 2019-05-25 at 12:29 #59598
      zhonteck
      Participant

      Good insight raised by Ian (President, CREST) about Cyber Security in the Financial Sector. Even now in 2019, this still applies. Any related cybersecurity news related to Financial Sector, please share it here.
      https://youtu.be/3bVNo1Qo0Os

    • 2019-04-26 at 08:51 #59396
      rtmoran
      Moderator

      Microsoft discovers Huawei driver allowing back door access to laptops. Microsoft determined Huawei’s driver allowed for remote device management, as well as, access to the Windows 10 OS.

      https://www.zerohedge.com/news/2019-04-23/microsoft-discovers-huawei-driver-allowing-backdoor-hack-laptops

    • 2019-04-25 at 17:08 #59398
      rtmoran
      Moderator

      Unsecured databases discovered leaking 60 million user’s scraped LinkedIn data. Between the eight discovered unsecured databases more than 60 million records, containing what appeared to be LinkedIn user information, were uncovered. When questioned, LinkedIn claimed, that while they were aware of the leaked databases, they did not belong to LinkedIn.

      https://www.bleepingcomputer.com/news/security/unsecured-databases-leak-60-million-records-of-scraped-linkedin-data/

    • 2019-04-20 at 23:38 #59222
      mwisniewski
      Participant

      The Russian Government is making strides towards censoring what its citizens see online.
      https://www.nytimes.com/2019/04/11/world/europe/russia-internet-censorship.html?rref=collection%2Ftimestopic%2FComputer%20Security%20(Cybersecurity)&action=click&contentCollection=timestopics&region=stream&module=stream_unit&version=latest&contentPlacement=6&pgtype=collection

    • 2019-04-19 at 11:27 #59142
      rtmoran
      Moderator

      The NSA reverse engineering tool, Ghidra, which was released a month ago, source code has been officially released. Not only will this allow for review of the code for security consideration, but also further development in an open-sourced environment.

      https://www.securityweek.com/nsa-releases-reverse-engineering-tool%E2%80%99s-source-code

    • 2019-04-18 at 12:05 #59214
      zijad94
      Participant

      (ISC)² Adds Four New Courses to its Professional Development Institute

      https://www.securitymagazine.com/articles/90134-isc-adds-four-new-courses-to-its-professional-development-institute

    • 2019-04-18 at 12:04 #59212
      zijad94
      Participant

      Government Best, Healthcare Worst in Protecting Consumer Data

      https://www.securitymagazine.com/articles/90122-online-trust-study-government-best-healthcare-worst-in-protecting-consumer-data

    • 2019-04-18 at 12:02 #59210
      zijad94
      Participant

      The Importance of Securing Sensitive Data in a 5G World

      https://www.securitymagazine.com/articles/90093-the-importance-of-securing-sensitive-data-in-a-5g-world

    • 2019-04-12 at 17:22 #59143
      rtmoran
      Moderator

      By utilizing a HTML5 feature, ping, which notifies a list of URIs in the event that a link is followed, Chinese tech company, Tencent, has weaponized the mobile users of its QQBrowser to unwittingly participate in focused DDOS attacks.

      https://www.imperva.com/blog/the-ping-is-the-thing-popular-html5-feature-used-to-trick-chinese-mobile-users-into-joining-latest-ddos-attack/

    • 2019-04-11 at 17:17 #59137
      depern
      Participant

      Recently there has been a various amounts of known security flaws found in WPA3 Protocol which lets hackers gain control of WiFi password.

      https://thehackernews.com/2019/04/wpa3-hack-wifi-password.html

    • 2019-04-10 at 13:31 #59120
      rileysperati
      Participant

      https://www.scmagazine.com/home/security-news/data-breach/yahoo-offers-117-million-to-settle-2016-data-breach-suit/

      In 2016 yahoo had data breach that affected its users. Now yahoo has more than doubled its proposed data breach settlement payout to $117.5 million after having a smaller amount rejected by a California judge in January.

    • 2019-04-10 at 13:09 #59118
      DukeNukemBOS
      Participant

      https://cyware.com/news/limerat-leverages-unique-infection-technique-to-defeat-traditional-security-mechanisms-8537375e

      This article talks about how a Remote Administration tool called LimeRAT is being used by cyber criminals by using a unique infection technique to spread the malicious sample without being detected by anti-virus software.

    • 2019-04-07 at 13:44 #59086
      AliciaGeorge
      Participant

      Mobile devices have been on the rise and we have not been to keep up with the security of mobile devices as rapidly as they are growing. Over half of the RSA attendees are committing to their spending on their mobile device security.

    • 2019-04-04 at 16:18 #59078
      depern
      Participant

      Recently a stalking malware was found on over 58,000 users. Tracking much of their activities throughout their life.

      https://cyware.com/news/stalkware-applications-found-installed-on-large-numbers-of-phones-7e7af0c1

    • 2019-04-02 at 13:24 #59068
      DukeNukemBOS
      Participant

      https://cyware.com/news/security-experts-fool-a-tesla-car-into-driving-on-wrong-lanes-d577f37c

      This article talks about how security experts were able to fool a tesla into driving on the wrong lanes by creating fake lanes laid out with the use of lane stickers. The tesla could not distinguish the fake lane created by the researchers.

    • 2019-04-01 at 14:54 #59021
      mwisniewski
      Participant

      https://www.bbc.com/news/technology-47653656

      Developers working on Facebook stored over 600 million user passwords in plain-text exposing them internally.

    • 2019-03-29 at 15:58 #59019
      depern
      Participant

      The Attorney General for Washington D.C. Karl A. Racine has introduced the Security Breach Protection Amendment Act of 2019. This Act would strengthen protections for residents’ personal information, and also modernize the District’s data breach law.

      https://www.securitymagazine.com/articles/90053-dc-attorney-general-introduces-legislation-to-protect-district-residents-personal-data

    • 2019-03-28 at 18:22 #59002
      depern
      Participant

      In Saudi Arabia there has been a cyber-esponiage group that has been targeting critical infrastructures, including military and energy sectors.

      https://thehackernews.com/2019/03/apt33-cyber-espionage-hacking.html

    • 2019-03-27 at 13:02 #58983
      DukeNukemBOS
      Participant

      https://cyware.com/news/nvidia-patches-critical-vulnerability-that-could-allow-attackers-to-perform-dos-attacks-f6cfc036

      This article talks about how NVIDIA patched a critical security vulnerability in their Geforce Experience app that could allow attackers to escalate privileges, conduct code execution, and perform DOS attacks.

    • 2019-03-23 at 12:50 #58952
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/90034-fema-improperly-shared-personal-information-of-natural-disaster-victims

      FEMA who works with the people that are affected by natural disasters were working with a new contractor that helps with the victims of the tragedy and give them homes. Over 2.3 million people had their information leaked, which included the last four digits of their SSN and other personal information.

    • 2019-03-23 at 12:45 #58951
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/89963-more-than-half-of-rsa-attendees-to-increase-mobile-cybersecurity-investment

      Mobile devices have been on the rise and we have not been to keep up with the security of mobile devices as rapidly as they are growing. Over half of the RSA attendees are committing to their spending on their mobile device security.

    • 2019-03-21 at 14:52 #58371
      depern
      Participant

      Ghidra, the NSA’s recently released reverse engineering tool was already found to be plagued with a security vulnerability.
      https://cyware.com/news/nsas-ghidra-already-found-to-be-plagued-by-a-security-vulnerability-3f1d59fa

    • 2019-03-21 at 14:39 #58362
      mwisniewski
      Participant

      Beware of those late night “distraction from studying” quizzes on Facebook (“What does your favorite beer say about your personality?”). Facebook is now suing over these “data-grabbing” quizzes since the “required” browser add-ons are responsible for pulling private user data.

      https://www.bbc.com/news/technology-47524468

    • 2019-03-21 at 12:29 #58367
      mwisniewski
      Participant

      European cybersecurity firm FireEye announced today that Russian state sponsored hacking groups are targeting European government systems prior to their parliamentary elections.

      https://www.cnbc.com/2019/03/21/russian-hackers-target-european-governments-ahead-of-election-fireeye.html

    • 2019-03-20 at 13:10 #58357
      DukeNukemBOS
      Participant

      https://cyware.com/news/goldmouse-aka-apt-c-27-targets-the-middle-east-by-leveraging-winrars-dated-security-bug-c8caf779

      This article talks about how after WinRAR patched a major security bug, cyber criminals have resorted to exploiting the bug in unpatched systems for malicious gains. The Goldmouse threat group is targeting the middle east region and were observed deploying the nebulous njRAT backdoor

    • 2019-03-19 at 11:19 #58351
      zijad94
      Participant

      https://www.securitymagazine.com/articles/89958-no-more-passwords-webauthn-becomes-an-official-web-standard

      The World Wide Web Consortium (W3C) just approved the Web Authentication API, also known as WebAuthn, which is a new way to log into websites without passwords.

      • 2019-03-21 at 12:23 #58364
        mwisniewski
        Participant

        https://venturebeat.com/2019/03/04/w3c-approves-webauthn-as-the-web-standard-for-password-free-logins/

    • 2019-03-19 at 11:17 #58349
      zijad94
      Participant

      https://www.securitymagazine.com/articles/89963-more-than-half-of-rsa-attendees-to-increase-mobile-cybersecurity-investment

      A majority of attendees at RSA this week plan to spend more on mobile security in the coming year.
      Seventy-six percent of respondents to a Lookout survey access corporate data from personal mobile devices and/or public WiFi networks.

    • 2019-03-08 at 16:30 #58221
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/89943-experian-study-finds-more-than-a-third-of-companies-are-unprepared-to-respond-to-a-data-breach

      According to a recent study by Experian, they concluded that over a third of businesses and companies are not prepared and don’t know what to do when a breach in their security has accorded. Since that the threat of security is getting higher more professionals in cybersecurity are needed and businesses need to see that.

    • 2019-03-08 at 16:25 #58219
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/89958-no-more-passwords-webauthn-becomes-an-official-web-standard

      There now is a new way to sign into websites without passwords. People might think that is is a security nightmare but according to the CEO W3C it is more secure and that this will move vulnerable passwords in the past.

    • 2019-03-06 at 12:37 #58188
      DukeNukemBOS
      Participant

      https://www.cnbc.com/2019/03/06/cybersecurity-expert-shortage-may-cost-companies-hundreds-of-millions.html

      This article talks about how there is a shortage of cybersecurity experts that could lead to a company losing hundreds of millions of dollars. There are 2.93 million cybersecurity positions open and unfilled around the world according to a non profit IT security organization ISC

    • 2019-03-05 at 11:20 #57857
      mwisniewski
      Participant

      Chinese enterprise Huawei is starting to turn heads as a future big payer in the telecom world while being known for collecting users data. Uh oh!

      https://www.bbc.com/news/technology-47305420

    • 2019-03-05 at 09:38 #58013
      JCowell936
      Participant

      I would like to suggest the recent article in Forbes which is targeted at CEO regarding Cybersecurity strategy. It has a couple of interesting points and draws parallels to the cloud business to basically recommend CEOs seriously consider outsourcing their Cybersecurity efforts.

      https://www.forbes.com/sites/bobzukis/2019/03/05/a-ceo-cheat-sheet-for-the-cybersecurity-big-one/#46211c406a2a

      • This reply was modified 2 years, 1 month ago by CSIACAdmin. Reason: Removed LinkedIn profile link
      • This reply was modified 2 years, 1 month ago by JCowell936.
      • 2019-03-05 at 09:43 #58016
        CSIACAdmin
        Keymaster

        Could you please share a link to the article?

    • 2019-03-02 at 13:20 #57966
      mwisniewski
      Participant

      A vulnerability was discovered in 8 airline e-ticket applications that allows malicious hackers access to the customers PII as well as flight details. This also allows them to change flight details and print the boarding passes.

      https://www.technewsworld.com/story/85836.html

    • 2019-02-28 at 16:24 #57925
      rtmoran
      Moderator

      A new security vulnerability affecting the Thunderbolt data specification, Thunderclap, has been exposed leaving USB-C and DisplayPort hardware vulnerable to attack. The vulnerability can leave affected machines exposed to data theft, file tracking, and malicious code execution.

      https://www.theverge.com/2019/2/27/18243503/thunderclap-vulnerability-thunderbolt-computers-attack

      • This reply was modified 2 years, 1 month ago by rtmoran.
    • 2019-02-27 at 13:21 #57905
      DukeNukemBOS
      Participant

      This article talks about how the Specialist insurer Beazely collaborated with Marsh, a leader in insurance broking and innovative risk management solutions, to provide cyber insurance cover and breach response US manufacturers. The cyber insurance offers coverage to address cyber and operational risks faced by manufacturers
      https://www.securitymagazine.com/articles/89918-beazley-marsh-launch-cyber-insurance-for-manufacturers

    • 2019-02-21 at 20:28 #57840
      hbolic23
      Participant

      https://www.securitymagazine.com/articles/89834-how-americans-leave-their-personal-info-open-to-thieves

      Identity Theft will get easier by the days if people keep using the same passwords for different accounts. Individuals usually throw their mail out unripped. Well, identity theft can go as far as someone finding mail with someones Name, Address and other personal info right there on the front of the envelope. Cyberattacks can hit your phone by simply connecting to “Free Wi-Fi” at a nearby cafe. Cyberattacks are floating around is sniffing out it’s next victim and nobody even notices.

    • 2019-02-21 at 19:57 #57837
      hbolic23
      Participant

      https://www.securitymagazine.com/articles/89845-a-new-cybersecurity-incident-strikes-k-12-schools-nearly-every-three-days

      Elementary schools are using more and more technology on the daily to make school more enjoyable for students. Though, Cyberhackers are taking action against district schools now, (reportedly K-12) and doing actions such as stealing tax dollars and altering school records. As time flies by, the term “Cyber-Secure” loses it’s meaning.

    • 2019-02-21 at 12:09 #57823
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/89883-why-corporations-need-to-give-employees-personal-vpns

      The reason why companies should give their employees personal VPNs is that you never know what websites your employees are going to access. If employees are using illegal activity on their computers on the corporate network, the corporation could be at risk.

      • 2019-03-02 at 13:03 #57964
        dmass79
        Participant

        I agree,
        corporate should soften their restriction sometimes. it is true that we tend to use the whitelisting techniques by keeping off all softwares that we do not trust. but it is also part of security to constantly analyze the surface threat that can be use by hacker to access the organization network via the remote employee. the sophistication of the techniques use to trick the user could lead them to install a malware while surfing web during their me time. incorporating tools like personal vpn,and personal sandbox tool could play an important role in the cybersecurity plan to mitigate risk coming from remote users.

      • 2019-02-21 at 20:26 #57838
        hbolic23
        Participant

        I agree

    • 2019-02-21 at 12:05 #57821
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/89873-contractorsfreelancers-cause-most-workforce-related-security-incidents

      Contractors and freelancers are the number one cause security incidents at a business and on average there are 3 workforce incidents that can affect the security of those businesses. The people who work at the company are the most vulnerable to error and these employees should be made to take security classes to be more self-aware and have better security in the business.

    • 2019-02-19 at 15:29 #57783
      DukeNukemBOS
      Participant

      This article talks about how Russian Hackers are eight times faster at compromising a system than other nation-state hackers. The article also talks about how they move faster laterally and accomplishing their primary objective faster than their closet competitors, the North Koreans.

      https://www.scmagazine.com/home/network-security/russian-cyberattackers-are-in-and-gone-in-less-than-20-minutes/

    • 2019-02-15 at 15:38 #57750
      rileysperati
      Participant

      https://www.securitymagazine.com/articles/89858-isc2-announces-new-professional-development-institute-to-train-cyber-professionals

      There is a shortage of cybersecurity professionals which is a major concern for the security of Americans. Without cybersecurity professionals peoples private information and other things people don’t want leaked out to be accessed by others.

    • 2019-02-14 at 22:01 #57736
      mwisniewski
      Participant

      After 143 million Americans had their data stolen from the credit rater Equifax, they still don’t know where the data has gone.

      https://www.cnbc.com/2019/02/13/equifax-mystery-where-is-the-data.html

    • 2019-02-13 at 22:19 #57715
      rtmoran
      Moderator

      Russia is considering a nationwide global internet disconnect, expected before April 1. Designed to gather data for the Digital Economy National Program, all internet traffic within the country will be routed only within its own borders, blocking external access, to test the integrity of an antonymous DNS in the event the country undergoes a cyber attack.

      https://www.bbc.com/news/technology-47198426

    • 2019-02-11 at 17:58 #57659
      DukeNukemBOS
      Participant

      This article talks about how E-Ticketing systems of well known airlines have a well known vulnerability that can expose passengers personally identifiable information
      https://www.technewsworld.com/story/85836.html

    • 2019-02-11 at 16:04 #57634
      rtmoran
      Moderator

      Downgrade attack affecting all versions of TLS (including version 1.3 and QUIC) exposed which leverages a side-channel leak via cache timings in order to break the RSA key exchanges of TLS. Inventor of RSA encryption recommending that RSA be deprecated in TLS.

      https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2019/february/downgrade-attack-on-tls-1.3-and-vulnerabilities-in-major-tls-libraries/?Year=2019&Month=2

    • 2019-02-07 at 20:22 #57610
      mwisniewski
      Participant

      Two links this week. An Arizona teenager discovered a serious FaceTime bug on the iPhone that allowed users to eavesdrop on another users phone using FaceTime, without the other person answering the call.

      https://www.nytimes.com/2019/02/01/technology/facetime-bug-fixed.html?rref=collection%2Ftimestopic%2FComputer%20Security%20(Cybersecurity)&action=click&contentCollection=timestopics&region=stream&module=stream_unit&version=latest&contentPlacement=2&pgtype=collection

      https://www.nytimes.com/2019/01/29/technology/facetime-glitch-apple.html?rref=collection%2Ftimestopic%2FComputer%20Security%20(Cybersecurity)&action=click&contentCollection=timestopics&region=stream&module=stream_unit&version=latest&contentPlacement=4&pgtype=collection

      • This reply was modified 2 years, 2 months ago by mwisniewski.
    • 2019-02-05 at 12:02 #57540
      DukeNukemBOS
      Participant

      This article talks about how according to a annual report by the Identify Theft Resource Center, data breaches in 2018 decreased from last year’s all time high of 1,632 by 23% but the records exposing sensitive personal consumer information jumped 126% to 446,515,334.
      https://www.securitymagazine.com/articles/89822-million-personal-records-were-stolen-in-2018

    • 2019-01-31 at 17:59 #57404
      rtmoran
      Moderator

      The 24 million credit and mortgage documents stolen in the recent Elasticsearch data breach were found residing in an Amazon S3 bucket. Investigators found the S3 box containing 21 files with 23,000 pages of PDF documents, all open to the public. Included were the original bank documents on which the Elasticsearch data was based.

      https://www.scmagazine.com/home/security-news/data-breach/double-exposure-24-million-loan-records-also-exposed-on-open-amazon-s3-bucket/

    • 2018-12-28 at 07:37 #57155
      lennonjohn000
      Participant

      This article tells you, how to avoid data breaches like Marriott International with better security.

      https://blog.loginradius.com/2018/12/put-customer-data-security-first-avoid-breaches-like-marriotts/

    • 2018-12-16 at 23:28 #52252
      kevinc810
      Participant

      This article explains why emails are still at risk to modern day hacking. This article explains the complexity of email hacking and also the steps to take in order to prevent it.
      http://www.digitaljournal.com/tech-and-science/technology/q-a-why-are-we-still-at-risk-from-email-hacking/article/538770

    • 2018-12-16 at 23:25 #52250
      kevinc810
      Participant

      This article is about how a hacker group hacked a company by taking advantage of an employee using there computer at a coffee shop.
      https://www.zdnet.com/article/how-one-hacked-laptop-led-to-an-entire-network-being-compromised/

    • 2018-12-16 at 23:13 #52248
      kevinc810
      Participant

      This article is about the hotel Marriott and how there recent cyber related breaches exposed massive global cyber security flaws.
      https://www.bloomberg.com/news/articles/2018-12-14/marriott-cyber-breach-shows-industry-s-hospitality-to-hackers

    • 2018-12-16 at 22:06 #52246
      kevinc810
      Participant

      This article talks about how big name companies will work with ethical hackers to find flaws in there systems. The article goes into detail revolving how these ethical hackers are making revenue.
      https://www.cnbc.com/2018/12/12/freelance-hackers-get-paid-to-test-the-defenses-of-firms-like-tesla.html

    • 2018-12-16 at 20:26 #52241
      kevinc810
      Participant

      With technology on the move students are eager to get there hands on the newest technology. Understanding the basics of authentication and the fundamentals of cyber security can be crucial component to keeping them safe.
      https://www.bgfalconmedia.com/campus/cyber-security-experts-explain-how-students-can-protect-themselves-online/article_c301157e-f8ec-11e8-b021-b3ddb4bd7d3c.html

    • 2018-12-14 at 19:47 #52237
      kevinc810
      Participant

      Washing state researches have discovered a vulnerability in high end processors that can target the chips communication systems and create process malfunctions. White hat hackers created a series of experiments in order to test the seriousness of the vulnerabilities.
      https://www.sciencedaily.com/releases/2018/12/181213155617.htm

    • 2018-12-14 at 19:30 #52235
      kevinc810
      Participant

      Bitcoin scammers and hackers have been taking over the United States with a series of ransomware attacks. Across the United States schools and public buildings have been forced to evacuate buildings upon receiving a threat that there is a bomb that will explode unless the facility pays a bitcoin ransomware fee.
      https://www.theverge.com/2018/12/13/18139724/bitcoin-bomb-threat-scam-email-us-police-department-investigation-evacuations

    • 2018-12-14 at 19:26 #52234
      kevinc810
      Participant

      Iranian Hacker Group “Charming Kittens” is said to have attempted a hit on Americans working on nuclear projects. Experts have found several interesting links to attacks over the past weeks.
      https://www.cbsnews.com/news/iran-hacking-charming-kitten-targets-us-nuclear-officials-cybersecurity-certfa-2018-12-13/

    • 2018-12-14 at 19:20 #52233
      kevinc810
      Participant

      It is without a doubt that having a cyber security specialist at the work environment is beneficial. Understand what needs to be done in order to make your employees into cyber security specialist themselves.
      https://www.entrepreneur.com/article/323375

    • 2018-12-06 at 22:28 #52167
      ahmedalazzawi
      Participant

      https://nakedsecurity.sophos.com/2018/11/30/57m-americans-details-leaked-online-by-another-misconfigured-server/

      A Misconfigured Elasticsearch server leaked around 57 Million US citizen details. personal details such as name,job,address and email.

    • 2018-12-06 at 22:22 #52164
      ahmedalazzawi
      Participant

      https://nakedsecurity.sophos.com/2018/11/30/huge-marriott-breach-puts-500-million-victims-at-risk/

      Marriott Starwood brands properties database got hacked at 2014. All clients who made reservation before October 2018 are at risk. personal info and bank info might be compromised according to the Marriott.

    • 2018-12-06 at 22:16 #52161
      ahmedalazzawi
      Participant

      https://nakedsecurity.sophos.com/2018/12/04/iceman-hacker-charged-with-running-drone-smuggling-ring-from-jail/

      Max Ray also known as iceman, uses a drone from prison to hack peoples credit and debit cards.

    • 2018-12-05 at 15:41 #52136
      CSIACAdmin
      Keymaster

      https://www.nextgov.com/it-modernization/2018/11/fbis-counterterrorism-investigations-now-run-amazon/153133/

      FBI’s Counterterrorism Investigations Now Run on Amazon

    • 2018-12-03 at 11:40 #52027
      Ticia
      Participant

      https://www.bleepingcomputer.com/news/security/moscows-new-cable-car-system-infected-with-ransomware-the-day-after-it-opens/

      This article is about how a newly introduced car service in Moscow got hacked and infected with ransomware. The public was promised free rides so when it got attacked only a couple days into its existence, obviously an outrage followed because it had to be shut down.

    • 2018-11-28 at 20:23 #52003
      mhapple25
      Participant

      StatCounter hacked, trying to steal bitcoins from many users. Covered their tracking script with Java coding.

      https://blog.avast.com/security-news-hackers-target-bitcoins-uscybercom-shares-malware

    • 2018-11-28 at 20:13 #52001
      mhapple25
      Participant

      Magecart plans to steal more credit card information.

      https://blog.avast.com/facebook-hacked-again-nordstrom-employee-data-breached

    • 2018-11-28 at 20:00 #51999
      mhapple25
      Participant

      Uber hacked, releasing information from millions of profiles. Pays hacker a hundred thousand dollars to delete the stolen information.

      https://blog.avast.com/uk-and-amsterdam-fine-uber-for-hack

    • 2018-11-28 at 19:29 #51996
      mhapple25
      Participant

      https://blog.avast.com/russian-hackers-at-work-3rd-gmail-glitch-magento-sites-at-risk-avast

      Russian hackers hack government businesses using word documents containing malware and sending those through email.

      • This reply was modified 2 years, 4 months ago by mhapple25.
    • 2018-11-25 at 17:34 #51902
      mciola10
      Participant

      https://www.bleepingcomputer.com/news/security/rotexy-mobile-trojan-launches-70k-attacks-in-three-months/

      This article is about a versatile spyware that transformed into a keeping money trojan with ransomware abilities figured out how to dispatch more than 70,000 assaults throughout only three months. The malware is very forceful on the off chance that it doesn’t keep running with lifted authorizations and utilizations an extremely irritating strategy to decide the client to give it the administrator status.

    • 2018-11-20 at 11:26 #51843
      mhapple25
      Participant

      https://thehackernews.com/2018/08/apple-hack-servers.html

      16 year old teen hacks Apple and takes secure files!

    • 2018-11-19 at 23:51 #51848
      mciola10
      Participant

      https://www.bleepingcomputer.com/news/security/attackers-use-zero-day-that-can-restart-cisco-security-appliances/

      This article is about how obscure aggressors have abused a weakness in programming running on security equipment items from Cisco. Admins could use this pattern to identify the bad packets and prevent crashing of the security appliance.

    • 2018-11-19 at 23:43 #51846
      mciola10
      Participant

      https://www.bleepingcomputer.com/news/security/adobe-releases-security-update-for-acrobat-vulnerability-with-public-poc/

      This article is about how security refreshes accessible for Adobe Photoshop CC. Adobe has discharged security refreshes for Adobe Photoshop CC variants 19.1.6 and prior. The data divulgence powerlessness in Adobe Flash Player for Windows, macOS, Linux and Chrome OS. It isn’t known whether this weakness was effectively being utilized or what data is revealed.

    • 2018-11-19 at 23:35 #51845
      mciola10
      Participant

      https://www.bleepingcomputer.com/news/security/infowars-store-affected-by-magecart-credit-card-stealing-hack/

      This article is about how a Magecart Visa skimming assault has been found on the online store for the Infowars site. America is under assault by globalist powers and anybody going to bat for our republic will be assaulted hardheartedly by the corporate press, Antifa and maverick knowledge agents.

    • 2018-11-19 at 11:49 #51833
      AlliedChemical22
      Participant

      Always have a breach plan in store.
      https://www.securitymagazine.com/articles/89607-is-your-data-breach-response-plan-ready

    • 2018-11-15 at 21:42 #51810
      Gecky
      Participant

      https://www.cnbc.com/2018/11/15/japans-minister-of-cybersecurity-admits-hes-never-used-a-computer.html

      This article reveals how the prime minister of cybersecurity for Japan, admitted to never using a computer.

    • 2018-11-15 at 16:56 #51805
      depern
      Participant

      Tesco bank was fined 16.4m Euros by the city, over an incident that took place in 2016, where a cyber attack affected thousands of customers.

      https://www.independent.co.uk/news/business/news/tesco-bank-cyber-attack-fines-fca-a8562756.html

    • 2018-11-15 at 11:35 #51793
      mwisniewski
      Participant

      Hackers infected the StatCounter application with malware which allowed them to steal bitcoin revenue transferred over a specific file path.

      https://www.technewsworld.com/story/85668.html

    • 2018-11-13 at 14:04 #51769
      dhoffman
      Participant

      https://thehackernews.com/2018/11/dji-drone-hack_8.htmlthe flight records, location, and both the live video feed and photos taken by your drone could have been accessed through vulnerabilities in the DJI Drone web app. DJI finally fixed the three vulnerabilities which allowed this to happen, but it took them almost six months to do so.

    • 2018-11-13 at 08:37 #51716
      AlliedChemical22
      Participant

      FAA contractor cuts telecommunications cables and douses them in gasoline, sets fire to cables, causes $350 million in damages.

      https://www.securitymagazine.com/articles/89573-how-to-set-fire-to-all-your-servers

    • 2018-11-09 at 09:50 #51608
      depern
      Participant

      The BBC Russian Service was told by anonymous individuals, that they have details of over 120million facebook accounts in which they would sell, including private messages of over 80,000 accounts.

      https://www.bbc.com/news/technology-46065796

    • 2018-11-08 at 18:21 #51610
      mwisniewski
      Participant

      Stuxnet was a computer worm that infected Iran’s infrastructure back in 2010 specifically targeting and damaging their nuclear program. Towards the end of October, Iran’s head of civil defense told press about this new generation of the Stuxnet worm attempting to enter their systems.

      https://www.infosecurity-magazine.com/news/stuxnet-returns-striking-iran-with/

    • 2018-11-08 at 16:01 #51600
      Gecky
      Participant

      https://www.nytimes.com/2018/11/07/business/the-mad-dash-to-find-a-cybersecurity-force.html

    • 2018-11-08 at 16:01 #51601
      Gecky
      Participant

      https://www.nytimes.com/2018/11/07/business/the-mad-dash-to-find-a-cybersecurity-force.html

      This article is about the desperate race to find cybersecurity analysts

    • 2018-11-08 at 10:44 #51593
      chazybear
      Participant

      https://www.securityweek.com/google-removes-vulnerable-library-android

      google releases security patches for its android platform which addresses security vulnerabilities within the operating system. several vulnerabilities are addressed but the most severe vulnerability could enable an attacker to create a file to execute arbitrary code within the context of a privileged process.

    • 2018-11-08 at 10:35 #51591
      chazybear
      Participant

      https://www.securityweek.com/evernote-flaw-allows-hackers-steal-files-execute-commands

      a security breach has been identified in the evernote app when a user adds a picture to a note and later renames it , java script can be added instead creating a potential risk when the picture is later shared with another user. for the attack to work the attacker needs to convince the user to open a evernote note in presentation mode .

    • 2018-11-06 at 15:07 #51540
      dhoffman
      Participant

      https://thehackernews.com/2018/11/self-encrypting-ssd-hacking.html
      Some of the self-encrypting SSD will allow attackers to decrypt disk encryption and recover protected data without needing to know the password for the disk.

    • 2018-11-06 at 13:59 #51538
      AlliedChemical22
      Participant

      Voting machines will be closely monitored in mid-term election for potential cyber security threats.

      https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2018/11/06/the-cybersecurity-202-today-s-the-big-test-for-election-security-here-are-five-things-we-re-watching/5be085cb1b326b39290545f3/?noredirect=on&utm_term=.5f1e29559cbe

    • 2018-11-05 at 21:01 #51529
      dhoffman
      Participant

      https://thehackernews.com/2018/10/windows10-uwp-apps.html
      Windows 10 patched a bug which allowed certain apps access to multiple files by default. This would mean that someone would not have to grant that app permission before the app got access to those files.

    • 2018-11-05 at 17:48 #51528
      DukeNukemBOS
      Participant

      https://thehackernews.com/2018/11/portsmash-intel-vulnerability.html

      This article talks about how security researchers found a vulnerability in the intel cpu that steals encrypted data.

    • 2018-11-01 at 18:39 #51476
      mwisniewski
      Participant

      https://cyware.com/news/new-commonransom-ransomware-demands-rdp-access-to-infected-systems-as-ransom-60cc0bfd

      CommonRansom is a new ransomware that demands not only RDP access to the user computer, but IP and admin credentials as payment, on top of the already required bitcoin payment.

    • 2018-11-01 at 15:09 #51472
      Ticia
      Participant

      This article is about how an “aggressive” and “sophisticated” malware attacked the networks that are in Iran. It is more violent than any other virus they came in contact with and they are currently trying to “adapt” to it to figure out an efficient and effective way to fight it off.

      https://www.bleepingcomputer.com/news/security/new-stuxnet-variant-allegedly-struck-iran/

    • 2018-11-01 at 14:53 #51470
      Ticia
      Participant

      This article is about how CVE-2018-14665 (A FLAW) makes getting to the “root” level accessible when using the x.org server. Also, this is not something new, it has been present for two years.

      https://www.bleepingcomputer.com/news/security/trivial-bug-in-xorg-gives-root-permission-on-linux-and-bsd-systems/

    • 2018-11-01 at 14:40 #51466
      Ticia
      Participant

      This article is about how widely known and used brands are being targeted in “phishing attacks.” This was proved by Vade Secure, an email security provider. Brands like Microsoft, Paypal, Netflix, etc.

      https://www.bleepingcomputer.com/news/security/phishing-report-shows-microsoft-paypal-and-netflix-as-top-targets/

    • 2018-11-01 at 12:31 #51444
      depern
      Participant

      https://cyware.com/news/dark-web-hackers-selling-80-million-us-voters-data-stolen-from-20-different-states-cb2d32a8/

      Found on the dark web was over 80 million united states voters data that have been marked for sale!

    • 2018-10-31 at 18:48 #51403
      chazybear
      Participant

      https://www.securityweek.com/logical-bug-microsoft-words-online-video-allows-code-execution

      Microsoft has announced Microsoft Office has been infected with a logical bug that allows the attacker to access the online video feature in word to execute malicious code .Impacting users of office 2016 or older .

    • 2018-10-30 at 16:25 #51373
      martialasura
      Participant

      There is a malicious DDOS service for hire, Ox-booter is the DDoS-for-hire. The service is hired by powered by the Bushido IoT botnet. Ox-booter has around 500Gbps of bandwidth and 20,000 bots.

      https://cyware.com/news/bushido-botnet-powered-0x-booter-has-launched-more-than-300-ddos-attacks-in-two-weeks-36a1c071

    • 2018-10-30 at 16:12 #51371
      martialasura
      Participant

      Microsoft silently updated windows 10 to fix a bug with Universal Windows Platform (UMP). The bug gave access to other files through broadFileSystemAccess (Broad Filesystem Access).

      https://thehackernews.com/2018/10/windows10-uwp-apps.html

    • 2018-10-30 at 13:22 #51365
      martialasura
      Participant

      Cybersecurity researchers have discovered an unpatched logical flaw in Microsoft word. The logical flaw involves Microsoft Words ‘online video’ option in word documents.

      https://thehackernews.com/2018/10/microsoft-office-online-video.html

    • 2018-10-30 at 13:14 #51363
      martialasura
      Participant

      The Federal Energy Regulatory Commission (FERC) issued three final rules. Cyber Security – Supply Chain Risk Management, Cyber Security – Electronic Security Perimeter(s), Cyber Security – Configuration Change Management and Vulnerability Assessments. These three rules will be implemented within the next 18 months

      https://www.securitymagazine.com/articles/89524-ferc-approves-3-new-supply-chain-cybersecurity-standards

    • 2018-10-30 at 10:40 #51344
      martialasura
      Participant

      The FBI warns the public about possible scams/fraud with the after fact of the super typhoon yutu. They warn to check emails, don’t click on spam emails etc.

      https://www.fbi.gov/contact-us/field-offices/honolulu/news/press-releases/fbi-warns-public-of-scams-and-fraud-in-wake-of-super-typhoon-yutu

    • 2018-10-30 at 10:01 #51342
      martialasura
      Participant

      The Pakistan bank was attacked by a group of hackers that stole approximately 6 million dollars. The bank identified the breach when the internal security system identified “abnormal transactions” coming from pakistan debit cards coming from outside the country’s boarders.

      https://cyware.com/news/hackers-hit-pakistan-bank-and-reportedly-stole-around-6-million-30ca052e

    • 2018-10-30 at 09:55 #51340
      martialasura
      Participant

      In 2017 the Ransomware Sage started making its name known. Sage was made with a intuitive user interface that was used to request payment. The interface made it easier for the infected person to find out how to solve their problem. Sage also made it so that the amount required to unlock your data is cheaper than the locky Ransomware. The required amount is around $499 USD.

      https://cofense.com/sage-ransomware-distinguishes-engaging-user-interface-easy-payment-process/

    • 2018-10-30 at 09:46 #51336
      martialasura
      Participant

      The ransomwear Locky was one of the most successful ransomwear to emerge so far. Locky came out in early 2016 and lasted till around 2017. Locky was run by a threat group known as Dungeon Spider
      https://cyware.com/news/locky-ransomware-being-operated-by-the-dungeon-spider-threat-group-0397c419

    • 2018-10-29 at 11:30 #51323
      AlliedChemical22
      Participant

      Distrust increases with consumers,companies sell consumer data.

      https://www.securitymagazine.com/articles/89516-us-citizens-are-regularly-exposing-themselves-to-cyber-threats-despite-concerns

    • 2018-10-28 at 21:55 #51294
      ahmedalazzawi
      Participant

      https://nakedsecurity.sophos.com/2018/10/19/serious-d-link-router-security-flaws-may-never-be-patched/
      this article is talking about a researcher who found flaws in D-link routers. he contacted D-link and they replied saying that some flaws will be taken care of while others are end of life and will not receive updates anymore. he asked them to publish those routers names or he will. eventually he did and nothing was heard from D-link yet.

    • 2018-10-28 at 21:29 #51291
      ahmedalazzawi
      Participant

      https://nakedsecurity.sophos.com/2018/10/23/phishing-is-still-the-most-commonly-used-attack-on-organizations-survey-says/
      this article is talking about how big companies are being attacked from outside and inside. from outside it is obvious from hackers, while from inside it is usually employees. they are either “getting duped” according to the article or they are “careless”.

    • 2018-10-26 at 16:59 #51241
      mwisniewski
      Participant

      https://www.wired.com/story/i-bought-used-voting-machines-on-ebay/

      Brian Varner is a former NSA tactical analyst who now works for a security ops team as the head researcher. In this project he bought previously used voting machines off of eBay to asses their vulnerabilities. This one is definitely worth the read.

    • 2018-10-25 at 15:27 #51232
      depern
      Participant

      https://www.bbc.com/news/business-45974020
      This article talks about how there has been in a breach in the Cathay Pacific data. Hitting 9.4 million passengers, and with those people there has been a data leak of passport numbers, expired credit card details, and email addresses.

    • 2018-10-25 at 08:33 #51215
      Gecky
      Participant

      https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2018/10/25/the-cybersecurity-202-mcafee-s-decision-to-research-election-disinformation-highlights-industry-shift/5bd0a5ac1b326b559037d2d5/?noredirect=on&utm_term=.01dc872474f7

      This article is about McAfee’s research article about election misinformation

    • 2018-10-24 at 13:23 #51198
      plosiewicz
      Moderator

      HATMAN and Critical Infrastructure

      New information from FireEye on the HATMAN Safety Instrumented System attack. This was featured in this week’s CSIAC Cyber Awareness Month piece on Cyber of CI.

      For more information the link to my CSIAC article is at:
      https://www.csiac.org/national-cyber-security-awareness-month-october-2018/safeguarding-the-nations-critical-infrastructure-national-cyber-security-awareness-month-week-4-october-22-26/

      From Reuters News:

      Russia likely behind dangerous attack on Saudi energy plant: FireEye
      http://www.reuters.com/article/us-cyber-russia-triton/russia-likely-behind-dangerous-attack-on-saudi-energy-plant-fireeye-idUSKCN1MX2JJ

      A dangerous computer virus designed to destroy safety systems at industrial plants was likely developed by a Russian government-backed research institute, U.S. cybersecurity firm FireEye said on Tuesday.

      Paul B. Losiewicz

    • 2018-10-24 at 13:19 #51193
      dhoffman
      Participant

      https://thehackernews.com/2018/10/iphone-lock-passcode-bypass.html
      a vulnerability is found in apple’s iOS 12.0.1 which allows people who have physical access to a phone to gain access to photos and send them. this is done with the help of Siri and VoiceOver screen reader.

    • 2018-10-23 at 16:10 #51186
      AlliedChemical22
      Participant

      Americans willing to overlook data breaches towards brands.

      https://www.securitymagazine.com/articles/89487-nearly-half-of-americans-willing-to-give-brands-a-pass-for-a-data-breach

    • 2018-10-22 at 20:22 #51175
      mciola10
      Participant

      https://www.bleepingcomputer.com/news/security/jquery-file-upload-plugin-vulnerable-for-8-years-and-only-hackers-knew/

      This article is about how The bug influences the broadly utilized jQuery File Upload gadget and enabled an assailant to transfer discretionary records on web servers, including direction spends for sending directions. The jQuery File Upload has been helpless for a long time, since the Apache 2.3.9 discharge in 2010.

    • 2018-10-22 at 11:20 #51148
      ctaylor212000
      Participant

      https://www.forbes.com/sites/louiscolumbus/2018/10/14/the-current-state-of-cybersecurity-shows-now-is-the-time-for-zero-trust/#4f829165f153

      In this article, it states that the current state of Cyber Security shows that trust is not the best thing to believe in online. Cyber Security has advanced to a point, protection is very important for this moment, thus meaning the opposition against Cyber Security has strengthened as well. Making sure that you should just trust just anyone on the internet. It shows that there has been above 40% of security breach on healthcare just in 2017. This in turn, just below 30% security breaches for PII (Personally Identifiable Identification).

    • 2018-10-22 at 11:14 #51146
      ctaylor212000
      Participant

      https://www.forbes.com/sites/quora/2018/10/17/what-are-the-biggest-cyber-security-trends-of-2018/#19eae3f72815

      In this article, it states the biggest cyber security trends. Some of these trends are not the best of trends. The article leaves the readers a few bullet points provided by Head of Security for Dropbox. He states that they need more professionals in the cyber security field and failure has been leading consequences. The use of SaaS software has also been accelerating so they say you should become much more aware of good vs. bad SaaS security postures.

    • 2018-10-22 at 11:08 #51143
      ctaylor212000
      Participant

      https://nyunews.com/2018/10/21/10-22-news-cyber/

      In this article, it states that the NYU (New York University) is progressing their Cyber Security advances and fighting for it. They have plans to assist technological innovations with a few colleges. They are also offering programs to undergraduates at the colleges. This is to ensure to help them in future studies. Following this, they seem to have students already wanting this movement to occur.

    • 2018-10-22 at 03:43 #51138
      ctaylor212000
      Participant

      http://theconversation.com/some-cybersecurity-apps-could-be-worse-for-privacy-than-nothing-at-all-104842

      In this article, it explains that some security applications are quite different and seem to ask more rather than securing your privacy. However it points out a few applications that work along side with cyber security. One of the few applications would be a VPN, which is used for securing a better connection along side with not being able to be tracked down by your internet server provider.

    • 2018-10-22 at 03:37 #51136
      ctaylor212000
      Participant

      https://www.gosanangelo.com/story/money/business/2018/10/21/here-some-tactics-defend-against-cybersecurity-attacks/1723335002/

      In this article it explains ways to defend against cyber security attacks. It gives you a few tips you can abide by that will allow you to feel much more secure than before. It also explains to reach out to your employees and teach them the necessary skills about security so they can be formatted particularly for the case of a cyber security attack so they have a somewhat idea of what is occurring.

    • 2018-10-22 at 03:11 #51134
      ctaylor212000
      Participant

      https://www.cnet.com/news/facebook-reportedly-shopping-for-a-cybersecurity-company/

      In the article, it explains that Facebook is shopping for cyber security companies to help beef up their security. They want to ensure the policy of safety by shopping for cyber security so those using Facebook can feel safer on Facebook without any problems rather than a ton of problems of breaching privacy.

    • 2018-10-22 at 02:46 #51132
      ctaylor212000
      Participant

      https://www.seattletimes.com/business/ibm-takes-cybersecurity-training-on-the-road/

      In the article, to explains how it they’re taking IBM cyber security training onto the road. The sudden movement was to create a way to tour around the world whilst teaching the skills of Cyber Security to oncoming colleges in the future in their way while touring. Rather than scrambling their methods to teach members of Cyber Security to know what they’re doing. They take the effort to travel to colleges to create an efficient learning process.

    • 2018-10-21 at 18:37 #51130
      chazybear
      Participant

      https://www.securityweek.com/critical-vulnerabilities-allow-takeover-d-link-routers

      researchers have found that attackers are targeting d-link routers with several vulnerabilities that gains access to a file that stores the devices password .The attacker can then execute certain commands to take over the device. No patches have been issued as of yet but in the meantime, the security flaws can be avoided by ensuring that the router is not accessible from the Internet.

    • 2018-10-21 at 18:25 #51128
      chazybear
      Participant

      https://www.securityweek.com/tumblr-vulnerability-exposed-user-account-information

      Tumblr announced that a vulnerbility was used by attackers that could be used to obtain customers account information used on blogs for example passowrds and previous used emails and last log in IP’s. the company claims a patch was issued within 12 hours and they’re not able to determine which users were affected.

    • 2018-10-21 at 18:03 #51126
      chazybear
      Participant

      https://www.securityweek.com/google-pixel-3-improves-data-protection-security-chip

      google has installed a new second generation , low powered security module on all of its pixel 3 devices called titan M . It is intended to help with the android verified boot . This chip also is used to ensures no-one can unlock a phone , not even google , without the owners cooperation.

    • 2018-10-18 at 17:14 #51104
      depern
      Participant

      https://thehackernews.com/2018/10/iphone-lock-passcode-bypass.html

      This article talks about how a new iPhone bug could give anyone access to Private photos!

    • 2018-10-17 at 16:00 #51038
      DukeNukemBOS
      Participant

      https://www.securitymagazine.com/articles/89494-smart-cities-have-new-physical-threats-the-impact-of-drones-on-security-and-public-safety

      This article talks about how drones can be a threat to security and public safety.

    • 2018-10-17 at 10:31 #51037
      Gecky
      Participant

      https://www.infosecurity-magazine.com/news/cybersecurity-salaries-jump-6/

      This article states that salaries in the cybersecutiry field are being raised rapidly

    • 2018-10-16 at 18:58 #51031
      AlliedChemical22
      Participant

      Drones posess new physical threat to cities. Implement drones for added security layer to cities?

      https://www.securitymagazine.com/articles/89494-smart-cities-have-new-physical-threats-the-impact-of-drones-on-security-and-public-safety

    • 2018-10-16 at 11:53 #51014
      mwisniewski
      Participant

      Here’s a nice article to keep us all motivated in our pursuit of a degree in cybersecurity! Salary’s have increased by double the national average!

      https://www.infosecurity-magazine.com/news/cybersecurity-salaries-jump-6/

    • 2018-10-15 at 12:09 #50997
      dhoffman
      Participant

      https://thehackernews.com/2018/10/download-fortnite-android.html
      The popular game, Fortnite, was released for Android mobile devices but it is not available in Google Play Store. The company, Epic Games, decided to keep it available only on their website to increase revenue but this leaves the door open for malware to be presented as the game on a different website.

    • 2018-10-15 at 11:27 #50995
      Ticia
      Participant

      https://www.bleepingcomputer.com/news/security/ad-clicker-hiding-as-google-photos-app-found-in-microsoft-store/

      This article is about how a fake app was found in the Microsoft store. The app claims to be an extension of Google Photos but really it has malicious intentions that mess with Windows 10.

    • 2018-10-14 at 20:06 #50958
      mciola10
      Participant

      https://www.bleepingcomputer.com/news/security/largest-cyber-attack-against-iceland-driven-by-complex-phishing-scheme/

      This article talks about how phishers are impersonating the icelandic police sending out malicious emails to people warning them to come in for questioning and if they don’t comply they will issue a arrest warrant. There is also a another phishing scheme that involves making people click on a link that sends them to a fake identical looking website that tasks them to input their social security number and then asks for a authentication code to try to get into the victim’s computer and steal information.

    • 2018-10-12 at 14:49 #50934
      mwisniewski
      Participant

      https://www.bbc.com/news/technology-45757528

      The state of California has passed a bill that bans the use of unsafe passwords on net connected devices being produced or sold in California. The “Information Privacy: Connected Devices bill also calls for devices having better security features installed upon manufacturing.

    • 2018-10-11 at 23:21 #50939
      ahmedalazzawi
      Participant

      https://nakedsecurity.sophos.com/2018/10/11/millions-at-risk-from-default-webcam-passwords/

      This article is talking about a webcam company that is making their products easier to hack by attackers. Hangzhou Xiongmai Technology Co the company that is producing these cams, is using a standard ID for their cams which is not random. they also use a default password for the admin and never ask the user if they want to change the password which makes it easier for attackers to get into the system.

    • 2018-10-11 at 21:40 #50930
      Gecky
      Participant

      https://www.forbes.com/sites/taylorarmerding/2018/10/09/cybersecurity-not-just-a-job-many-jobs-of-the-future/#747a57853f2b

      This article explains that the field of cybersecurity has over half a million vacant jobs

    • 2018-10-11 at 16:54 #50910
      depern
      Participant

      https://thehackernews.com/2018/10/google-plus-shutdown.html

      This article seemed very interesting, after the company google shuts down Google+ due to a massive data breach. Leaking private information of hundreds of thousands users.

    • 2018-10-11 at 13:59 #50908
      DukeNukemBOS
      Participant

      https://www.securitymagazine.com/articles/89472-ca-to-ban-weak-passwords

      This article talks about how California will start banning weak passwords on January 1st 2020 and will allow customers to sue the companies if they fail to acknowledge the policy

    • 2018-10-11 at 00:02 #50890
      Ticia
      Participant

      https://www.bleepingcomputer.com/news/security/windows-10-ransomware-protection-bypassed-using-dll-injection/

      This article is about how Microsoft made an addition to their Controlled Folder Access which has an intended use of protecting specific folders by programs that could be unknown. Secret private folders at that. The article then goes on how it was brought to their attention how all of this could be bypassed by DLL injections.

    • 2018-10-07 at 20:49 #50782
      mciola10
      Participant

      https://www.bleepingcomputer.com/news/security/sites-trick-users-into-subscribing-to-browser-notification-spam/

      This article talks about how notification pop-up spam are showing up on the desktop by clicking agree to show the pop-ups which are scams that include fake news, fake downloads, and unwanted extensions. If people don’t like seeing pop-ups on their screen they can disable it through google settings which will stop making it pop-up on people’s screen.

    • 2018-10-05 at 18:42 #50770
      dhoffman
      Participant

      https://thehackernews.com/2018/10/bank-atm-hacking.html
      The hacker group known as the Hidden Cobra have been using the method of FASTCash since at least 2016. FASTCash allows them to withdraw millions of dollars from any ATM and has been primarily used in Africa and Asia; an investigation is still under way as to whether or not it has affected any banks in the US.

    • 2018-10-05 at 14:16 #50676
      mwisniewski
      Participant

      https://www.cnbc.com/2018/09/28/facebook-says-it-has-discovered-security-issue-affecting-nearly-50-million-accounts-investigation-in-early-stages.html

      Recently, Facebook discovered that hackers had gained the ability to possibly access 50-million user accounts through a bug which allowed them to gain digital keys from user logins. Facebook is cooperating with the FBI over the security breach.

    • 2018-10-04 at 17:45 #50736
      AlliedChemical22
      Participant

      Here I have an article that lightly touches on the topic of ethical hacking. Enjoy!

      https://www.securitymagazine.com/articles/89469-how-to-work-with-hackers-to-make-your-company-more-secure

    • 2018-10-02 at 15:57 #50673
      Gecky
      Participant

      https://securityintelligence.com/national-cyber-security-awareness-month-whats-new-for-2018/

      October marks the beginning of National Cyber Security awareness month. A time to spread awareness of safe cyber security practices.

    • 2018-10-01 at 21:38 #50644
      dhoffman
      Participant

      https://thehackernews.com/2018/09/linux-kernel-exploit.html
      Linux Kernal versions 3.16 through 4.18.8 have a vulnerability which allows anyone to gain a root access in about an hour. This would allow anyone to change data or crash the system, whichever they wanted to do.

    • 2018-09-29 at 20:13 #50581
      Ticia
      Participant

      https://www.bleepingcomputer.com/news/security/port-of-san-diego-affected-by-a-ransomware-attack/

      The Port of San Diegos IT systems faced a ransomware attack which disrupted the line of work for businesses, parking permits, accessing public record requests, etc. So just about everyone is feeling the damage caused by the cyber-attack. The article also explains how the Harbor Police Department are continuing to work diligently to minimize the impact.

    • 2018-09-28 at 20:48 #50576
      depern
      Participant

      https://thehackernews.com/2018/09/linux-kernel-exploit.html
      Recently a Cyber Security researcher for the Google Project zero, uncovered a exploit for a high vulnerability within the Linux system.

    • 2018-09-28 at 13:05 #50564
      mabdulkadhim05
      Participant

      https://www.v3.co.uk/v3-uk/news/3062330/british-airways-security-breach-compromises-380-000-credit-cards

      what this news articular is about the British airways security. the British whir have alot of security problems where 380,000 customer credit card details got breach.

    • 2018-09-28 at 09:11 #50507
      mwisniewski
      Participant

      https://www.securityweek.com/over-6-million-users-hit-breach-fashion-retailer-shein

      Shein was the target of a date breech in which hackers made off with over 6 million user emails and passwords. This article also talks about the aftermath and affirmative action Shein is taking to protect their customers information for the future to come.

    • 2018-09-27 at 21:48 #50518
      ahmedalazzawi
      Participant

      https://www.securityweek.com/ex-nsa-hacker-sentenced-jail-over-kaspersky-leak

      This article is about a former NSA hacker who took some sensitive information from work and saved it on his home computer. he protected his computer using Kaspersky anti-virus program which lead Russian hackers hack his computer in 2015 and steal the information.

    • 2018-09-27 at 09:53 #50459
      chazybear
      Participant

      https://www.securityweek.com/how-cybercriminals-are-using-blockchain-their-advantage

      cyber criminals are now turning to blockchain as there choice for attacking peoples computers . it works the same way as when we type in a website into a browser by searching for an ip address, essentially turning someones computer into a phone book.

    • 2018-09-27 at 09:46 #50457
      chazybear
      Participant

      https://www.securityweek.com/how-cybercriminals-are-using-blockchain-their-advantage

      cyber criminals are now Turning to “blockchain” technology to attack peoples computers. Their new m method of choice attacks. essentially working the same way we type a webpage in a browser it searches for an IP address . this is how blocktrain works.

    • 2018-09-26 at 11:44 #50230
      mcadwell30
      Participant

      Protecting your Cryptocurrency. Because hackers are now finding ways into your Crypto Wallet and tricking or manipulating the device or program to transfer funds directly to themselves, speculations of how to stop that have arised. Crypto Defender is a proactive defense mechanism against Crypto Currency hackers. This program blocks multiple forms of malware, including keylogging malware, from gaining access to your mobile Crypto Wallet.

      https://bitcoinmagazine.com/articles/crypto-wallet-protection-app-wants-secure-your-wallets-against-malware/

    • 2018-09-26 at 11:43 #50232
      mcadwell30
      Participant

      https://bitcoinmagazine.com/articles/crypto-wallet-protection-app-wants-secure-your-wallets-against-malware/

      Protecting your Crypto Currency. Because hackers are now finding ways into your Crypto Wallet and tricking or manipulating the device or program to transfer funds directly to themselves, speculations of how to stop that have arised. Crypto Defender is a proactive defense mechanism against Crypto Currency hackers. This program blocks multiple forms of malware, including keylogging malware, from gaining access to your mobile Crypto Wallet.

    • 2018-09-26 at 11:20 #50429
      DukeNukemBOS
      Participant

      https://theconversation.com/with-usb-c-even-plugging-in-can-set-you-up-to-be-hacked-102296

      This article talks about how usb c can get hacked easily and leak your confidential information that hackers can gain.

    • 2018-09-25 at 16:12 #50401
      smanchanda
      Participant

      My article discusses the recent discussion surrounding standing up a centralized agency with a cyber mandate in the US. Curious to see other peoples thoughts about the more decentralized fragmented way of cybersecurity seen in countries like the US and Germany vs highly centralized authorities like the CSA in Singapore and the RIA in Estonia.

      https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2018/09/25/the-cybersecurity-202-congress-poised-to-allow-dhs-to-take-the-lead-on-federal-cybersecurity/5ba915ba1b326b7c8a8d162c/?utm_term=.38c9bc5776bf

    • 2018-09-25 at 15:23 #50398
      Flockhart
      Participant

      This article talks about how Nation-State attacks are on the rise according to Europol. Europol have also raised concerns that the new European data protection regulation (GDPR) is impacting its ability to sidentify threat actors.

      http://ftnews.firetrench.com/2018/09/nation-state-attacks-on-the-up-say-europol/

    • 2018-09-25 at 13:28 #50395
      AlliedChemical22
      Participant

      My article this week is about the U.S. Justice Department having a meeting and discussing concerns about how technology companies handle user data and privacy concerns.

      https://www.reuters.com/article/us-usa-tech-justice/u-s-justice-department-meeting-with-state-officials-focused-on-data-privacy-idUSKCN1M52ED

    • 2018-09-25 at 12:38 #50390
      Gecky
      Participant

      https://thehackernews.com/2018/09/4g-ee-wifi-modem-hack.html

      A severe vulnerability has been found in the new 4GEE mini modems that allows a hacker to run malicious programs with high privileges. As well as gain access to the entire system.

    • 2018-09-25 at 11:49 #50386
      dhoffman
      Participant

      https://thehackernews.com/2018/09/bitcoin-core-software.html
      Bitcoin updated their software to fix vulnerabilities found in their wallet which could have brought down Bitcoin network. Miners could attack the BTC network at the price of 12.5 bitcoins(roughly equal to $80,000) but the update is said to have fixed the problem.

    • 2018-09-24 at 18:49 #50361
      mhapple25
      Participant

      An ad removal tool on the Apple App store watches what you do on your mac computer.
      https://thehackernews.com/2018/09/mac-adware-removal-tool.html

      • This reply was modified 2 years, 6 months ago by mhapple25.
    • 2018-09-23 at 16:32 #50321
      mabdulkadhim05
      Participant

      https://www.forbes.com/sites/louiscolumbus/2018/08/31/58-of-all-healthcare-breaches-are-initiated-by-insiders/#1651d3d9601a
      A lot of security breach are happen in health and medical people are steeling laptop to have access to medical researcher and health network access,more then 58% breach attempt involve internal actors.

    • 2018-09-22 at 11:10 #50300
      chazybear
      Participant

      fyi warns a rise in cyber-thieves targeting various payroll accounts in various industries. preferred method is phishing which would allow these criminals to capture employees log-in credentials, then secretly change their bank account information. one method the thieves use to tread unnoticed is to ad rules to employee accounts so they will not recieve alerts or notifications.

    • 2018-09-21 at 21:06 #50293
      Ticia
      Participant

      https://www.bleepingcomputer.com/news/security/feedify-hacked-with-magecart-information-stealing-script/

      This article is about how Placebo, a security researcher noticed that Feedify a “customer engagement service” got hacked into. This is extremely important because a Magecart script was put into it (which is basically a credit card and other important information that should remain private thief) meaning that whenever someone loads and uses Feedify, they are unknowingly giving the “malicious code” access to their private information.

    • 2018-09-21 at 20:35 #50292
      Ticia
      Participant

      https://www.bleepingcomputer.com/news/security/microsoft-office-365-customers-get-protection-against-malicious-macros/

      This article is about how Microsoft customers are now eligible for support for its ASMI. Protecting them against script-based attacks.

    • 2018-09-21 at 14:24 #50284
      depern
      Participant

      https://www.technologynetworks.com/informatics/news/multiple-malware-threats-for-visitors-to-pirate-websites-309778
      This article describes how thousands of malware were found on more than 1,000 websites. Which were suspected to share illegal protected content in an EU-wide research project implemented out by the EUIPO

      • 2018-09-21 at 20:04 #50290
        Ticia
        Participant

        https://www.bleepingcomputer.com/news/security/port-of-barcelona-suffers-cyberattack/

        This article is about how the Port of Barcelona servers fell victim to a cyberattack. And how they are undergoing a series of plans to reverse the damage.

    • 2018-09-21 at 14:16 #50283
      depern
      Participant

      https://www.securitymagazine.com/articles/89403-half-of-government-military-passwords-are-weak
      This article is about how half of the governments passwords are very weak. Weak enough to be cracked in less than two days.

    • 2018-09-20 at 23:41 #50266
      mciola10
      Participant

      https://www.bleepingcomputer.com/news/security/xbash-malware-deletes-databases-on-linux-mines-for-coins-on-windows/

      This article is about how cyber criminals are using a program called “Xbash” that is a malware that searches for computers systems with weak passwords. The Cyber Criminal then scams the victim asking for crpytocurrency in order to restore the data.

    • 2018-09-20 at 22:00 #50257
      ahmedalazzawi
      Participant

      https://arstechnica.com/information-technology/2018/09/newegg-hit-by-credit-card-stealing-code-injected-into-shopping-code/

      This article is talking about a hacker called Magecart who attacked and hacked British air lines and newegg online shopping website and stole buyers credit cards information. The attack was stopped on the website after about a month of stealing from the buyers.

      • 2018-09-20 at 22:30 #50259
        ahmedalazzawi
        Participant

        https://www.securitymagazine.com/articles/89403-half-of-government-military-passwords-are-weak

        This article is talking about how military employees password are two easy to revel by hackers. research showed that more than half of the employees had the same issue. the research also showed not only the military is facing that issue but also a high percentage of civilians are facing the same issue and making them easy targets to hackers.

    • 2018-09-20 at 15:10 #50242
      Gecky
      Participant

      https://thehackernews.com/2018/09/newegg-credit-card-hack.html

      Hackers has stolen customer credit card information from the popular retail site NewEgg. The magecart hacking group stole details of customers who purchased any products on the website from August 14th, and September 19th.

    • 2018-09-19 at 21:40 #50228
      mwisniewski
      Participant

      https://www.cnbc.com/2018/09/06/north-korean-hackers-will-be-charged-for-sony-pictures-wannacry-ransomware-attacks.html

      This article discuses the possible sanctions being brought upon a suspected North Korean hacker. Park Jin Hyok is a North Korean hacker suspected of being responsible for the Sony Pictures hack when the movie “The Interview” was released, as well as the ransomware called “wannacry”. Jin is also being looked at as the possible suspect who tried hacking into Lockeed Martin’s THADD missile system in South Korea.

    • 2018-09-19 at 18:25 #50224
      dhoffman
      Participant

      https://thehackernews.com/2018/09/newegg-credit-card-hack.html
      Megacart hacking group uses a digital credit card skimmer to steal the payment information of at least a million Newegg costumers. It affected all costumers who used the Newegg website between August 14 and September 18.

    • 2018-09-19 at 10:49 #50198
      DukeNukemBOS
      Participant

      https://thehackernews.com/2018/09/wd-my-cloud-nas-hacking.html

      Researchers found that there is a vulnerability in Western Digital’s My Cloud that could let hackers gain admin-level control to certain devices.

    • 2018-09-18 at 10:59 #50139
      Rmalcinovic
      Participant

      Airways disclosed a data breach impacting customer information from roughly 380,000 booking transactions made between August 21 and September 5 of this year.

      https://www.wired.com/story/british-airways-hack-details/

    • 2018-09-17 at 18:06 #50114
      chazybear
      Participant

      https://www.securityweek.com/feeling-pulse-cyber-security-healthcare

      Healthcare providers are a very gainful target for cyber attackers . no surprise, healthcare records are a hot commodity for these cyber criminals, considering the type of information a patients records can consist of very sensitive material.

    • 2018-09-17 at 14:32 #50105
      AlliedChemical22
      Participant

      DDos attacks more common in the Uk’s colleges and universities.

      https://www.infosecurity-magazine.com/news/uk-universities-face-growing-ddos/

    • 2018-09-17 at 11:18 #50094
      chazybear
      Participant

      https://www.bleepingcomputer.com/news/security/new-css-attack-restarts-an-iphone-or-freezes-a-mac/”>

      New attack found for iOS users that re-starts they’re iOS or freezes by simply visiting a website. at this time there is no way to mitigate from the attack. Apple will have to create a fix for users to download

      • This reply was modified 2 years, 6 months ago by chazybear.
    • 2018-09-17 at 01:18 #50086
      mciola10
      Participant

      https://www.bleepingcomputer.com/news/security/microsoft-office-365-customers-get-protection-against-malicious-macros/

      This article is about when people input malicious macros onto the Microsoft 365, it will get triggered by AMSI (Anti-malware Scan Interface) the antivirus will track the malicious macro and will send it straight to the antivirus. AMSI helps get rid of malicious macros, once the macro is triggered it will then alert the person and it will be sent to antivirus to help stop the scripted malicious attack.

    • 2018-09-12 at 21:18 #50020
      mwisniewski
      Participant

      https://www.securitymagazine.com/articles/89374-dhs-launches-national-risk-management-center

      This article talks about the Department of Homeland Security launching the new National Risk Management Center. The NRMC will not only focus on protecting preferred governmental infrastructure, but will expand its resources to evaluate risks across the industry sector as well.

    • 2018-09-11 at 19:03 #50010
      Mdenova
      Participant

      https://www.wired.com/story/hackers-steal-tesla-model-s-seconds-key-fob/

      This article discusses how students at KU Leuven University have discovered how to clone a Tesla key fob. This helped Tesla to change their key fob security to include a pin.

    • 2018-09-11 at 18:59 #50009
      depern
      Participant

      A British Airline was breached just last week which compromised nearly 400,000 booking transactions for the past few weeks. https://www.wired.com/story/british-airways-hack-details/

    • 2018-09-11 at 13:48 #50004
      Cpalamara23
      Participant

      Apple removes anti-malware apps from the store. The anti-malware apps were removed for collecting the users’ browser data. https://www.bbc.com/news/technology-45482819

    • 2018-09-11 at 12:46 #50001
      dhoffman
      Participant

      https://thehackernews.com/2018/09/british-airways-data-breach.html
      The payment information of close to 380,000 users of the British Airways website and mobile app was stolen. A spokesperson for the company suggests that it was done by a person with security clearance and not a hacker from the outside.

    • 2018-09-11 at 09:51 #49990
      DukeNukemBOS
      Participant

      https://www.wesh.com/article/wesh-2-news-investigates-election-cyber-security/23073476

      WESH 2 news investigates election cyber security to ensure that residents of Florida are being protected while voting. Greg Fox looks into how it could stop cyber attacks on elections.

    • 2018-09-10 at 19:32 #49987
      AlliedChemical22
      Participant

      Hi there I am submitting an article about an article that talks about several unsavory hackers who hacked JPMorgan Chase & Co, including several other us companies. Of course these hackers had previous charges from other crimes. Enjoy!

      https://www.reuters.com/article/us-cyber-indictments/russian-extradited-to-u-s-to-face-charges-over-jpmorgan-hack-idUSKCN1LN2KL

    • 2018-06-13 at 16:17 #37985
      capatch
      Moderator

      Discusses Air Force’s struggle against culture to develop a more holistic approach to Agile concepts in acquisition.

      USAF Edges Toward an Agile Future

    • 2018-06-07 at 14:37 #36969
      plosiewicz
      Moderator

      VPNFilter back in the news. This is quite a problem alright. The author recommends buying a new router if it cant be updated. the question is to determine if the off the shelf replacements are also covered under recent s/w updates….

      https://thehackernews.com/2018/06/vpnfilter-router-malware.html

    • 2018-05-11 at 15:06 #32367
      plosiewicz
      Moderator

      Quantum Blockchain discussion from MIT Tech Review

      https://www.technologyreview.com/s/611022/if-quantum-computers-threaten-blockchains-quantum-blockchains-could-be-the-defense/

    • 2018-05-11 at 14:59 #32359
      plosiewicz
      Moderator

      A major procedural snafu in Government is lack of clarity in Defense Support for Civilian Authorities (DSCA) in the Cyber domain.

      It appears that Congress has decided to join in the discussion….

      https://www.nextgov.com/cybersecurity/2018/05/house-panel-approves-more-military-cyber-support-critical-infrastructure/148087/

    • 2018-05-07 at 23:59 #32303
      corycl4
      Participant

      Former employee of PenAir recently pleaded guilty to felony offenses and owes $5,616 back to the airline after hacking into their VPN network and tampering with airline ticket prices. A VPN connection does not secure a user’s identity as private but acts as though your computer had direct hook-up to their network. The employee was a director of system support and was responsible for the updating of security procedures around the networks of the company. The employee wiped out the existing Sabre system three times forcing employees to rebuild their systems. She was able to do this as she created fake employee profiles with extenstive rights before her retirement.
      https://nakedsecurity.sophos.com/2018/04/19/employee-from-hell-busted-by-vpn-logs/

    • 2018-05-07 at 23:48 #32300
      corycl4
      Participant

      Google has recently rolled out 2FA, or 2 Factor Authentication for logging into apps such as gmail. 2FA is another layer of security that users should take advantage of. The Google approach to 2FA sends a security message to your phone via SMS message, use an authenticator app or type your password. Setting up the 2FA feature is simple and takes a matter of minutes for both android and IOS users. One benefit of this set-up is that next time your account is being signed into from a new device, you will receive a message asking to verify your credentials. Immediately, you will know if someone is trying to get into your account.
      https://nakedsecurity.sophos.com/2018/04/26/gmail-users-heres-how-and-why-you-should-set-up-prompt-based-2fa/

    • 2018-05-07 at 23:45 #32299
      corycl4
      Participant

      Fred Hutch, a cancer institute joined up with Microsoft to help fight the negative side-effects of chronotherapy with computer technology. They look to accomplish this by studying more before, during, and after visits. The technology part comes into play by examining the immune system, reading a blood sample and correcting multiple errors with the body.
      Pokwire.com

    • 2018-05-07 at 23:44 #32298
      corycl4
      Participant

      Pokwire.com
      Microsoft and Amazon’s artificial intelligence systems, Cortana and Alexa, are cross referencing each other. Together, they are both OS assistants that provide google like information and are able to open and close apps as well as able to use any of your apps such as playing pandora or finding a destination. All at the command of your voice. Now two huge platforms bring them together on one device simultaneously to assist you quicker and bring you even further.

    • 2018-05-07 at 23:41 #32297
      corycl4
      Participant

      On World Password Day, Twitter released a statement that a bug in their internal databases left passwords unencrypted, or in plain text. Unencrypted passwords and saving them to a temporary file is a big “no-no”. There are several risks to improperly saving passwords that users should be made aware of and use more precaution with. While Twitter has claimed they have fixed the issue, they strongly urge users to update their passwords on every device they use to log into the site.
      https://nakedsecurity.sophos.com/2018/05/04/twitter-admits-to-password-storage-blunder-change-your-password-now/

    • 2018-05-07 at 23:40 #32294
      corycl4
      Participant

      Abbot’s (formerly St. Jude’s Medical) has released a statement that their pace makers are vulnerable to security attacks and battery life loss. It has been reported that roughly 465,000 patients are at risk due to these security threats. MedSec, and IoT company published the bug issues in the equipment in 2016. At that time St. Jude’s decided to sue MedSec for defamation rather than fix the issues. Today however, involvement from the FDA and Department of Homeland Security has urged St. Jude’s to make the appropriate fixes. Patients are strongly encouraged to contact their doctor if they are concerned their pacemaker may be a vulnerable device.
      https://nakedsecurity.sophos.com/2018/05/04/half-a-million-pacemakers-need-a-security-patch/

    • 2018-05-07 at 23:14 #32292
      tcornish13
      Participant

      https://blog.avast.com/cambridge-analytica-shuts-down-and-ransomware-victims-pay-up

      A school district in MA had been hit with ransomware, shutting down services.

    • 2018-05-07 at 23:12 #32290
      tcornish13
      Participant

      https://www.theverge.com/2018/4/30/17302720/wechat-deleted-messages-china-government-surveillance

      The use of the messaging app “Wechat” is being used in the prosecution of criminals.

    • 2018-05-07 at 23:10 #32288
      tcornish13
      Participant

      https://www.theverge.com/2018/5/3/17316684/twitter-password-bug-security-flaw-exposed-change-now

      Twitter discovered a bug in their system, and is advising users to change passwords.

    • 2018-05-07 at 23:08 #32286
      tcornish13
      Participant

      https://www.theverge.com/2018/5/4/17303644/volkswagen-car-net-security-location-access

      A former owner of a Volkswagen discovered she still had vital access to information about the vehicle after selling it.

    • 2018-05-07 at 20:59 #32284
      dragonfin
      Participant

      https://www.scmagazine.com/the-framework-in-question-has-been-a-point-of-frustration-inside-the-pentagon-long-before-trump-came-into-office/article/763394/

      The Trump administration is reportedly looking to rescind Presidential Policy Directive 20 an important policy memorandum that currently guides the approval process for government-backed cyberattacks.

    • 2018-05-07 at 20:58 #32282
      dragonfin
      Participant

      https://www.scmagazine.com/delaware-launches-data-breach-compliance-site-for-companies-and-consumers/article/763065/

      The state of Delaware launched a website to assist in the compliance of the state’s updated data breach laws.

    • 2018-05-07 at 20:57 #32280
      dragonfin
      Participant

      https://www.scmagazine.com/spartacus-ransomware-shows-sparse-features-can-still-fight-hard/article/762753/

      A new ransomware named after a gladiator is demonstrating how even malware with sparse features can get still get wreak havoc on unsuspecting users.

    • 2018-05-07 at 20:54 #32278
      dragonfin
      Participant

      https://money.usnews.com/investing/cryptocurrency/articles/2018-05-04/is-bitcoin-a-safe-investment

      The frequent hacking of cryptocurrency exchanges serves as a warning to investors.

    • 2018-05-07 at 19:04 #32270
      dalicaic25
      Participant

      https://www.technewsworld.com/story/85252.html
      Intel has come out with a 8th generation of proccesors that are a big improvement from the last gen

    • 2018-05-07 at 19:02 #32268
      dalicaic25
      Participant

      https://www.technewsworld.com/story/85246.html
      There had been a shooting at the youtube headquarters and the female suspected was reportedly not fond of youtube and how they ran it

    • 2018-05-07 at 18:51 #32266
      dalicaic25
      Participant

      https://www.technewsworld.com/story/85198.html
      FitBit has created a new watch to try and rival the apple watch and they wanna grow into the more modern type of watches with different styles

    • 2018-05-07 at 18:44 #32264
      dalicaic25
      Participant

      https://www.technewsworld.com/story/85173.html
      Microsoft has given its devs more open source to its computing software in order to upgrade it from the last version

    • 2018-05-07 at 18:41 #32262
      dalicaic25
      Participant

      https://www.technewsworld.com/story/85153.html
      Uber has created a way for people to walk a short distance to a location and get picked up for a lower cost than usual

    • 2018-05-07 at 18:38 #32256
      jgray18b
      Participant

      https://arstechnica.com/gadgets/2018/05/a-lightning-strike-shut-off-a-womans-brain-implant/

      Elon Musk, has set out on a new project. This time it is a medical research company, called Neuralink, and sets out to develop brain implantation devices. This is meant to help us in the upcoming AI apocalypse, but couldn’t malicious organizations take advantage of these implantations?

    • 2018-05-07 at 18:35 #32259
      dalicaic25
      Participant

      https://www.technewsworld.com/story/85168.html
      Apple is trying to open up Health clinics to its employees as a token of gratitude for working for them

    • 2018-05-07 at 18:31 #32257
      dalicaic25
      Participant

      https://www.technewsworld.com/perl/section/technology/?init=60
      Smart TV’s were getting hacked and people at home are starting to worry wether they are safe to have such TV’s at their house if they can so easily be hacked

    • 2018-05-07 at 16:41 #32244
      dragonfin
      Participant

      https://www.csoonline.com/article/2130877/data-breach/the-biggest-data-breaches-of-the-21st-century.html

      This article is mainly talking about big data breaches that have happened in the 21st century. Yahoo being the biggest with over 3 billion user accounts.

    • 2018-05-07 at 16:36 #32235
      dragonfin
      Participant

      https://www.nytimes.com/2018/05/01/smarter-living/how-to-sell-your-phone-safely.html

      This article is from the New York Times. It is mainly about how to get rid of your old phone safely and how to wipe all your personal information before handing it off to a stranger.

    • 2018-05-07 at 14:49 #32180
      dragonfin
      Participant

      https://www.nytimes.com/2018/05/04/technology/personaltech/staying-safer-on-public-networks.html

      This article is from the New York Times. It is mainly talking about how to protect your personal information whenever you may be connected to a public network.

    • 2018-05-07 at 09:45 #32176
      dcopperwheat1
      Participant

      https://www.securityweek.com/has-your-companys-infrastructure-been-hijacked-bitcoin-miners

      With the rise of bitcoin again in the markets, companies have found that their resources have been hijacked to help mine. This article states the best defense is AI powered cyber defense is the best to detect and stop deviations from normal patterns.

    • 2018-05-07 at 09:35 #32174
      dcopperwheat1
      Participant

      http://thehill.com/policy/cybersecurity/385663-new-vulnerability-found-in-systems-used-in-electric-gas-industries

      More exploits found within our energy systems of control. In March hackers backed by Russia targeted our systems of energy, nuclear, and water. The system exploit would allow hackers to take control over the same system the U.S. gov’t uses to maintain and control these sites.

    • 2018-05-07 at 09:24 #32171
      dcopperwheat1
      Participant

      https://nakedsecurity.sophos.com/2018/05/04/tech-companies-resist-government-hacking-back-and-backdoors/

      Georgia is looking to make it legal to hack back. I don’t think these politicians understand how hard it can be to track down origins of attacks. If it passes it would be interesting to see what you can get away with under the I was just attacked so I’m responding defense.

    • 2018-05-07 at 08:16 #32139
      rr1315
      Participant

      Brain implants – the extreme form of biometrics! Soon to come with a reduced risk of EMF injury.

      https://arstechnica.com/gadgets/2018/05/a-lightning-strike-shut-off-a-womans-brain-implant/

    • 2018-05-07 at 08:15 #32143
      rr1315
      Participant

      https://www.rt.com/business/425942-buffett-cyber-risk-insurance/

      Cyber insurance, soon to come – something I’d never heard of before.. but it makes sense. Uncharted territory indeed – this is in the works.

    • 2018-05-06 at 22:03 #32154
      jgray18b
      Participant

      https://nakedsecurity.sophos.com/2018/05/04/twitter-admits-to-password-storage-blunder-change-your-password-now/

      A new bug in Twitter’s code is discovered that stored some user passwords. They (Twitter) sent out alerts to reset passwords after acknowledging the mistake. They reported no indication of a breach or misuse of the passwords

    • 2018-05-06 at 19:53 #32153
      aaung01
      Participant

      https://www.reuters.com/article/us-usa-china-zte/zte-says-asked-u-s-commerce-department-to-suspend-business-ban-idUSKBN1I70FR

      It was a very unfortunate month for “ZTE,” the Chinese based telecom company. After acknowledged that the U.S. companies were banned to sell software and technological tools include CPU, smartphone chip to ZTE. The company now submitted a claim by both to scratch out the ban and give purchase power again like before.

    • 2018-05-06 at 19:27 #32152
      aaung01
      Participant

      https://www.geekwire.com/2018/fair-competition-facebook-raises-status-ai-research-labs-seattle-pittsburgh/

      Facebook now opened “AI (artificial intelligence)” lab in Seattle and Pittsburgh. Surprisingly, its new hired employees made their own space with creativity like drawing on the wall, or sticking artificial flower. However, those two labs will be working together and by under the mother company of the Facebook.

    • 2018-05-06 at 19:04 #32151
      aaung01
      Participant

      https://www.bleepingcomputer.com/news/google/google-says-chrome-now-blocks-about-half-of-unwanted-autoplays/

      No matter how many issue that the Google Chrome had, at this time, the users would be satisfy when they use the “Chrome 66.” The benefit of it is very humongous because, surprisingly, it will only allow “1,000” most popular websites to play video automatically with sound. “You Tube” is one out of many. Other than famous video sites, the Chrome will automatically block auto video playing with sound, but it will allow again when the users passionately click the video to watch.

    • 2018-05-06 at 18:51 #32150
      aaung01
      Participant

      https://www.bleepingcomputer.com/news/microsoft/chrome-users-reporting-freezes-and-timeouts-after-windows-10-april-update/

      Google Chrome users around world wide are facing two big problems after upgrading the latest version. After using a while, the site unbelievably stop working and it made very complicated for users to reset and finally ended up and for users, restarting the computer was the only option. Secondly, the sites sometimes did not work by showing “ERR_TIMED_OUT” which meant, it was completely out of control and did not give users able to visit to current website.

    • 2018-05-06 at 18:32 #32149
      aaung01
      Participant

      https://blog.avast.com/5-simple-tips-make-the-most-of-world-password-day

      Avast’s one published article given advice of using 5 tips to make yourself stronger when there the time for making and remembering a very strong password. The article also concluded that the “38 %” of American people love to have the password of “…the same or very similar to each others…” which is usually weak and unhealthy.

    • 2018-05-06 at 18:09 #32145
      aaung01
      Participant

      https://arstechnica.com/information-technology/2018/05/researchers-link-a-decade-of-potent-hacks-to-chinese-intelligence-group/

      Researchers believed that the reason why the largest technology companies like “GOOGLE” and other popular games companies which were hacked for about a decade was under the operation of the Chinese Government’s Central Intelligent responsibility. They targeted companies mostly in United States, Europe, and Russia mainly. One Chinese researcher found out that the hackers were from all famous Chinese Companies and working together for Central Intelligent.

      • This reply was modified 2 years, 11 months ago by aaung01.
      • This reply was modified 2 years, 11 months ago by aaung01.
      • This reply was modified 2 years, 11 months ago by aaung01.
    • 2018-05-06 at 16:28 #32141
      rr1315
      Participant

      https://www.rt.com/usa/425858-cybercom-combatant-command-nsa/

      According to a Pentagon spokesperson, “the cyber domain will define the next century of warfare,” as a handful of the major powers in the world are labelled, by name, as adversaries to the U.S.

    • 2018-05-04 at 13:49 #32135
      smiles13
      Participant

      Investigators use genealogy sites to track down man connected to at-least 51 rapes and 12 murders. Done after finding someone with a similar DNA match and branching out from there.

    • 2018-05-04 at 13:16 #32134
      smiles13
      Participant

      Bug in twitter code is discovered by twitter that stored some user passwords. Twitter sends out alerts to reset passwords after acknowledging the mistake.

    • 2018-05-04 at 09:36 #32132
      mgallimo30
      Participant

      NIGERIAN EMAIL SCAMMERS ARE MORE EFFECTIVE THAN EVER
      https://www.wired.com/story/nigerian-email-scammers-more-effective-than-ever/

      Nigerian email scammers are still bringing in millions, although they are no longer posing as a prince in need. Now they are running a social engineering email scheme and stealing money from business using phishing emails.

    • 2018-04-29 at 22:07 #30553
      wpolnak
      Participant

      This article about the newest apple update really shows the importance of updating your devices constantly. Updates fix anywhere from minor bugs to mayor security problems and you need to keep yourself updated to keep your devices safe.

      https://nakedsecurity.sophos.com/2018/04/27/apples-latest-updates-are-out-apfs-password-leakage-bug-squashed/

      • This reply was modified 2 years, 11 months ago by CSIACAdmin. Reason: Fixed link and tags
    • 2018-04-29 at 22:04 #30552
      wpolnak
      Participant

      I always found the amazon echo to be kinda creepy just because all you have to do is say its name and it starts. That means to me that is must always be listening even when you aren’t using it. This article shows that to be true.

      https://nakedsecurity.sophos.com/2018/04/27/apples-latest-updates-are-out-apfs-password-leakage-bug-squashed/

      • This reply was modified 2 years, 11 months ago by CSIACAdmin. Reason: Fixed Link and Tags
    • 2018-04-29 at 21:58 #30551
      wpolnak
      Participant

      https://nakedsecurity.sophos.com/2018/04/27/apples-latest-updates-are-out-apfs-password-leakage-bug-squashed/

      I found this article to be very important because it reminds people that ransomware is a prominent threat even today. ransomware has changed in many ways but it also isn’t just a large “brand name” virus anymore. There are so many different hackers can do this that it has so many name.

      • This reply was modified 2 years, 11 months ago by CSIACAdmin. Reason: Fixed link and tag
    • 2018-04-29 at 00:12 #30550
      henry
      Participant

      https://www.reuters.com/article/us-tesla-crash/tesla-says-crashed-vehicle-had-been-on-autopilot-prior-to-accident-idUSKBN1H7023

      Tesla model X crashed into the concrete divider while it was on autopilot mode. Even though the car can operate on its own, Tesla said, the driver must agree to keep the hand on the steering wheel at all time. That was the first fatal accident by Tesla. Tesla recalled 123,000 of its model S and said there were no accidents or injuries shown.

    • 2018-04-27 at 13:07 #30316
      smiles13
      Participant

      Amazons DNS had traffic rerouted for a cryptocurrency website. Attacks could be connected to Russia as the server that traffic was rerouted to seems to originate from the country.

    • 2018-04-26 at 15:18 #30278
      cspencer25a
      Participant

      https://mashable.com/2018/04/16/taskrabbit-cybersecurity-incident/

      According to this article, there has been a breach in Ikea’s app TaskRabbit. There has been little disclosed at this time, but they are calling it a ‘cybersecurity incident’, and they had to shut down the application due to a compromise of security.

    • 2018-04-24 at 11:57 #30233
      rileysperati
      Participant

      https://nakedsecurity.sophos.com/2018/04/24/google-project-zero-pulls-the-rug-out-from-under-microsoft-again/

      Microsoft again missed the deadline for the 90-day patching deadlines and made it vulnerable to hackers. The leak is a bypass flaw that affects Windows 10 machines with device guard.

    • 2018-04-24 at 00:19 #30231
      dcopperwheat1
      Participant

      https://www.geekwire.com/2018/data-leak-exposes-48m-user-profiles-scraped-facebook-zillow-sites-researcher-says/

      Another data leak from our friends at Facebook from a company called Localbox. Organizations are still able to scrape public websites like Facebook and Twitter. This time an estimated 48 million accounts hit again.

    • 2018-04-24 at 00:13 #30230
      dcopperwheat1
      Participant

      https://nakedsecurity.sophos.com/2018/04/23/linkedin-patches-serious-leak-in-its-autofill-plugin/

      For all those of us that use LinkedIn to keep in touch with leads and networking across our respected fields. Nice to know that some programmers created a patch for their auto fill in options to possible allow malicious sites to farm data from the users.

    • 2018-04-23 at 10:25 #30214
      djones06a
      Participant

      https://thehackernews.com/2018/04/adblocker-chrome-extention.html

      A few widely used ad-blocking browser extensions available on the Google Chrome Store contain malicious code that can send user information and receive commands from a remote C&C server.

    • 2018-04-20 at 22:25 #30212
      nrea13
      Participant

      https://www.securityweek.com/linkedin-vulnerability-allowed-user-data-harvesting

      A vulnerability detected within LinkedIn in regards to an AutoFill feature had been patched. This vulnerability had a possibility of gathering user data for malicious purposes. The problem was identified before somebody could exploit it

    • 2018-04-20 at 22:05 #30210
      rydilly17
      Participant

      https://www.scmagazine.com/web-trackers-exploit-login-with-facebook-feature-to-gather-share-user-data/article/759978/

      Web trackers are exploiting the “Login with Facebook” feature to gain access to data from the social media firm’s users, according to a report by security researchers at the Freedom to Tinker blog. Third-party JavaScript trackers are embedded on websites where users login through Facebook can gather their data, including email addresses, and as is reportedly the case with Bandsintown, pass that data to other websites.

    • 2018-04-20 at 22:02 #30208
      rydilly17
      Participant

      https://www.scmagazine.com/the-malwares-suspected-author-is-a-well-known-russian-cybercriminal-who-has-been-active-on-global-underground-marketplaces-for-years/article/760188/

      Researchers have identified a new botnet malware described as the “Swiss Army Knife Malware”. Designed by a veteran threat actor it takes screenshot and drains cryptocurrency wallets.

    • 2018-04-20 at 21:58 #30206
      rydilly17
      Participant

      https://www.scmagazine.com/ex-employee-sun-trust-helps-compromise-15-million-bank-clients/article/760195/

      Sun Trust Bank today confirmed it was hit with an insider attack when a former employee, working with a third party, stole company contact lists possibly exposing the personal information of up to 1.5 million customers.

    • 2018-04-20 at 21:56 #30205
      rydilly17
      Participant

      https://www.technewsworld.com/story/85291.html

      Facebook on Tuesday unveiled a comprehensive series of privacy enhancements designed to extend protections required by the European Union’s General Data Protection Regulation to all of the social media company’s users around the world.

    • 2018-04-20 at 21:45 #30203
      rydilly17
      Participant

      https://www.technewsworld.com/story/85286.html

      Around 20% of the top app available through the google play store contain open source components with known vulnerabilities that can be exploited by hackers

    • 2018-04-20 at 21:40 #30201
      rydilly17
      Participant

      https://www.technewsworld.com/story/85291.html

      Facebook on Tuesday unveiled a comprehensive series of privacy enhancements designed to extend protections required by the European Union’s General Data Protection Regulation to all of the social media company’s users around the world.

    • 2018-04-20 at 21:37 #30199
      rydilly17
      Participant

      https://www.technewsworld.com/story/85268.html

      A web standards milestone announced Tuesday could point to the end of the road for pesky passwords.The new standard, WebAuthn, has won near-final approval from the World Wide Web Consortium, which establishes Web standards.

    • 2018-04-20 at 21:29 #30197
      rydilly17
      Participant

      https://www.democratandchronicle.com/story/news/politics/albany/2018/04/19/did-cyberattack-strike-new-yorks-student-tests/533251002/

      On Tuesday, New York was one of many states who’s computerized English tests were interrupted by a cyberattack. New York education officials confirmed Thursday that its computerized exams suffered the same problems Tuesday as other states, but Questar — the Minneapolis-based company that administers the tests — has yet to detail the cause of the problems.

    • 2018-04-20 at 12:44 #30195
      awebb19
      Participant

      https://www.theverge.com/2018/4/19/17258694/grasshopper-javascript-mini-games

      Google has released an app that teaches you how to code javascript through a series of mini games. This is helpful as coding is becoming an increasingly important skill to have.

    • 2018-04-19 at 23:47 #30192
      rtmoran
      Moderator

      https://thehackernews.com/2018/04/iot-hacking-thermometer.html

      Nicole Eagan, the CEO of cyber-security company Darktrace, disclosed, during a London based info-sec event, that an undisclosed casino was hacked through the exploitation of a vulnerability within the casino’s internet connected fish tank wifi thermometer. With internet connected technologies becoming even more commonplace, their presence brings to light new security implications and concerns moving forward.

    • 2018-04-19 at 23:00 #30190
      zijad94
      Participant

      https://www.technewsworld.com/story/85283.html

      Microsoft, Oracle and Facebook, along with 31 other companies, on Tuesday signed the Cyber security Tech Accord, an agreement aimed at defending against cyber-attacks, whether coming from rogue hackers or nation-states.

    • 2018-04-19 at 21:12 #30188
      glesher16
      Participant

      https://www.securityweek.com/nigerian-hackers-attempt-steal-millions-shipping-firms

      A Nigerian Hacking group, named GOLD GALLEON, have attempted to steal a few million dollars from shipping companies and customers of the companies over the last year. The group uses spear-phishing scams to try and gain credentials to ultimately modify financial documents redirect funds to their bank accounts.

    • 2018-04-19 at 16:25 #30184
      swoodworth31
      Participant

      https://www.bleepingcomputer.com/news/government/fda-wants-medical-devices-to-have-mandatory-built-in-update-mechanisms/

      The FDA wants to force medical device makers to include mandatory update systems inside their products in hopes of making the devices more secure.

    • 2018-04-19 at 15:50 #30182
      ttripp07
      Participant

      https://www.securityweek.com/iphones-ipads-can-be-hacked-trustjacking-attack

      Those with malicious intentions have devised a way to steal information from iOS users. Known as trustjacking, this attack involves the victim plugging his or her Apple device to a charging station and takes advantage of the “sync over Wi-Fi” feature on iOS devices. Even if the user disconnects their iOS device from the charging station, if he or she is on the same network as the attacker, data can still be stolen.

    • 2018-04-18 at 19:44 #30172
      dzemlevich
      Participant

      https://nakedsecurity.sophos.com/2018/04/17/traditional-firewalls-fall-short-in-protecting-organizations-says-survey/

      A new survey suggests firewalls in organizations fall short in giving the needed protection they need. One main security concern for many of the organizations who took the survey is lack of application visibility, which means they are not getting the visibility and control into what’s really happening on their networks.

    • 2018-04-18 at 13:31 #30170
      mark
      Participant

      https://www.theverge.com/2018/4/9/17216656/apple-renewable-energy-worldwide-climate-change

      This article explains that the energy Apple uses is now green energy. Green energy for future tech companies should be used more often so we can make the world cleaner and advance technology at the same time.

    • 2018-04-18 at 13:28 #30168
      mark
      Participant

      https://www.theverge.com/2018/4/11/17223504/ai-startup-sensetime-china-most-valuable-facial-recognition-surveillance.

      This article discusses the new type of security that can easily identify people committing a crime. It shows how it can be used as a security issue, violating privacy and many other rights.

    • 2018-04-18 at 09:38 #30162
      cspencer25a
      Participant

      https://mashable.com/2018/04/16/taskrabbit-cybersecurity-incident/

      According to this article, there has been a breach in Ikea’s app TaskRabbit. There has been little disclosed at this time, but they are calling it a ‘cybersecurity incident’, and they had to shut down the application due to a compromise of security.

    • 2018-04-17 at 20:30 #30164
      austinmarino
      Participant

      https://www.bleepingcomputer.com/news/security/teenager-charged-for-nova-scotia-freedom-of-information-web-portal-breach/

      This 19 year old got a hold of 7,000 confidential records through a portal. He says his intent was not malicious, but still could face up to ten years in prison. Maybe people should realize that internet security is not taken lightly.

    • 2018-04-17 at 18:03 #30160
      cspencer25a
      Participant

      https://www.lifehacker.com.au/2018/04/microsoft-release-admin-tools-to-simulate-cyberattacks/

      This article speaks about Microsoft releasing tools that can be used to simulate cyberattacks. This can be very advantageous especially for corporations that have employees that don’t know what to do in a practical situation.

    • 2018-04-17 at 17:02 #30158
      nd14
      Participant

      https://thehackernews.com/2018/04/iot-hacking-thermometer.html

      Hackers were able to gain access to a casino’s network through a fish tank thermometer.

    • 2018-04-17 at 16:20 #30156
      craigbeach
      Participant

      https://thehackernews.com/2018/04/intel-threat-detection.html

      Intel announced two new technologies to their processors that allows them to use built-in GPU’s for malware scanning. The two new technologies are: Threat Detection Technology (TDT) and Security Essentials. These technologies not only offer hardware-based built-in security features across Intel processors, but also improve threat detection without compromising system performance (Wang Wei). Current Scanning technologies can do this, but at the cost of GPU performance. Intel tested the new GPU-scanning technique, and CPU utilization for malware lowered from 20% to as little as 2%. Intel’s threat detection technology will be available in computers with 6th, 7th, and 8th generation processors.

    • 2018-04-17 at 13:17 #30154
      mmuya09
      Participant

      This article is interesting because a a man was an arrested man was used to discover a notorious drug dealer on widely used app that makes video/phone calls around the world or Whatsapp. This is really interesting because “Drug dealers” are using he internet to advertise products.

      http://www.bbc.com/news/uk-wales-43711477

    • 2018-04-16 at 14:42 #30127
      glesher16
      Participant

      https://www.securityweek.com/us-energy-department-offers-25-million-cybersecurity-tech

      The United States Department of Energy announced a funding opportunity that it will award up to $25 million to research, develop, and secure its energy infrastructure. The Office of Electricity Delivery and Energy Reliability’s Cybersecurity for Energy Delivery Systems (CEDS) made the is looking to improve the nation’s enerygy delivery systems.

    • 2018-04-16 at 11:51 #30126
      aaung01
      Participant

      Apple will going to give authority to the third party watch faces in the future. And, it will at least giving power to 3 most popular technology invention like “Garmin’s OS, Fitbit OS, and War OS.” Hopefully, consumers will see more fresh, exciting and beautiful watch faces in the future.

      https://arstechnica.com/gadgets/2018/04/the-apple-watch-may-support-third-party-watch-faces-in-the-future/

    • 2018-04-16 at 10:32 #30124
      djones06a
      Participant

      https://thehackernews.com/2018/04/android-dns-hijack-malware.html

      Trojanized facebook and chrome android applications are being spread through the use of the ‘Roaming Mantis’ malware via infected routers.
      Using DNS hijacking, the user is redirected to fake versions of trusted sites and asked to input sensitive information.

    • 2018-04-15 at 23:52 #30121
      jgray18b
      Participant

      https://www.theverge.com/2018/4/10/17215406/webauthn-support-chrome-firefox-edge-fido-password-free

      Web browsers such as Chrome and Firefox, will soon introduce a new way to logn, using biological data, and USB tokens. This will reduce the number of people succumbing to phishing and the like. Services, such as Google and Facebook have already added this feature.

    • 2018-04-15 at 17:30 #30119
      mgallimo30
      Participant

      Cybercriminals now targeting tax pros to cash in on fraudulent returns
      https://www.cnbc.com/2018/04/14/cybercriminals-now-targeting-tax-pros-to-cash-in-on-fraudulent-returns.html

      Hackers have been attacking tax professionals through phishing emails in an attempt to masquerade as them. Allowing the hackers to steal personal tax information and file fraudulent returns.

    • 2018-04-13 at 14:38 #30118
      smiles13
      Participant

      Updated Article: Facebook Denies obtaining call logs through android phones despite reports. Android phones using older OS were ones that could exposed.

    • 2018-04-13 at 13:53 #30117
      smiles13
      Participant

      Uber facing tighter restrictions following breach in 2016. Where in this breach many users emails, mobile phones, drivers and drivers licenses were breached and Uber failed to report it for over a year.

    • 2018-04-12 at 22:29 #29596
      swoodworth31
      Participant

      https://www.bleepingcomputer.com/news/security/malware-distribution-campaign-has-been-raging-for-more-than-four-months/

      A malware campaign has been going on for four months, according to a Malwarebytes researcher. Users are redirected to web pages with fake software updates that infect the computer with malware.

    • 2018-04-12 at 21:46 #29595
      austinmarino
      Participant

      This could be an interesting turn of events. Some new malware that can steal information through power lines. Sounds like fun!

    • 2018-04-12 at 19:11 #29593
      ttripp07
      Participant

      https://www.securityweek.com/mobile-phishing-attacks-85-percent-annually

      As how the average consumer uses technology has shifted to primarily involve mobile devices rather than laptops and desktops, attackers have done the same with their targets. It seems the smaller screen makes users less likely to notice when they visit a fake website. It also appears that solving this issue won’t be as simple as it would be on a desktop platform.

    • 2018-04-12 at 18:26 #29591
      nd14
      Participant

      https://www.scmagazine.com/report-secret-service-warns-of-crooks-swapping-out-chips-on-stolen-debit-cards/article/757918/

      Not too surprising but the Secret Service has issued a warning about criminals swapping out the chips on stolen debit cards. When i was in retail and the use of the chip started i figured it would only be a matter of time before something like this happened.

    • 2018-04-12 at 16:38 #29590
      rtmoran
      Moderator

      https://thehackernews.com/2018/04/outlook-smb-vulnerability.html

      A vulnerability residing within Microsoft Outlook allows attackers to steal Windows passwords by sending an RTF email, containing a remotely-hosted image file (OLE object) that Outlook automatically renders, initiating authentication with an attacker controlled SMB server.

    • 2018-04-12 at 13:20 #29221
      nrea13
      Participant

      https://www.securityweek.com/adobe-patches-vulnerabilities-six-products

      Adobe recently released a patch, fixing 19 vulnerabilities across their products. Six that had been declared critical had been patched that included bugs that led to remote execution of the code and information disclosure. Four vulnerabilities remained critical, but pose no threat for malicious use.

    • 2018-04-11 at 13:18 #29187
      rileysperati
      Participant

      https://nakedsecurity.sophos.com/2018/04/10/how-to-check-if-your-facebook-data-was-shared-with-cambridge-analytica/

      As many people know now facebooks data of their users was shared with Cambridge Analytica and the information they received was used a way many people would not want it used.THere is a link to see if your data was shared, but if it is shared there is not much you can do about it. After this problem the people who use facebook should not share their whole personal live on social media.

    • 2018-04-11 at 10:41 #29179
      dzemlevich
      Participant

      Vulnerability found in emergency alert systems allows the possibility of a hacker to trigger false alerts by setting off the emergency system due to the radio protocol used to control the sirens in ATI systems not being encrypted.

    • 2018-04-10 at 16:40 #29174
      awebb19
      Participant

      https://www.theverge.com/2018/4/10/17215406/webauthn-support-chrome-firefox-edge-fido-password-free

      Web browsers are creating a new way to log in that does not include passwords using things such as biometrics and USB tokens.

    • 2018-04-10 at 14:55 #29171
      craigbeach
      Participant

      https://thehackernews.com/2018/04/helsingin-uusyrityskeskus-hack.html

      According to thehackernews.com, Finland experienced their third largest data breach, with 130,000 passwords exposed. The website “http://liiketoimintasuunnitelma.com” was the affected target. The website stored the compromised passwords in plaintext, meaning they were displayed exactly as they are used with no types of encryption. The attackers still remain unknown. The incident has been reported the Helsinki Police of Finland. The affected uses are strongly recommended to change their passwords once the website relaunches.

    • 2018-04-10 at 12:41 #29169
      mmuya09
      Participant

      Baltimore 911 Dispatch/CAD system was hacked by unknown hackers over the weekends. The hackers temporarily shut down the system using Ransomware malware, an investigation is currently underway.
      http://www.baltimoresun.com/news/maryland/crime/bs-md-ci-911-hacked-20180327-story.html

    • 2018-04-10 at 00:32 #29161
      henry
      Participant


      Chinese hackers affiliated with South China sea attacked many U.S. companies trying to get the information that would help their government, said one U.S. cybersecurity company, even though no specific source could be pointed out. However, Chinese hackers have been involved in other attacks as well other than this incident. Fred Plan, who is working for a U.S. cybersecurity company believed that these Chinese hackers are working for their government.

    • 2018-04-10 at 00:02 #29160
      henry
      Participant


      A woman was hit and killed by a self-driving Uber’s car. However, Uber claimed that it was more likely the fault of the woman who crossed the road when she could just avoid it. Police are still working on the investigation.

    • 2018-04-09 at 23:41 #29159
      henry
      Participant


      In this article, the development of Chinese to English machine dictionary was a success, said Microsoft. This has been tested and approved that it worked as a person translated the article. Microsoft put this on its website so people can go and test it.

    • 2018-04-09 at 21:18 #29157
      zijad94
      Participant

      https://www.technewsworld.com/story/85258.html

      The attacks have exposed millions of consumer payment cards to fraud. Cyberthieves have used a variety of methods to infiltrate corporate computer systems and resell financial data on the Dark Web.

    • 2018-04-08 at 21:17 #29152
      djones06a
      Participant

      https://thehackernews.com/2018/04/helsingin-uusyrityskeskus-hack.html

      Over 130,000 Finnish citizens have had personal information compromised after a cyber attack on a website maintained by the New Business Center in Helsinki. The compromised data included Usernames and Passwords which were reportedly stored in plain text.

    • 2018-04-07 at 20:02 #29150
      glesher16
      Participant

      https://www.securityweek.com/researchers-link-new-android-backdoor-north-korean-hackers

      A North Korean hacking group that has been named many things such as Reaper, Group 123, Red Eyes, and ScarCruft, has been linked to an Android backdoor. This backdoor, called the KevDroid, can steal contacts, messages, and phone history and is also able to record phone calls.

    • 2018-04-06 at 07:55 #29131
      ttripp07
      Participant

      http://thehill.com/opinion/cybersecurity/381281-bitcoin-tech-could-become-the-future-of-voting

      With all the controversy about illegitimate votes and hacked elections, this article describes what could be the solution to all of this: A voting system that utilizes the same technology as bitcoin, rather than outdated and highly vulnerable methods.

    • 2018-04-06 at 07:55 #29135
      ttripp07
      Participant

      http://thehill.com/opinion/cybersecurity/381281-bitcoin-tech-could-become-the-future-of-voting

      As there has been issues of potential hacking involved with various elections, this article explains a possible solution. This solution involves using the same technology used in bitcoin, which is a much more secure method.

    • 2018-04-06 at 00:45 #29141
      awebb19
      Participant

      https://www.bleepingcomputer.com/news/cryptocurrency/hacker-uses-exploit-to-generate-verge-cryptocurrency-out-of-thin-air/

      A unknown attacker used a bug in the Verge cryptocurreny network to accumulated 15.6 million verge coins in three hours. This is equal to $780,000 in cash. The Verge is working to fix the bug.The news of the attack has led to a drop in the verges exchange rate.

    • 2018-04-06 at 00:38 #29139
      awebb19
      Participant

      https://www.bleepingcomputer.com/news/security/the-whiterose-ransomware-is-decryptable-and-tells-a-strange-story/

      There is a new ransomware called WhiteRose that encrypts all the files on your computer, shows you a story, and gives instructions on how to pay the ransom. The good news is that it is decrypt-able so there is a forum that may be able to help if you are infected. It is not known for sure how the ransomware is being distributed.

    • 2018-04-05 at 23:11 #29138
      dalicaic25
      Participant

      https://www.technewsworld.com/story/85238.html
      The city of Atlanta has made great strives to recover from their most recent ransomware attack that occured a couple weeks ago. Hackers have accessed the governments important files during that week

    • 2018-04-05 at 22:07 #29133
      cspencer25a
      Participant

      https://siliconangle.com/blog/2018/04/05/data-breach-exposes-delta-sears-customers-credit-card-details/

      In this article they speak about a recent breach in security and a data breach that hit two large corporations, Delta Air Lines and Sears. With these attacks the main thing that was targeted was credit card details and other user credentials.

    • 2018-04-05 at 13:59 #29122
      craigbeach
      Participant

      https://www.scmagazine.com/staff-at-northern-ireland-assembly-warned-over-email-breach/article/754924/

      According to Rene Millman of scmagazine.com, staff at the Northern Ireland assembly showed multiple unauthorized login attempts of its IT system. Specifically, hackers attempted to log on staff email accounts using multiple passwords. This is the second time within a year such an occurrence has happened, the other one being on the House of Parliament, according to Tony Pepper. Bill Evans, the senior Director at One Identity stated that the IT team was doing the right thing on addressing the issue by alerting the staff and inspecting the systems. He also suggested that the staff follow a few guidelines to ensure security: multi-factor authentication, management of privileged accounts, and “ensure only the right people have access to the right things at the right time and educate those users”

    • 2018-04-05 at 10:21 #29121
      nd14
      Participant

      https://thehackernews.com/2018/04/android-spying-trojan.html

      New malware on android devices records phone calls and steals private information. The malware is a trojan disguised as an anti-virus called Naver Defender.

    • 2018-04-04 at 20:07 #29115
      rtmoran
      Moderator

      http://thehill.com/blogs/blog-briefing-room/381494-panera-bread-exposed-millions-of-peoples-private-information
      Despite months of advanced warning, Panera Bread exposed millions of customer personal information, including names, emails, physical addresses, birthdays and last four digits of their credit card information.

    • 2018-04-04 at 17:42 #29113
      mark
      Participant

      https://www.theverge.com/2018/3/30/17179328/microsoft-windows-reorganization-future-2018

      This article shows a life beyond windows. It shows the different ways in which Microsoft is expanding and creating more technology to further themselves in the community of technology.

    • 2018-04-04 at 13:31 #29112
      dzemlevich
      Participant

      Microsoft’s updates for a known vulnerability in user’s hardware which allowed attackers access to contents of the user’s kernel memory which contains passwords, encryption keys, etc… may have opened up an even bigger problem.

    • 2018-04-04 at 12:28 #29109
      rileysperati
      Participant

      https://nakedsecurity.sophos.com/2018/04/03/5-million-credit-cards-exposed-in-saks-and-lord-taylor-data-breach/

      This past week there was another breach were many Americans credit card information was stolen and this time Lord and Taylor and 5th avenue were the stores that got hacked. The information was stolen from cards that got swiped instead of using the chip reader. When you use a chip or a pi it is much safer but many stores do not allow this yet.

    • 2018-04-04 at 10:55 #29107
      swoodworth31
      Participant

      https://www.bleepingcomputer.com/news/security/new-michigan-law-makes-possession-of-ransomware-illegal/

      Michigan signed two bills into law that criminalize the possession of ransomware. The punishment is three years in prison.

    • 2018-04-03 at 21:41 #29104
      austinmarino
      Participant

      Another massive leak of confidential information. On a positive note, most of the data stolen is from older cards, which used on the magnetic strip to purchase items. Luckily the new chips and pin transactions avoid this risk and for the most part all card companies use chip now.

    • 2018-04-03 at 10:55 #29046
      mgallimo30
      Participant

      THE UNDER ARMOUR HACK WAS EVEN WORSE THAN IT HAD TO BE
      https://www.wired.com/story/under-armour-myfitnesspal-hack-password-hashing/

      When Under Armour was attacked millions of users information was leaked but thanks to good data protection, only parts were leaked, like usernames and email addresses. Passwords were leaked too some with good encryption, bcrypt, and others with bad encryption, SHA-1.

    • 2018-04-03 at 10:01 #29012
      mgallimo30
      Participant

      GOOGLE BANS ALL CRYPTOMINING EXTENSIONS FROM THE CHROME STORE
      https://www.wired.com/story/google-bans-all-cryptomining-extensions-from-the-chrome-store/

      Google is putting one final stop to all cryptomining extensions both malicious and legitimate. Under there current rules, you can have a mining extension such as long as it’s clear that was it’s functionality.

    • 2018-04-02 at 20:16 #29008
      zijad94
      Participant

      https://www.technewsworld.com/story/85238.html

      Hackers encrypted many of the city government’s vital data and computer systems in Atalanta.
      The hackers demanded that officials pay a ransom of US$51,000 to be sent to a bitcoin wallet.

    • 2018-04-02 at 14:04 #29007
      dzemlevich
      Participant

      https://nakedsecurity.sophos.com/2018/03/29/jaywalkers-to-be-named-shamed-and-fined-thanks-to-facial-recognition/

      Gone are the days of jaywalkers not being held accountable for their actions, China has decided to use facial recognition technology to publicly humiliate anyone who has jaywalked by publicly displaying their faces on large LED screens placed at interactions.

      • This reply was modified 3 years ago by jreade. Reason: Fixed Link
    • 2018-04-02 at 11:57 #29002
      rileysperati
      Participant

      https://nakedsecurity.sophos.com/2018/03/29/facebook-revamps-security-privacy-settings-following-huge-data-scandal/

      After facebooks data scandal they are changing things so it does not happen again. They are creating a new settings menu, new privacy shortcuts, and revised data downloads. With the revised data downloads you will be able to delete old posts that facebook has saved.

    • 2018-04-02 at 10:46 #28994
      djones06a
      Participant

      https://thehackernews.com/2018/04/fastest-dns-service.html

      Mohit Kumar of The Hacker News reported today on Cloudflare’s release of their privacy-first, free to use, DNS resolving services located on the easy to remember ‘1.1.1.1’. It also boasts to be one of the fastest DNS services available to the public.

    • 2018-04-01 at 14:21 #28987
      glesher16
      Participant

      https://www.securityweek.com/20-arrested-italy-and-romania-spear-phishing-scam

      Twenty individuals have been arrested in Italy and Romania for their connection with a 2-year phishing scam investigation. Through this scam, it is estimated that about $1.23 million was handed over to the scammers who sent spear phishing emails (emails that look like the email is coming from a reliable source such as a bank or firm) posing as tax authorities to gain banking credentials.

    • 2018-03-31 at 19:48 #28986
      wpolnak
      Participant

      This article was about a windows update had a huge flaw that lead to an easy way for hackers to access valuable information. I think this plays into how important updates are because no matter how hard they try to protect people, hackers still find a way. And updates are constantly fixing old updates.

    • 2018-03-31 at 19:40 #28985
      wpolnak
      Participant

      I found this article to be very important. It talk about a recent event were a hacker attack the Baltimore 911 dispatch. this is important because this can hurt a lot of people that need to reach the police while someone in trying to pull a stunt.

    • 2018-03-30 at 11:03 #28981
      cspencer25a
      Participant

      https://www.databreachtoday.com/memcached-ddos-attacks-95000-servers-vulnerable-to-abuse-a-10705?es_p=6403954

      With the Memcached servers vulnerable, this makes way for a mass amount of abuse. The concentration of this abuse is in the United States and China, leaving companies and corporations vulnerable to mass DDoS attacks.

    • 2018-03-29 at 21:29 #28977
      rr1315
      Participant

      https://arstechnica.com/gadgets/2018/03/its-not-just-spectre-researchers-reveal-more-branch-prediction-attacks/

      Data is vulnerable to being stolen from internal states of processors. It’s going to be a while before something like this isn’t possible to do.

    • 2018-03-29 at 19:11 #28976
      austinmarino
      Participant

      https://nakedsecurity.sophos.com/2018/03/29/boeing-hit-by-wannacry-reminding-everyone-the-threat-is-still-there/

      Just when we thought the WannaCry ransomware was taken care of…

      • This reply was modified 3 years ago by jreade. Reason: Fixed Link
    • 2018-03-29 at 18:44 #28974
      dalicaic25
      Participant

      https://nypost.com/2018/03/29/cybersecurity-experts-find-massive-flaws-in-grindr/
      Experts of the app world have found out that a app called Grindr which is a gay dating app helped people find another person’s exact location with little to no expert knowledge of a app or a phone which is serious

    • 2018-03-29 at 18:37 #28973
      dalicaic25
      Participant

      https://www.technewsworld.com/story/85187.html

      The united states was on fire from Russia because Russia was acting like they were pretending to be promoting African american businesses and they got caught.

      • This reply was modified 3 years ago by jreade. Reason: Fixed Link
    • 2018-03-29 at 15:41 #28716
      dcopperwheat1
      Participant

      https://www.securityweek.com/3-biggest-malware-trends-watch-2018

      Malware trends of 2018, living off the land aspect shows some problems with IT administrators becoming complacent about unused tools and attackers are utilizing those to hide the infection process.

    • 2018-03-29 at 15:40 #28653
      dzemlevich
      Participant

      https://nakedsecurity.sophos.com/2018/03/06/big-bitcoin-heist-sees-600-icelandic-servers-stolen/

      Around 600 servers being used for bitcoin mining have been stolen, being valued at about 2 million dollars, police are looking for the culprits by keeping an eye out for unusually spiked energy usage across Iceland.

      • This reply was modified 3 years ago by CSIACAdmin.
      • This reply was modified 3 years ago by CSIACAdmin.
    • 2018-03-29 at 13:38 #28940
      ttripp07
      Participant

      https://www.securityweek.com/big-business-bad-bots

      It is no surprise that people are using bots for evil, but the number of them is what shocks me. The most surprising part is the ratio of bot to human traffic on the internet. We clearly need to do something, but if we were to, how can we filter out good bots from bad bots? There may not even be an answer.

    • 2018-03-29 at 11:44 #28938
      nrea13
      Participant

      https://www.securityweek.com/crypto-mining-rampant-higher-education

      This article reveals how rampant crypto-mining has become in higher forms of education, compared to other sectors like health-care or government. Higher education has more low risk threats within their overall threats, which are related to crypto-mining. Targeting education are a popular target because student’s are not considered employees compared to the business world and generally are more bound to bring security threats and outside information from third parties which why so many threat are happening within this sector.

    • 2018-03-29 at 10:30 #28934
      craigbeach
      Participant

      https://www.usnews.com/news/politics/articles/2018-03-08/report-little-progress-on-voting-security-ahead-of-2018-us-congressional-elections

      Recall from one of my previous posts, the voting system of the United States is vulnerable in terms of Cyber-attacks. According to usnews.com, the United States has taken miniscule action in order to increase the security of our voting systems. According to a report from the Brennan Center for Justice – a “division of the New York University School of Law focused on democracy and justice issues” 41 out of 50 states have voting systems that are at least 10 years old, only three states since 2016 have revoked their voting systems. It is estimated that in 2018 and for at least the near future, 43 states will use voting systems that are discontinued/no longer manufactured, which imposes major security risks to these states.

    • 2018-03-29 at 09:01 #28932
      mmuya09
      Participant

      I chose this article because it really interest me & because I have an iPhone:Law Enforcement Claim they can bypass & unlock any iPhone model on the market.

      https://www.forbes.com/sites/thomasbrewster/2018/02/26/government-can-access-any-apple-iphone-cellebrite/#1e122bd3667a

    • 2018-03-29 at 08:13 #28927
      rtmoran
      Moderator

      https://arstechnica.com/information-technology/2018/03/facebook-scraped-call-text-message-data-for-years-from-android-phones/?utm_source=newsletter&utm_medium=email&utm_campaign=newsletter_axiosam&stream=top-stories

      It has been revealed that, if not explicitly forbidden, Facebook has been collecting call and SMS metadata on Android users for years. While scanning through an archive facebook had collected of him, a New Zealand man, Dylan McKay had discovered nearly two years’ worth of phone call and SMS metadata from his Android phone residing within.

    • 2018-03-27 at 18:02 #28919
      nd14
      Participant

      https://www.securityweek.com/mozilla-isolates-facebook-new-firefox-extension

      A new extension for Firefox isolates Facebook reducing its ability to track activity on other websites

    • 2018-03-27 at 14:23 #28918
      mark
      Participant

      https://www.theverge.com/circuitbreaker/2018/3/23/17155586/apple-foldable-iphone-oled-lg-screen-2020

      Apple may have a new phone soon that revolutionizes how we use our mobile devices. Bendable phones that may never break, get scratched, and full waterproof.

      • This reply was modified 3 years ago by jreade. Reason: Fixed Link
    • 2018-03-27 at 14:18 #28917
      mark
      Participant

      https://www.theverge.com/2018/3/22/17153050/walmart-patents-drone-shopping-assistants-smart-shopping-carts
      This article shows the future of shopping for all Americans when it comes to shopping at Walmart. Walmart is bringing smart carts that work with your phones to communicate. Also they have come up with ways to manage inventory using robotics.

      • This reply was modified 3 years ago by jreade. Reason: Fixed Link
    • 2018-03-27 at 12:42 #28913
      swoodworth31
      Participant

      https://www.bleepingcomputer.com/news/security/goscanssh-malware-avoids-government-and-military-servers/

      Experts have found a new strain of malware that does its best to avoid military and government websites.

    • 2018-03-27 at 11:00 #28911
      craigbeach
      Participant

      https://www.securityweek.com/ransomware-hits-city-atlanta

      A possible variant of the “SamSam” ransomware has hit several “customer-facing applications” and some “internal services” in the city of Atlanta, according to securityweek.com. SamSam his hit two healthcare organizations this year. Atlanta’s Police department, water services, and airport(s) were left unaffected. Although, the affected services were demanded to pay in bitcoin, $6,800 for each system, or $51,000 to recover every system. Since Jan 27, the same hacker(s) account has collected $590,000. Mayor Keisha Bottoms suggests that customers and staff should monitor their bank accounts, and more importantly, secure them.

    • 2018-03-26 at 21:44 #28907
      zijad94
      Participant

      https://thehackernews.com/2018/03/carbanak-russian-hacker.html

      Spanish Police has arrested the alleged leader of an organised Russian cyber-crime gang behind the Carbanak and Cobalt malware attacks, which stole over a billion euros from banks worldwide since 2013.

    • 2018-03-25 at 13:50 #28901
      djones06a
      Participant

      https://thehackernews.com/2018/03/amd-processor-hacking.html

      Previously announced CPU vulnerabilities for AMD’s RYZEN and EPYC series processors by CTS-Labs researchers have now been confirmed by AMD and steps are being taken to supply patches and updates to those effected by the aforementioned vulnerabilities.

      However there has been controversy surrounding the way in which CTS-Labs disclosed information about the vulnerabilities to the public only shortly after informing AMD of such issues.

    • 2018-03-24 at 19:12 #28899
      zijad94
      Participant

      https://www.scmagazine.com/trickbot-banking-malware-has-new-trick-up-its-sleeve/article/753255/

      Security reserachers have discovered that the Trickbot malware has been updated with you capabilities to evade detection and lock victim’s computers.

    • 2018-03-23 at 15:38 #28896
      smiles13
      Participant

      More developing news on the supposed hacker who began releasing the democratic committees documents. Following a mistake in forgetting to use a VPN sources were able to track the IP back into Moscow, Russia.

    • 2018-03-23 at 15:28 #28895
      smiles13
      Participant

      Atlanta city government is hit with ransomware attack. Currently demanding a payment of $6,800 to unlock each computer or $51,000 for provision of all keys.

    • 2018-03-23 at 02:15 #28881
      tcornish13
      Participant

      https://www.theverge.com/2018/3/21/17146764/venezuela-petro-cryptocurrency-russia

      Venezuela’s crytocurrency has been supported by Russia since 2017, and has been used as a way to overcome US sanctions.

    • 2018-03-22 at 23:08 #28879
      awebb19
      Participant

      https://www.theverge.com/2018/3/21/17147652/netflix-bug-bounty-program-15000

      Netflix has opened a bug bounty program to the public. The maximum payout is 15,000 if you are able to find any security bugs and point them out to the company. Samsung and Microsoft currently offer a similar program but with much higher payouts because the security risk to them is much higher than netflix.

    • 2018-03-22 at 21:32 #28876
      mgallimo30
      Participant

      Chinese Crooks Assembling Massive Botnet of Nearly 5 Million Android Devices
      https://www.bleepingcomputer.com/news/security/chinese-crooks-assembling-massive-botnet-of-nearly-5-million-android-devices/

      RottenSys has now infected almost 5 million android devices. The adware has taken on a deadly mutation allowing it to now be used as a botnet.

    • 2018-03-22 at 20:55 #28874
      rr1315
      Participant

      https://arstechnica.com/gadgets/2018/03/windows-server-2019-coming-later-this-year-out-now-in-preview/
      A new Windows Server release is coming, called “Windows Server 2019.” The future is now.

    • 2018-03-22 at 20:45 #28870
      cspencer25a
      Participant

      https://www.cso.com.au/article/635086/google-boosts-gmail-anti-phishing-defenses-tackle-bec-fraud/

      Google has implemented a new defense against phishing attacks. This new model is aimed at businesses and to help prevent business email compromise (BEC) fraud.

    • 2018-03-22 at 20:42 #28869
      dzemlevich
      Participant

      https://www.bleepingcomputer.com/news/security/city-of-atlanta-it-systems-hit-by-samsam-ransomware/

      Ransomware is normally known to perpetually block access to a user’s data until the demanded money is transferred, well instead of individual users, there is a case in the city of Atlanta involving several local government systems being currently down due to a reported ransomware infection.

      • This reply was modified 3 years ago by jreade. Reason: Fixed Link
    • 2018-03-22 at 20:11 #28867
      ttripp07
      Participant

      https://www.scmagazine.com/hackers-exploit-old-flaw-to-turn-linux-servers-into-cryptocurrency-miners/article/753144/

      We’ve heard many stories about cryptojackers attacking phones and Windows machines, but it now appears that even Linux servers are being targeted. The exploit used is only possible on dated versions of Linux operating systems, but this shows how important it is to keep even Linux machines up to date.

    • 2018-03-22 at 12:09 #28758
      swoodworth31
      Participant

      https://www.bleepingcomputer.com/news/security/ddos-attacks-are-10-per-hour-on-the-dark-web/

      A U.S. security firm has found the prices of many items on the Dark Web have increased slightly since 2015. A DDoS attack for an hour is $10, and North American documents cost more than other regions.

    • 2018-03-22 at 11:58 #28756
      glesher16
      Participant

      https://www.securityweek.com/netflix-launches-public-bug-bounty-program

      Netflix is now using the Bugcrowd platform to give people money rewards of $100 – $15,000 for finding bugs and vulnerabilities in their services. To date, more than $200,000 has been reward to numerous white hat hackers and researchers and over 220 vulnerabilities have been patched.

    • 2018-03-22 at 11:54 #28753
      rileysperati
      Participant

      https://nakedsecurity.sophos.com/2018/03/22/how-siri-leaks-your-private-iphone-messages-and-how-to-stop-her/

      Millions of people have iPhones and on all iPhones, Siri is connected. Siri is leaking the private information of their users, but this can be stopped if the iPhone users change their settings.

    • 2018-03-22 at 10:49 #28750
      mmuya09
      Participant

      this article is interesting to me because, the USA in accusing Russia for cyber attacks that can shut down power plants in the US and in Europe at anytime. they believe that Russia was doing this to prove that they can shut down the other nations power in a time of war or conflict

      https://www.nytimes.com/2018/03/15/us/politics/russia-cyberattacks.html

    • 2018-03-22 at 08:08 #28746
      loper
      Participant

      https://www.kali.org/news/kali-linux-in-the-windows-app-store/

      he windows app store now has Kali Linux available for download. While it does have drawback to run it natively on a windows machine, it is now installable through 1 click.

    • 2018-03-22 at 00:13 #28747
      rtmoran
      Moderator

      http://securityaffairs.co/wordpress/70468/data-breach/frost-bank-security-breach.html
      Suffering a major data breach, Frost Bank announced Friday, March 16 that a third-party lockbox software program the company uses was compromised, exposing check images which could be used to forge customer checks in the future.

    • 2018-03-21 at 18:01 #28742
      nd14
      Participant

      https://thehackernews.com/2018/03/expedia-data-breach.html

      The credit card information of over 800,000 users may have been stolen from the orbitz website

    • 2018-03-21 at 14:16 #28738
      austinmarino
      Participant

      https://nakedsecurity.sophos.com/2018/03/21/bomb-hoax-sent-to-400-schools-blamed-on-warring-minecraft-gamers/

      This article discusses the on going trend of bomb/shooting threats at schools. Regardless if it is a joke between friends on the internet, it is not taken lightly and be labeled as a cyber crime. Maybe people should start thinking before acting. Over 400 different schools were threatened because of childish behavior.

      • This reply was modified 3 years ago by jreade. Reason: Fixed Link
    • 2018-03-21 at 10:27 #28737
      mark
      Participant

      https://www.theverge.com/2018/3/20/17144482/orbitz-data-breach-credit-cards

      This article warns those who use the traveling website Orbitz not to use it at this time. They were basically hacked and data of everyone’s credit card information can possibly be stolen due to the data breach.

      • This reply was modified 3 years ago by jreade. Reason: Fixed Link
    • 2018-03-20 at 15:06 #28734
      wpolnak
      Participant

      I found this article to be interesting because so often people will click on anything when they search for something. This article talks about a fake amazon website that win appear at the top of your searches and if clicked on can infect your computer.

    • 2018-03-20 at 14:54 #28733
      wpolnak
      Participant

      I thought this article was very interesting because it really shows how careful you need to be when it comes to saving passwords. It talks about how even a well known website like Firefox has its own security flaws.

    • 2018-03-20 at 01:18 #28725
      dcopperwheat1
      Participant

      https://www.securityweek.com/rise-ics-malware-how-industrial-security-threats-are-becoming-more-surgical

      Nice history and perspective on Industrial control system attacks.

    • 2018-03-20 at 01:06 #28723
      corycl4
      Participant

      Scientist from Japan use AI to read minds, Computers able to see what your thinking. So basically how MRI’s work and when they look at your brain scans but now going a bit more in depth. So these machines are able to pick up and see like colors to a letter. Now by scanning your brain activity , recognizing different shapes they can see more in depth objects like animas and some parts of scenery can be lined. This can all be seen by computers of what your brain is visualizing, simultaneously .

      http://www.alphr.com/technology/1008140/japanese-scientists-just-created-an-ai-that-can-read-human-minds

    • 2018-03-20 at 01:05 #28720
      corycl4
      Participant

      Chrome recent has a new feature for security that acknowledges if you’re the right user. It recognizes this by the way you put in your credentials. So almost like a key logger but for a positive use. So it keeps track of the time it takes for you to type in one key after the next.
      https://nakedsecurity.sophos.com/2018/03/16/the-chrome-extension-that-knows-its-you-by-the-way-you-type/

    • 2018-03-20 at 01:03 #28718
      corycl4
      Participant

      The smart phone company blackberry teams up with Microsoft and utilizing their app office 365. This mere has been brought about to combine both companies users as well for other companies that use their services, in providing extra level security as well as everything both of the companies already offer. So in all growing their user base even farther.
      https://www.geekwire.com/2018/microsoft-partners-blackberry-integrate-office-365-secure-mobile-app-technology/

    • 2018-03-20 at 00:31 #28715
      dcopperwheat1
      Participant

      https://www.securityweek.com/why-do-vast-majority-applications-still-not-undergo-security-testing

      Great article about an ongoing problem with the app market. Poor coding practices and lack of good foundation is leading to a flood of attacks over the last year.

    • 2018-03-12 at 16:08 #28679
      djones06a
      Participant

      https://thehackernews.com/2018/03/air-gap-computer-hacking.html

      Using malware nicknamed MOSQUITO researchers were able to use ultrasonic waves emitted by speakers and/or headphones to transmit data from one air-gapped computer to another air-gapped computer.

    • 2018-03-11 at 10:50 #28659
      mgallimo30
      Participant

      The Leaked NSA Spy Tool That Hacked the World
      https://www.wired.com/story/eternalblue-leaked-nsa-spy-tool-hacked-world/

      Almost a year ago now the NSA tool Eternalblue is still running rampid around the world. Despite Microsoft releasing a patch for systems as far back as windows XP and Server 2003.

    • 2018-03-08 at 22:40 #28654
      tcornish13
      Participant

      https://www.securityweek.com/cortana-can-expose-enterprises-attacks-researchers-warn

      Microsoft have discovered a way to use voice commands as a way to use a computers browser without having to have access/bypass any locked machine.

    • 2018-03-08 at 19:24 #28651
      austinmarino
      Participant

      https://nakedsecurity.sophos.com/2018/03/08/spyware-maker-shuts-down-surveillance-services-after-hacks/

      This article talks about a company that has been hacked repeatedly since 2017 and finally calls it quits. Its quite funny and frustrating but if you visit their website and read the notice they have in bold red across their headline you’ll get a feel for how much this company has gotten attacked.

      http://www.retinax.com/

      • This reply was modified 3 years ago by jreade. Reason: Fixed Links
    • 2018-03-08 at 18:10 #28641
      glesher16
      Participant

      https://www.securityweek.com/microsoft-detects-massive-dofoil-attack

      On Tuesday, March 6th, Microsoft’s anti-malware utility Windows Defender denied 80,000 separate cases of Dofoil (crypto-mining malware) malware. Versions of Windows that were protected include Windows 10, 8.1, and 7.

    • 2018-03-08 at 14:21 #28639
      cspencer25a
      Participant

      https://thehackernews.com/2018/03/prevent-memcached-ddos.html

      This article reads about what security researchers have been developing on the threat that is the Memcached server attacks. A kill switch has been discovered that could potentially help prevent DDoS attacks on large organizations. With the reoccurring threat, this makes some of the more damaging DDoS attacks less threatening to the civilian and business population alike.

    • 2018-03-08 at 06:44 #28611
      rtmoran
      Moderator

      https://www.kali.org/news/kali-linux-in-the-windows-app-store/

      Kali Linux is now available in the Windows App Store.
      Using the Windows Subsystem for Linux (WSL), users are now able to download and install Kali Linux through the Windows App Store. Kali is accessible to desktop users by Power Shell command line or by GUI desktop manager, such as, XFCE, via remote desktop.

    • 2018-03-07 at 23:58 #28621
      henry
      Participant

      https://www.bleepingcomputer.com/news/security/microsoft-updates-guideline-on-windows-driver-security/
      Microsoft has launched the instructions about how to safely secure Windows drivers. Drivers are very significant because most attackers aim to attack these parts to gain access.

    • 2018-03-07 at 23:34 #28620
      henry
      Participant

      http://money.cnn.com/2018/02/14/technology/huawei-intelligence-chiefs/
      In this article, FBI made an alert to the people in the U.S. to not buy smartphones made in China called Huawei. These smartphones are known to be stealing information and creating online threats even though Hwawei itself claimed that they have no intention to do such things like that.

    • 2018-03-07 at 22:45 #28618
      nrea13
      Participant

      https://www.securityweek.com/chrome-65-patches-45-vulnerabilities

      Google’s newest patch included many patches from it’s previous versions but also adds a bit more bugs, including 27 vulnerabilities with 9 being security rated as a High risk, 15 being considered Medium risk, and 3 rated Low.

    • 2018-03-07 at 19:53 #28616
      zijad94
      Participant

      https://www.technewsworld.com/story/85184.html

      The agreement aims to create smart camera standards and to develop a shared cloud infrastructure. Cameras with NICE specifications would store images and video in the cloud, with NICE handling standardized encryption and AI processing for object recognition.

    • 2018-03-07 at 19:50 #28614
      ttripp07
      Participant

      https://www.securityweek.com/triada-trojan-pre-installed-low-cost-android-smartphones

      This article is about a trojan that is pre-installed on some low-budget android smartphones. This is incredibly dangerous as many people buy phones just for the sake of having a number to be contacted from, which makes these phones appealing to those who don’t care about getting much else out of their phones. These people are unlikely to have any idea of such malware existing.

    • 2018-03-07 at 19:22 #28612
      nd14
      Participant

      https://www.technewsworld.com/story/85094.html

      SentinelOne has released a free, but not opensource, tool for linux systems to monitor meltdown attacks

    • 2018-03-07 at 16:06 #28609
      awebb19
      Participant

      https://www.scmagazine.com/millennial-habits-may-bring-an-end-to-the-password-era/article/746144/

      Millennials are changing the way future authentication may be done. Millennials prefer convenience over security. More millennials are comfortable with other forms of authentication such as biometrics. Because of millennials relax attitude toward passwords and creating passwords this could be how we authenticate in the future.

    • 2018-03-07 at 12:26 #28604
      rileysperati
      Participant

      https://nakedsecurity.sophos.com/2018/03/05/worlds-largest-ddos-attack-thwarted-in-minutes/

      Last week the largest DDoS attack hit GitHub but the defense against this attack was successful. The attack only lasted nine minutes and appeared to be a ransom attack.

    • 2018-03-06 at 19:58 #28599
      swoodworth31
      Participant

      https://www.bleepingcomputer.com/news/security/new-ddos-record-is-now-17-tbps/

      Days after GitHub was hit with a 1.3 Tbps DDoS attack, a new record for the largest DDoS attack was set at 1.7 Tbps on a US service provider. DDoS attacks are estimated to reach 2 Tbps in the near future.

      • 2018-03-07 at 10:49 #28603
        plosiewicz
        Moderator

        You beat me to it. New Memcache record DDS.

    • 2018-03-05 at 22:51 #28576
      mgallimo30
      Participant

      GITHUB SURVIVED THE BIGGEST DDOS ATTACK EVER RECORDED
      https://www.wired.com/story/github-ddos-memcached/

      Github was the recent victim of a DDoS of historic proportions. It it’s peak the attack was generating 1.35 TB of data with out using a botnet.

    • 2018-03-04 at 16:56 #27733
      djones06a
      Participant

      https://thehackernews.com/2018/03/biggest-ddos-attack-github.html

      Github was hit with one of the largest DDoS attacks on public record on February 28th. At its peak Github’s servers were receiving 1.35Tbps. The effect of this attack was reported to have been amplified by misconfigured Memcached servers.

      On a lighter note:
      https://www.nbcnews.com/tech/tech-news/girl-scouts-fight-cybercrime-new-cybersecurity-badge-n852971

      Girl Scouts of the USA will be adding a Cybersecurity Badge. This will likely result in more young people taking an interest in Cybersecurity and other STEM sectors. As such we may see an influx of women working in varying tech fields in the years to come.

    • 2018-03-04 at 07:06 #27729
      jgray18b
      Participant

      https://www.scmagazine.com/if-ransom-paid-in-bitcoin-cash-dont-expect-to-get-files-back/article/747460/

      A ransomware named Thanatos is new to the scene and demands payments for unrecoverable files in the form of Bitcoin Cash. It encrypts a user’s files with a key, not saving said key, making it increasingly difficult to crack, and then claim that only they have the decode tool to decrypt it.

    • 2018-03-02 at 10:04 #27715
      austinmarino
      Participant

      https://nakedsecurity.sophos.com/2018/03/01/equifax-finds-another-2-4-million-americans-hit-by-breach/

      This article discusses some details about a massive security breach that happened. A lot of confidential information had been stolen from Americans.

      • This reply was modified 3 years ago by jreade. Reason: Fixed Link
    • 2018-03-02 at 03:25 #27714
      smiles13
      Participant

      After the cyber-attack of the 2018 Winter Olympic games it is believed that Russia was ultimately behind the attacks. Using a variety of methods to mask who actually initiated and carried out the attacks.

    • 2018-03-02 at 03:07 #27713
      smiles13
      Participant

      Using a vulnerability in rTorrent an attack has those infected (with Unix systems) installing cryptocurrency applications and mining Monero. So far the Profit is estimated at $43 a day with more expected growth, where the total estimated profit so far has been $3,900

    • 2018-03-01 at 22:28 #27711
      tcornish13
      Participant

      https://blog.avast.com/mobile-security-and-new-data-on-risk-of-banking-trojans

      Avast and a collaboration of other teams found that it is becoming increasingly difficult to tell if an app is real or fake.

    • 2018-03-01 at 19:55 #27709
      rr1315
      Participant

      https://arstechnica.com/gadgets/2018/03/microsoft-will-soon-start-shipping-the-intel-spectre-microcode-fixes/

      Microsoft is partnering with Intel and AMD to roll out CPU firmware updates. It’s called for, but rare is it not, that firmware gets updated? This to address the “Spectre variant 2” attack.

    • 2018-03-01 at 16:29 #27708
      craigbeach
      Participant

      https://threatpost.com/fbi-warns-of-spike-in-w-2-phishing-campaigns/130057/

      – According to the Federal Bureau of Investigation (FBI), there has been a large spike in W-2 phishing campaigns. Hackers tampering with W-2 forms puts victims’ privacy and personal information in jeopardy. In 2016, there were just over 100 cases of W-2 phishing. In 2017 there were over 900 according to the IRS. To extend the case further, over 200 employers were “victimized”, which potentially put hundreds of thousands of employees’ personal information and identities up for grabs for hackers.

      • This reply was modified 3 years ago by jreade. Reason: Fixed Link
    • 2018-03-01 at 16:13 #27707
      craigbeach
      Participant

      https://www.securitymagazine.com/articles/88786-ransomware-as-a-service-hackers-big-business

      – A new trend for Cyber Security Criminals, Ransomware is a malicious software intended to lock a victim out of their computer files who is them prompted to pay a ransom to have their files unlocked by the hacker. If the ransom is not paid by the victim, the hacker can keep the files locked indefinitely. According to Security Magazine, a total of $25 million in ransoms were paid to Cyber hackers in the last two years. The standards for learning how to use Ransomware is seldom. Any person who has a basic knowledge of computer technology, can buy instructions on the Dark Web on how to inflict ransomware tactics on victims for only $39 according to Security Magazine.

      • This reply was modified 3 years ago by jreade. Reason: Fixed Link
    • 2018-03-01 at 11:29 #27393
      cspencer25a
      Participant

      https://hackaday.com/2018/03/01/memcached-servers-abused-for-ddos-attacks/

      This article explains how Memcached servers are being used for Distributive Denial of Service attacks across the nation. There has been an increase in DDoS attacks within the past month, and there is a potential threat in these attacks worsening since Memcached servers are gaining popularity. This can lead to a massive DDoS, and wide-ranging attacks across the country.

      • 2018-03-01 at 14:53 #27704
        plosiewicz
        Moderator

        The original Cloudflare article should be consifdered as well:

        https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/

    • 2018-03-01 at 10:36 #27338
      craigbeach
      Participant

      https://www.usnews.com/news/best-states/articles/2018-02-12/state-voting-systems-remain-vulnerable-to-hackers-ahead-of-midterm-elections-report-reveals

      – According to United States News (US News), there are several vulnerabilities that could allow hackers to alter votes and vote count. In the 2016 election, several different hackers actually attempted to hack into 21 states’ voting systems and was successful with tampering with the voting system of Illinois. In fact, states are rated on how well they protect their elections from cyber attacks and machine malfunction. 23 states received a ‘C’, while 17 more received a ‘D’ or an ‘F’. States are working to re-stabilize this massive issue.

    • 2018-03-01 at 09:56 #26623
      rtmoran
      Moderator

      https://www.darkreading.com/mobile/new-android-malware-family-highlights-evolving-mobile-threat-capabilities/d/d-id/1331159

      New mobile threat, RedDrop is making rounds among infected Android devices. Found within seemingly benign applications, RedDrop, once installed begins downloading at least seven more APKs embedded into the memory; each with their own malicious intent. Infected devices will begin uploading personal data to remote servers as well as SMS messaging a premium service while immediately deleting evidence – at high cost to the victim.

    • 2018-03-01 at 00:36 #26627
      nrea13
      Participant

      https://nakedsecurity.sophos.com/2018/02/27/unsecured-aws-led-to-cryptojacking-attack-on-la-times/

      An interactive map within the LA Time’s website left in an unsecured state let cryptojackers to install foreign software to crypt currency with their hardware. They eventually fixed the problem and not much damage had been left but it goes to show if something like that could happen again and eventually be exploited into malicious use widespread.

    • 2018-02-28 at 20:46 #26624
      ttripp07
      Participant

      https://www.bleepingcomputer.com/news/security/the-rig-exploit-kit-has-forsaken-ransomware-for-coinminers/

      This article explains the change in the trend of how those with malicious intentions plan to exploit users. In the case of this Exploit Kit, the focus has shifted from delivering ransomware to delivering cryptocurrency miners and information-stealing trojans in order to obtain their “easy money.” I find it surprising how much effort criminals put into discovering new methods of earning money in such nefarious ways rather than legitimate means. Is the effort really worth the risk?

    • 2018-02-28 at 14:16 #25398
      dzemlevich
      Participant

      https://nakedsecurity.sophos.com/2018/02/26/insecure-cctv-feeds-of-kids-at-school-are-being-streamed-live-online

      Cameras installed in UK schools by third parties and most likely not changing the default password leads to insecure CCTV feeds of students all over the school district.

    • 2018-02-28 at 10:55 #25090
      rileysperati
      Participant

      https://nakedsecurity.sophos.com/2018/02/28/making-private-browsing-more-private/

      Browsing on the internet is not private and can be easily traced back to the user. A new server called Veil does not allow your privacy to be broken. Currently, this is only a prototype.

    • 2018-02-27 at 21:55 #24642
      glesher16
      Participant

      https://www.securityweek.com/samsung-smartphones-get-encrypted-communications

      KoolSpan, a software company based out of Maryland, now has a partnership with tech giant Samsung to provide encryption for communication across their cellphones. This partnership is to help stop the problem of rising attacks on mobile devices.

    • 2018-02-27 at 20:17 #24638
      awebb19
      Participant

      https://www.bleepingcomputer.com/news/security/microsoft-updates-guideline-on-windows-driver-security/

      Microsoft has released a new guide on driver security. It includes things like a security checklist, driver threat modeling, and many other things. This is important because drivers are a crucial attack surface to all operating systems.

      • This reply was modified 3 years, 1 month ago by awebb19.
    • 2018-02-27 at 19:05 #24636
      swoodworth31
      Participant

      https://www.bleepingcomputer.com/news/security/new-reddrop-android-spyware-records-nearby-audio/

      New Android malware steals phone data like files, photos, and contacts, and can even record nearby audio. The goal of the malware is to subscribe the user to premium SMS services.

    • 2018-02-27 at 13:01 #23605
      mmuya09
      Participant

      This is interesting because an Apple Mac Malware(Coldroot) goes undetected/unnoticed for 2 years ( Malware can remotely take command of defensless computer and steal information like passwords) http://www.zdnet.com/article/coldroot-nasty-mac-trojan-went-undetected-for-years/

    • 2018-02-27 at 11:52 #23601
      plosiewicz
      Moderator

      Great resource on Quantum Crypto from NIST:

      https://csrc.nist.gov/publications/detail/itl-bulletin/2018/02/securing-information-through-post-quantum-cryptography/final

    • 2018-02-27 at 02:55 #23599
      mark
      Participant

      https://www.theverge.com/2018/2/26/17052802/apple-icloud-encryption-keys-storage-china

      This article shows why people are worried about security because Apple is letting China store some Apple iCloud encryption’s.

    • 2018-02-26 at 22:03 #23596
      nd14
      Participant

      https://threatpost.com/fbi-warns-of-spike-in-w-2-phishing-campaigns/130057/

      The FBI warns of phishing during the tax season

    • 2018-02-26 at 21:27 #23593
      zijad94
      Participant

      https://threatpost.com/revamp-of-pwned-passwords-boosts-privacy-and-size-of-database/130082/

      The idea behind Pwned Passwords is to help organizations avoid using passwords that have previously appeared in a data breach or have been otherwise compromised in the past.

    • 2018-02-26 at 21:24 #23591
      zijad94
      Participant

      https://www.technewsworld.com/story/85155.html

      AI challenges global security because it lowers the cost of conducting many existing attacks, creates new threats and vulnerabilities, and further complicates the attribution of specific attacks. Given the changes to the threat landscape that AI seems to bring, the report makes some high-level recommendations that companies, research organizations, individual practitioners, and governments can take to ensure a safer world.

    • 2018-02-26 at 13:16 #23586
      plosiewicz
      Moderator

      Serious quantum computers are finally here. What are we going to do with them?
      https://www.technologyreview.com/s/610250/hello-quantum-world/

    • 2018-02-26 at 13:13 #23584
      plosiewicz
      Moderator

      https://spectrum.ieee.org/nanoclast/semiconductors/devices/memtransistor-forms-foundational-circuit-element-to-neuromorphic-computing

      ‘Memtransistor’ Forms Foundational Circuit Element to Neuromorphic Computing
      Combining characteristics of a memristor with a transistor mimics the multiple synapses of neurons

    • 2018-02-26 at 13:10 #23581
      plosiewicz
      Moderator

      http://newscenter.lbl.gov/2018/02/21/new-berkeley-lab-algorithms-create-minimalist-machine-learning-that-analyzes-images-from-very-little-information/

      Berkeley Lab ‘Minimalist Machine Learning’ Algorithms Analyze Images From Very Little Data
      CAMERA researchers develop highly efficient convolution neural networks tailored for analyzing experimental scientific images from limited training data

    • 2018-02-26 at 13:07 #23579
      plosiewicz
      Moderator

      https://www.disa.mil/NewsandEvents/2018/SPIRNet-migration

      DISA modernizes SIPRNet delivery, increases mission partner savings

      The Defense Information Systems Agency (DISA) recently completed the Secret Internet Protocol Router Network (SIPRNet) Access Migration Project to improve and modernize the way mission partners connect to the SIPRNet and deliver cost reductions.

      The project evolved the network from a point-to-point network to a virtual network, and increased the bandwidth capacity from 1G to 10G. It also reduced the size of the network, resulting in increased network efficiency, increased capacity, and improved survivability.

    • 2018-02-26 at 09:27 #23569
      mynameistrevor
      Participant

      https://www.scmagazine.com/private-chats-and-user-accounts-could-be-exposed-by-tinder-security-bug/article/746145/

      A program that let users link their facebook account to their tinder account has left attackers able to get into random tinder accounts with just a phone number or username. They did this by compromising “access tokens” from the users’ cookies.

    • 2018-02-25 at 18:50 #23571
      djones06a
      Participant

      https://threatpost.com/fbi-warns-of-spike-in-w-2-phishing-campaigns/130057/

      With tax season currently underway the FBI and IRS once again warn of a potential rise in Tax/W-2 related phishing schemes.

    • 2018-02-23 at 02:45 #23555
      pjsnell25
      Participant

      https://www.technewsworld.com/story/85126.html

      iOS boot loader code was leaked earlier this week which deals a major blow to the security of iOS devices despite being an older version. This released code could aid hackers in jail breaking newer versions of iOS.

    • 2018-02-22 at 23:46 #23554
      corycl4
      Participant

      https://nakedsecurity.sophos.com/2018/02/22/another-baby-monitor-is-allowing-strangers-to-spy-on-children/

      Recently an Austrian based Cybersecurity company reported that the MiSafes Mi-Cam for baby monitors can be easily hacked. All that is required for the hacker to do is change the request of the HTTP. One thing that can happen as a result of this, is to allow the hacker hear what is going on in the baby’s room. How they are able to do that is once the HTTP is changed they are able to get access to different accounts that are paired with the cameras. Additionally, the cameras are known to have outdated software susceptible to vulnerabilities.

      • This reply was modified 3 years ago by jreade. Reason: Fixed Link
    • 2018-02-22 at 22:21 #23551
      austinmarino
      Participant

      https://nakedsecurity.sophos.com/2018/02/22/another-baby-monitor-is-allowing-strangers-to-spy-on-children/

      Pretty disturbing to think that people are hacking into these webcams to lurk around and watch kids… These are being hacked through cloud server usernames, allowing the hacker to utilize this information to track attached devices.

    • 2018-02-22 at 21:50 #23549
      tcornish13
      Participant

      https://www.theverge.com/2018/2/22/17042544/tor-director-shari-steele-steps-down

      The current director of the Tor Project has announced her resignation.

    • 2018-02-22 at 21:44 #23547
      tcornish13
      Participant

      https://www.theverge.com/2018/2/21/17036514/tinder-vulnerability-account-takeover-accountkit-login

      Researchers recently published their findings that allowed tinder accounts to be taken over with just the phone number of the account owner needed.

    • 2018-02-22 at 21:18 #23545
      jgray18b
      Participant

      https://www.scmagazine.com/tempted-cedar-spyware-spread-in-fake-kik-messenger-app/article/746148/

      A type of spyware dubbed “Tempted Cedar Spyware” is being downloaded by users attempting to download the Kik messenger app. This spyware has been designed to steal a user’s information, once they have access; such as, device information and photos. They used fake Facebook profiles to attract people into downloading this Kik app from a 3rd part source.

    • 2018-02-22 at 19:03 #23543
      nd14
      Participant

      Downloadable content for Microsoft flight simulator came with embedded malware
      https://web.archive.org/web/20180220010608/https://www.pcgamer.com/flight-simulator-expansion-installed-password-stealing-malware-as-drm/

    • 2018-02-22 at 17:28 #23540
      majdacivic27
      Participant

      https://nakedsecurity.sophos.com/2018/02/22/how-one-guy-could-have-taken-over-any-tinder-account-but-didnt/

      If you had a working phone connected to Account Kits along with an active Tinder account Prakash could easily hack into your account with access to all information. Tinder is not the only thing he would be able to access it could be things such as Facebook also. Both of these sites are frequently used by many people.

    • 2018-02-21 at 23:05 #23532
      aaung01
      Participant

      In our society no one can deny that Google is the leader when there the time to provide information to people. Almost all of technology tools being inventing somehow using google service. Even, today’s hot webcam like, “Nest Cam IQ” can support a lot like a smart camera for smart people. However, its price is not cheap.

      https://arstechnica.com/gadgets/2018/02/nest-cam-iq-gets-ok-google-support-lower-monthly-fee/

    • 2018-02-21 at 22:40 #23531
      aaung01
      Participant

      Keeping Companies’ important data is important and very complex. However, most companies somehow spend much more money for online cloud storage. But, at the same time, what we suppose to ask a clear question to ourselves is, is the online cloud, what we had paid for to protect ours’ information really secure enough? What about if not and or leaking or stolen by hackers?

      https://www.scmagazine.com/enterprise-needs-right-architecture-to-secure-public-cloud/article/742251/

      • This reply was modified 3 years, 1 month ago by jreade. Reason: Edited Link
      • This reply was modified 3 years, 1 month ago by jreade.
      • This reply was modified 3 years ago by jreade.
    • 2018-02-21 at 20:32 #23529
      mark
      Participant

      https://www.theverge.com/2018/2/19/17027570/volkswagen-id-vizzion-concept-car-geneva-motor-show

      This article shows off Volkswagon and its new driverless car that doesn’t even have a steering wheel in it. It then goes to show off the new things coming along with the car and shows how it is one of the most technological cars coming out to date.

    • 2018-02-21 at 18:42 #23528
      rtmoran
      Moderator

      https://www.sec-consult.com/en/blog/2018/02/internet-of-babies-when-baby-monitors-fail-to-be-smart/index.html

      With the adaptation of “smart” baby monitors, the conversation of convenience and privacy is being brought to the forefront. Vulnerabilities have been exposed with baby monitor brand, Mi-Cam, affecting more than 52,000 user accounts and monitor feeds; allowing unfettered access to monitors and user accounts.

    • 2018-02-21 at 16:53 #23526
      wpolnak
      Participant

      https://www.scmagazine.com/teslas-unprotected-kubernetes-console-used-to-hijack-aws-servers/article/745474/

      Tesla’s Amazon Web Server cloud system was hijacked by rogue cryptominers. RedLock researchers discovered an unprotected Kubernetes console, belonging to Tesla, that exposed access credentials to Tesla’s Amazon Web Services environment.

    • 2018-02-21 at 16:40 #23524
      wpolnak
      Participant

      https://www.securityweek.com/google-researcher-finds-critical-flaws-utorrent-apps

      Google researcher Tavis Ormandy discovered several critical vulnerabilities in the classic and web-based versions of BitTorrent’s uTorrent application. The flaws have been released and made public but, not all of the problems have been fixed yet.

    • 2018-02-21 at 15:33 #23521
      forkpahwu
      Participant

      Intel has released a stable microcode to help address Spectre variant 2 attack on user computers.
      https://arstechnica.com/gadgets/2018/02/intel-ships-hopefully-stable-microcode-for-skylake-kaby-lake-coffee-lake/

    • 2018-02-21 at 15:26 #23519
      nrea13
      Participant

      https://www.securityweek.com/intel-releases-spectre-patches-more-cpus

      Intel releases a firmware update that patches the vulnerabilities Spectre exploited within their processors. These include, but not limited to Kaby Lake, Coffee Lake, and so on. However, this only levitates a certain variant of Spectre and Meltdown, as the second variant requires more updates to completely fix.

    • 2018-02-21 at 14:00 #23516
      glesher16
      Participant

      https://www.securityweek.com/global-cybercrime-costs-600-billion-annually-study

      According to a new study, cyber crime costs have hit the $600 billion mark annual, with Russia being the worldwide leader in cyber crime. Ranked second and third are North Korea and Iran, respectively.

    • 2018-02-21 at 12:05 #23511
      henry
      Participant

      http://www.zdnet.com/article/windows-security-well-delete-tools-that-bully-you-to-buy-upgrades-says-microsoft/

      In this article, Microsoft promised to get rid of programs that force windows users to buy such upgrades or better versions. Microsoft stated, this kind of action is not acceptable and they are going to protect their customers in the future.

      • This reply was modified 3 years, 1 month ago by henry.
      • This reply was modified 3 years ago by jreade. Reason: Fixed Link
    • 2018-02-20 at 20:17 #23465
      mgallimo30
      Participant

      HACK BRIEF: HACKERS ENLISTED TESLA’S PUBLIC CLOUD TO MINE CRYPTOCURRENCY
      https://www.wired.com/story/cryptojacking-tesla-amazon-cloud/

      It was found that Tesla’s Amazon based cloud server was a recent target in the ever growing cryptojacking campaign. It was found by Red Lock when they were scanning the public internet for misconfigured and unsecured cloud servers.

    • 2018-02-20 at 16:09 #23463
      plosiewicz
      Moderator

      https://www.reuters.com/article/us-un-guterres-cyber/u-n-chief-urges-global-rules-for-cyber-warfare-idUSKCN1G31Q4

      A new discussion topic: Cyber Laws of War.

      U.N. Secretary General Antonio Guterres called on Monday for global rules to minimize the impact of electronic warfare on civilians as massive cyber attacks look likely to become the first salvoes in future wars.

      15 Years ago we discussed this in St Petersburg, RU. Not much progress has been made. Anyone looking for a great Estonian SME on this topic should search “Eneken Tikk-Ringas”.

    • 2018-02-20 at 13:36 #23457
      awebb19
      Participant

      https://www.theverge.com/circuitbreaker/2018/2/19/17029916/nintendo-switch-hack-linux-fail0verflow

      Hackers from the collective group fail0verflow, have figured out how to run Linux operating system on Nintendo Switch complete with touchscreen support. fail0verflow says the bug theyre using to exploit the switch security system can not be patched on the current hardware.

    • 2018-02-20 at 13:26 #23455
      swoodworth31
      Participant

      https://www.bleepingcomputer.com/news/security/tesla-internal-servers-infected-with-cryptocurrency-miner/

      Cryptocurrency mining malware has been installed on Tesla’s cloud servers after a breach in their system. It is mostly due to the fact that engineers forgot to set a password for the console.

    • 2018-02-20 at 11:10 #23453
      cspencer25a
      Participant

      https://www.grahamcluley.com/apple-fixes-killer-text-bomb-vulnerability-new-update-ios-macos-watchos-tvos/

      The vulnerability that was acknowledged Monday by Apple is now fixed across all their devices. From what Apple has released about the problem that occurred was, that there was a bug in the Unicode symbol, which was a part of the south Indian language, that would cause the devices to crash.

    • 2018-02-20 at 10:30 #23447
      rileysperati
      Participant

      https://nakedsecurity.sophos.com/2018/02/19/us-and-uk-condemn-russia-for-notpetya/

      The NOtPetya cyber-attack accused that Russia were the people that were involved and many countries accused them. The problem is accusations only get you so far: no technical evidence against Russia has been found.

    • 2018-02-19 at 22:19 #23434
      ttripp07
      Participant

      https://www.scmagazine.com/exclusive-researchers-say-kaspersky-web-portal-exposed-users-to-session-hijacking-account-takeovers/article/745105/

      A few recent vulnerabilities have been discovered on Kaspersky’s web portal. This left people vulnerable to brute force attacks and credit stuffing attacks among a few other vulnerabilities.

      Ironically these vulnerabilities have occurred on a service created by a company dedicated to cyber security.

      • This reply was modified 3 years, 1 month ago by ttripp07.
      • This reply was modified 3 years, 1 month ago by ttripp07.
    • 2018-02-19 at 20:08 #23432
      rydilly17
      Participant

      https://www.scmagazine.com/staybridge-suites-lexington-hotel-hit-with-data-breach/article/744956/

      The Staybridge Suites Lexington was notified of malware in a few of their POS devices resulting in a data breach. The types of devices infected are unknown, but we do know that customer names and credit card information was stolen.

    • 2018-02-19 at 14:15 #23428
      dzemlevich
      Participant

      https://nakedsecurity.sophos.com/2018/02/12/cryptomining-script-poisons-government-websites-what-to-do/

      Cryptomining scripts have made it to a whole heap of government websites. Web pages across the world that have been affected include the US, UK, and Australia.

    • 2018-02-19 at 13:28 #23395
      smiles13
      Participant

      https://arstechnica.com/information-technology/2018/02/a-potent-botnet-is-exploiting-a-critical-router-bug-that-may-never-be-fixed/

      Satori, a Botnet that surfaced late last year in December has resurfaced again. Originally it had gained control of Routers made by Huawei and Realtek. And in Recent days has managed to infect routers made by Dasan Networks with the most recent count being at 13,700 infected.

    • 2018-02-19 at 12:09 #23426
      mark
      Participant

      https://www.bleepingcomputer.com/news/government/white-house-cyberattacks-cost-us-economy-between-57b-and-109b-in-2016/

      This articles shows how much the economy spends on cyber attacks in the U.S. Then they also mention that data sharing is a big factor and they also explain what they do for there security after you throw there budget at them.

    • 2018-02-19 at 08:26 #23416
      jreade
      Moderator

      http://www.defenseone.com/technology/2018/02/international-hackers-find-106-bugs-us-air-force-websites/146057/

      Air Force security hackathon leads to record payout and there were fewer vulnerabilities than last time. The Hack the Air Force 2.0 challenge from the end of 2017 resulted in volunteers discovering 106 vulnerabilities across roughly 300 of the USAF’s public websites.

    • 2018-02-16 at 07:53 #18708
      mynameistrevor
      Participant

      https://www.scmagazine.com/researcher-claims-to-have-hacked-amazon-key-using-a-raspberry-pi/article/742797/

      Amazon will issue a fix to the security problems they were having with “Amazon Key”. A man named MG posted a video a couple weeks ago showing how easy it is to bypass this lock by disrupting wifi connections. MG will not be posting how he did it until Amazon fully releases this fix.

    • 2018-02-15 at 23:44 #18706
      awebb19
      Participant

      Major new iOS bug can crash iPhones and disable access to apps and iMessages

      Italian blog Mobile World has detected a bug in ios 11.2.5 that can crash your iphone as well as disable access to apps and messages. The issue is being addressed by apple in future updates before the release of ios 11.3 in the spring. The bug effects apps such as Whatsapp, facebook messenger, and Outlook for ios. It has not been found to effect skype and telegram however.

      • This reply was modified 3 years, 1 month ago by awebb19.
    • 2018-02-15 at 23:12 #18705
      dcopperwheat1
      Participant

      https://www.reuters.com/article/us-britain-russia-cyber-usa/white-house-blames-russia-for-reckless-notpetya-cyber-attack-idUSKCN1FZ2UJ

      Not sure how much information can be released about the Notpetya attacks from Russia in 2017, maybe we can discuss methods of distribution or initial entry points to make sure we are on top of securing our networks. I am sure most of the information gathered on the attacks to Ukraine’s infrastructure isn’t cleared to express in depth, but maybe we can talk about some of the outer layers of the problems Notpetya exploited.

      • This reply was modified 3 years, 1 month ago by CSIACAdmin. Reason: Fixed Link
    • 2018-02-15 at 22:20 #18704
      austinmarino
      Participant

      https://nakedsecurity.sophos.com/2018/02/14/cryptocurrency-startup-loopx-exit-scams-with-4-5m-in-ico/

      Just an article about how much bitcoin miners are actually stealing from people. Still kind of mind blowing that investors are sticking around with all of the controversy.

      • This reply was modified 3 years, 1 month ago by CSIACAdmin. Reason: Fixed Link
    • 2018-02-15 at 14:34 #16651
      majdacivic27
      Participant

      An average kid who was 15/16 at the time in England obtained information from the chief of the CIA about Iran and Afghanistan. He obtained this information from the comfort of his own home by easily pretending he was Brennan while calling companies like Verizon.

    • 2018-02-15 at 14:25 #16600
      rydilly17
      Participant

      https://www.technewsworld.com/story/85115.html

      A startup company has discovered that wifi most wifi routers have known vulnerabilities that are being neglected by the manufacturers. Insignary conducted the scans during the last two weeks of November 2017. Its research and development team scanned 32 pieces of WiFi router firmware offered in the U.S., Europe and Asia by more than 10 of the most popular home, SMB and enterprise-class WiFi router manufacturers: Asus, Belkin, Buffalo, Cisco, D-Link, EFM, Huawei, Linksys, Netis and TP-Link.

    • 2018-02-15 at 14:25 #16601
      rileysperati
      Participant

      https://nakedsecurity.sophos.com/2018/02/12/you-have-five-months-to-switch-your-website-to-https/

      This article explains why HTTP web connections are nearing the and and why HTTPS is the new priority for security.

    • 2018-02-15 at 11:11 #16609
      cspencer25a
      Participant

      https://www.techrepublic.com/article/this-one-business-file-is-most-used-in-cyberattacks/

      This article speaks about how businesses are coming under fire from malware attacks across the globe. The way that they are getting this malware is through scanning, downloading, and viewing PDF files that are infected and acting as Trojan Horses on the victim’s devices/machines.

    • 2018-02-14 at 21:20 #16597
      rtmoran
      Moderator

      A recently disclosed document suggests Equifax hack was worse than the company admitted. In addition to the theft of names, Social Security numbers, birth dates, and addresses; it is now revealed, hackers also made off with, tax identification numbers, email addresses, and phone numbers.

    • 2018-02-14 at 18:47 #16596
      zijad94
      Participant

      https://www.technewsworld.com/story/85126.html

      Apple lawyers have sent a copyright violation notice to Github, following the publication of leaked iOS 9 source code on the site. Though iOS 9 is a dated version of the company’s mobile operating system, it’s possible that the leaked code could be used to jailbreak older devices or worse.

    • 2018-02-14 at 17:56 #16594
      ttripp07
      Participant

      “Now Cryptojacking Threatens Critical Infrastructure, Too”
      https://www.wired.com/story/cryptojacking-critical-infrastructure/

      This article explains the growing threat cryptojacking poses to industries as critical systems could be run at dangerous capacities. The potential problems such crimes pose include the slowing of services at best and system failure at worst where up-time can be crucial.

    • 2018-02-14 at 17:31 #16591
      glesher16
      Participant

      https://nakedsecurity.sophos.com/2018/02/14/watch-our-ads-or-well-use-your-cpu-for-cryptomining/

      The news website “Salon” has been giving their web-visitors using an ad-blocker an ultimatum. They can either disable the ad-blocker to allow the site to run their ads or they keep the ad-blocker on and allow their internet browser to mine the cryptocurrency Monero as they explore the Salon website.

    • 2018-02-14 at 16:23 #16589
      zmasca29
      Participant

      https://www.technewsworld.com/story/85126.html

      Just recently it was announced that apple released that their IOS 9 source code was leaked. They are worried that this will allow people to jail break older devices or worse. Lawyers for apple are involved and they are trying to control the leak. Currently IOS 11 is out which most people have or have IOS 10 so this helps its not the most recent source code leaked.

    • 2018-02-14 at 15:16 #16587
      sam25
      Participant

      https://www.scmagazine.com/confucius-cybergang-targets-south-asian-businessmen-military-personnel-and-others/article/744147/

      Be careful hackers are using chatroom’s on valentines day to get users to install malware on their devices.

      • This reply was modified 3 years, 1 month ago by CSIACAdmin. Reason: Fixed formatting
    • 2018-02-14 at 15:08 #16585
      forkpahwu
      Participant

      https://www.securityweek.com/zero-day-attack-prompts-emergency-patch-bitmessage-client

      A major threatening due to Zero-Day attach as prompted the developer of PyBitmessage 0.6.2 to issue an emergency warning against the use of PyBitmessage 0.6.2 leading to Zero-Day on users with this version.

    • 2018-02-14 at 14:50 #16583
      forkpahwu
      Participant

      https://www.securityweek.com/argument-against-mobile-device-backdoor-government.

      The argument against government gaining backdoor access to individual mobile devices.

    • 2018-02-13 at 14:25 #16581
      swoodworth31
      Participant

      https://www.bleepingcomputer.com/news/security/rapid-ransomware-being-spread-using-fake-irs-malspam/

      An attack called Rapid Ransomware is being distributed through a fake email address from the IRS. Once opened, the file locks the users files and must be bought back from the attackers.

    • 2018-02-13 at 13:39 #16578
      mgallimo30
      Participant

      “‘OLYMPIC DESTROYER’ MALWARE HIT PYEONGCHANG AHEAD OF OPENING CEREMONY”
      https://www.wired.com/story/olympic-destroyer-malware-pyeongchang-opening-ceremony/

      The Olympics have been under fire from a targeted worm named “Olympic Destroyer.” It’s believed that it was intended to take the entire opening ceremony offline, although it only temporally paralyzed systems the day of the ceremony.

    • 2018-02-13 at 12:23 #16577
      ncdova97
      Participant

      Fake Flashlight apps are installing adware in phones

      https://www.scmagazine.com/new-adware-found-in-fake-flashlight-apps-with-dark-intentions/article/735089/

      • This reply was modified 3 years, 1 month ago by CSIACAdmin. Reason: Fixed issue with URL link
    • 2018-02-12 at 13:31 #16566
      dzemlevich
      Participant

      https://www.bleepingcomputer.com/news/security/android-web-users-victims-of-cryptojacking-campaign/

      Android mobile users are at risk at getting cryptojacked. Android users are being diverted to domains where a CAPTCHA appears for the user to answer, but here’s the trick, while the user is taking his/her time solving the CAPTCHA, the website loads and runs a cryptojacking script.

      • This reply was modified 3 years, 1 month ago by jreade. Reason: Fixed Link Formating
    • 2018-02-12 at 06:48 #16532
      mgallimo30
      Participant

      “A CLASSIC SCAM FINDS NEW LIFE STEALING BITCOIN ON TWITTER”
      https://www.wired.com/story/classic-scam-steals-bitcoin-on-twitter/

      Scammers are breathing new life into the give a little and get a lot scheme. Where they are impersonating verified twitter accounts and offering to give bitcoins in return for giving smaller amounts of bitcoins.

    • 2018-02-12 at 06:45 #16548
      djones06a
      Participant

      https://thehackernews.com/2018/02/supercomputer-mining-bitcoin.html
      Russian scientists working at a Russian nuclear research facility have been arrested for trying to use the facilities hardware to mine bitcoin. The scientists were found out after trying to connect the facilities supercomputer to the open internet.

      • 2018-02-20 at 15:55 #23461
        plosiewicz
        Moderator

        We work with a few DOE labs….They would be interested in this! Not DOING it of course 🙂

        • This reply was modified 3 years, 1 month ago by plosiewicz.
    • 2018-02-09 at 03:05 #16541
      pjsnell25
      Participant

      https://www.technewsworld.com/story/85115.html

      The South Korean company Insignary has scanned 32 routers by more than 10 manufactures and discovered firmware exploits that have been know about for years have not been patched. They also say that Linux operating systems may be easier to exploit than Windows or iOS because of the many different versions of Linux that exist today. Security patches can not be pushed uniformly to all these versions at once.

    • 2018-02-08 at 22:50 #16538
      wpolnak
      Participant

      https://nakedsecurity.sophos.com/2018/02/07/reddit-users-beware-its-evil-twin/

      I found this article to be very interesting. It talks about a site called Reddit.com and a twin cite that has a very similar name called Reddit.co. it’s name is only different by one letter. It is set up as a twin to trick people into putting person information into the wrong cite. It is something that people need to be more aware of especially if it was a more serious web site.

    • 2018-02-08 at 20:49 #16536
      mynameistrevor
      Participant

      https://www.scmagazine.com/researcher-claims-to-have-hacked-amazon-key-using-a-raspberry-pi/article/742797/

      Amazon “Key” is a service that allows “In-home delivery” by allowing certain people to have permission to unlock your door via cellphone. A man on twitter, named “MG”, shared a video of how an attacker/intruder can use a “Break and Enter dropbox” to keep the door unlocked after an amazon delivery. Amazon stated that this is an issue with wifi protocol, not the amazon software.

    • 2018-02-08 at 17:36 #16534
      swoodworth31
      Participant

      https://www.bleepingcomputer.com/news/security/scammers-use-download-bombs-to-freeze-chrome-browsers-on-shady-sites/

      This article says that scam websites have found a trick that freezes the visitors’ browser by initiating thousands of download operations. Visitors then panic and call a number on the screen to a scam tech support line.

    • 2018-02-08 at 16:38 #16530
      rr1315
      Participant

      https://www.databreachtoday.com/us-data-breaches-hit-all-time-high-a-10622

      This article has graphs showing how people’s personal information was stolen, plus what types of institutions it was taken from. There is a citation for the claim in the article title; apparently this was a bad year.

    • 2018-02-08 at 14:46 #16517
      cspencer25a
      Participant

      http://www.zdnet.com/article/this-phishing-trick-steals-your-email-and-then-fools-your-friends-into-downloading-malware/

      This article talks about the increase in intensity of phishing attacks and the theft of many email accounts. These attacks are directed to people whom conversate via email, and the desired outcome is to spread malware with the email accounts that are compromised.

    • 2018-02-08 at 14:26 #16514
      craigbeach
      Participant

      http://www.securityweek.com/stealthy-data-exfiltration-possible-magnetic-fields

      Researchers from a university in Israel have developed two types of malware concepts capable of obtaining information by the use of magnetic fields. These types of malware are capable of obtaining information, even if the device with the information is in a Faraday cage, or is on airplane mode.

      • This reply was modified 3 years, 2 months ago by jreade. Reason: Edited link
      • This reply was modified 3 years, 1 month ago by CSIACAdmin.
      • This reply was modified 3 years ago by jreade.
    • 2018-02-08 at 09:29 #16499
      jreade
      Moderator

      https://www.infosecurity-magazine.com/opinions/ai-workplace-digital-assistants/

      Digital assistants like the Amazon Echo and Google Home have exploded in popularity over the last couple of years, making their way into more and more people’s homes, and are starting to make the transition to the business world. Journalist Sage Singleton examines the potential implications of business use of artificial intelligence (AI) for privacy and security. Since AI tools use voice recognition to function, they are always listening even when not in use, which could easily allow corporate espionage and identity theft. Additionally, since devices may not use end-to-end encryption, data could be vulnerable to third-party mining. Singleton outlines these concerns and potential solutions and steps for protecting your business from attack.

    • 2018-02-08 at 09:18 #16496
      nrea13
      Participant

      http://www.securityweek.com/windows-10-ransomware-protection-easily-bypassed-researcher-says

      This article goes over what a researcher has uncovered about exploits with ransomware through Windows Defender Exploit Guard that was added in the Windows 10 Falls Creators Update. They found that people can bypass the new system by using authorized apps like Office to access the data in whatever manner they can.

    • 2018-02-07 at 19:50 #16494