Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.
Cybersecurity (CS) Digest Article Suggestions
- This topic has 568 replies, 85 voices, and was last updated 5 months, 1 week ago by
albertc00leman.
-
CreatorTopic
-
2017-01-16 at 13:57 #8450
CSIACAdmin
KeymasterThe Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
Please reply to this topic with article suggestions for the CS Digest.
Past issues of the CS Digest can be viewed here: https://www.csiac.org/cs-digest/
To subscribe to the CS Digest visit here: https://www.csiac.org/subscription-manager/
-
CreatorTopic
-
AuthorReplies
-
-
2020-10-28 at 14:49 #69459
albertc00leman
ParticipantCybersecurity issues have become crucial in terms of COVID-19, particularly for companies. I’ve heard a lot of stories about Zoom meetings being hacked and stolen data.
But it’s also impossible to be 100% sure that your worker is productive at home as well as in the office. That’s why we had to set up a secure VPN, host a remote server, install tracking tools to prevent data leakage. We also had to teach our employees how to use zoom, worktime software, Trello, and other remote office tools. But I believe it will take some time for others to adjust to the new corona reality. -
2020-10-23 at 04:21 #69462
albertc00leman
ParticipantCybersecurity issues have become crucial in terms of COVID-19, particularly for companies. I’ve heard a lot of stories about Zoom meetings being hacked (https://www.chicagotribune.com/coronavirus/ct-coronavirus-zoombombing-20200401-wf2pvzqhbngitankuokvinvk2m-story.html) and stolen data (https://www.zdnet.com/article/barnes-noble-confirms-cyberattack-customer-data-breach/).
But it’s also impossible to be 100% sure that your worker is productive at home as well as in the office. That’s why we had to set up a secure VPN, host a remote server, install tracking tools to prevent data leakage. We also had to teach our employees how to use zoom https://zoom.us/, worktime software https://www.worktime.com/, Trello https://trello.com/en-US, and other remote office tools. But I believe it will take some time for others to adjust to the new corona reality. -
2020-09-07 at 22:56 #68071
Kenan_Smajkan
ParticipantThis was actually extremely smart on the FBI’s end and its a great way to introduce children and older students into safely browsing the web without being subject to scams and or identity fraud tactics.
-
2020-08-11 at 00:50 #67653
shyam_nair
ParticipantGain complete visibility inside your assets and network activity, check vulnerabilities possessed by your assets and the risks they pose and detect & respond to threats targeting your network with LTS Secure SOC BOX essential security capabilities
to know more about FFIEC Compliance
-
2020-08-11 at 00:48 #67652
shyam_nair
ParticipantTackle three prime areas of cybersecurity for banks and credit unions with Bank Network Security Monitoring, Information Security Risk Assessment and Integrated Threat Intelligence with LTS Secure’s comprehensive cybersecurity solutions
to know more>>https://ltssecure.com/cyber-security-compliance-management-ffiec
-
2020-04-01 at 07:05 #64901
lalitsinghh
ParticipantThank you for sharing this information with us.
-
2020-03-24 at 17:20 #64497
vpescaru
ParticipantrickBot Pushing a 2FA Bypass App to Bank Customers in Germany
TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany
-
2020-03-23 at 12:28 #64440
jm314
ParticipantMore and more States should adapt GDPR. New York is joining the band wagon.
-
2020-03-23 at 10:14 #64425
NitishD
ParticipantCOVID19 has become the new talk to talk about and to take care from all over the world. I came across this article in which Canada’s Health Sector is at risk of cyber attacks due to the fear of COVID19. It is an interesting article and could give a rise in ransomware attacks. The safety of the confidential information they would be possessing of the patients, doctors, etc. also could be at risk. Something every country needs to look out for and be well prepared with defenses to stop such an attack or be well prepared to resolve it.
https://www.cbc.ca/news/politics/health-covid-cyberattack-pandemic-1.5502968
-
2020-03-22 at 12:11 #64376
James112
ParticipantFor those in the medical device / connected device field, useful article/announcement about BLE vulnerability impacting several chip manufacturers.
-
2020-03-12 at 10:16 #64232
-
2020-03-02 at 15:17 #64080
plosiewicz
ModeratorVery interesting mobile security piece on 2FA…
-
2020-03-02 at 15:16 #64078
plosiewicz
ModeratorVery interesting mobile security piece on 2FA…
-
2020-02-14 at 12:47 #63761
plosiewicz
ModeratorOK All. New Mobile Cybersecurity Conundrum:
How does an internal file pretend to exist on an external SD card?
Paul
-
2019-11-20 at 14:04 #62745
plosiewicz
ModeratorHybrid System Cloud Data Security
Useful if you want to share AI/ML data sets for R&D.
-
2019-11-16 at 14:05 #62691
nd14
Participanthttps://www.cpomagazine.com/cyber-security/cybersecurity-workforce-shortage-continues-to-grow/
According to a survey, 63% of those in cybersecurity roles say that their organization is lacking in cyber security professionals.
-
2019-11-11 at 16:35 #62575
rileysperati
ParticipantThe Cyber security and Infrastructure Security Agency has made an effort to inform small businesses that do not know about cyber risks to protect their company. This new effort will reduce the amount of cyber security attacks and make small businesses know about the risks that are on the internet.
-
2019-11-07 at 22:39 #62477
NStockton09
Participanthttps://threatpost.com/trend-micro-rogue-employee-68k-customers/149946/
Employee that worked for Trend Micro stole and sold 68,000 customers data to third party buyers. They did this through accessing a database in which all the information was stored on the company’s server. Not yet known if malicious attacks are being made. Customers are being urged to look out for spam calls and possibly phishing emails.
-
2019-11-06 at 16:18 #62419
nd14
Participanthttps://thehackernews.com/2019/11/chrome-zero-day-update.html
A new 0 day bug has been identified that attacks chrome users. The bug effects Chrome’s audio component and another the PDFium library.
-
2019-11-06 at 16:15 #62417
nd14
Participanthttps://thehackernews.com/2019/11/hacking-voice-assistant-laser.html
A team of researchers have discovered a way to command voice controlled devices using a laser instead of voice commands.
-
2019-11-06 at 16:12 #62415
nd14
Participanthttps://thehackernews.com/2019/11/facebook-groups-data-leak.html
More personal data leaked from FACEBOOK. Over 100 app developers may have had unauthorized access to facebook user accounts.
-
2019-11-06 at 15:44 #62413
rileysperati
ParticipantSince a new act was initiated in Canada the number of security breaches raised exponentially and people are blaming the new act. The new act makes people report breaches so the amount of breaches before the act is not certain.
-
2019-11-06 at 15:41 #62411
rileysperati
ParticipantAsusWRT was compromised, which is apart of the chain of alexa devices and the customers of these products had their ip addresses, usernames, and other personal information leaked.
-
2019-11-06 at 15:38 #62409
rileysperati
ParticipantIn a resent study in cyber security hows the lack of amount of professionals in the field, there is an estimated 500,000 jobs that need to be filled. This field is growing at such a rapid pace and is still growing.
-
2019-10-24 at 22:34 #62012
NStockton09
Participanthttps://gizmodo.com/internal-cybersecurity-memo-white-house-is-bound-to-ge-1839303204
The White House seems to be actually weakening its cyber security efforts. An internal memo was sent out via the computer network defense branch chief. The memo he sent out says that the White House is bound to become attacked again. This is due to 12 top cyber security officials that worked to protect the White House from Russian attacks.
-
2019-10-24 at 14:08 #61988
depern
ParticipantVery interesting Joe Rogan podcast with Edward Snowden. As Snowden talks about the NSA, why he did what he did, the government, as well as security within phones and google.
-
2019-10-16 at 11:11 #61735
nd14
Participanthttps://www.ibtimes.sg/new-malware-infects-thousands-pcs-confirms-microsoft-cisco-talos-32615
New malware, called Nodersok, has been identified by Microsoft and Cisco Talos.
-
2019-10-15 at 12:57 #61709
NStockton09
Participanthttps://siliconangle.com/2019/10/14/linux-sudo-bug-opens-root-access-unprivileged-users/
A bug in the command sudo has been found that where it can give root access to an unauthorized user through the command -u#-1. As long as the user is in the sudo privilege group then they can issue this command and gain root access even if root access is explicitly blocked to all users beside superuser. The issue is the -1 argument on the end is telling sudo to use a negative number id and sudo doesn’t know what to do and gives root instead.
-
2019-10-13 at 13:27 #61691
depern
ParticipantAccording to threatpost, russian government and diplomatic victims have gotten attacked by a sophisticated cyberespionage platform called Attor.
https://threatpost.com/sophisticated-spy-kit-russians-gsm-plugin/149095/ -
2019-10-11 at 10:04 #61679
rileysperati
ParticipantCalifornia is banning police officers from wearing facial recognition cameras because they have misinterpreted many people and they are not accurate. Once they successfully learn how to use the camera it will be back.
-
2019-10-11 at 10:00 #61677
rileysperati
Participanthttps://www.securitymagazine.com/articles/91083-insider-threats-are-biggest-danger-to-data-security
People are the number one risk of danger in security and they do not know it. Over half of High level employees or CEO’s have admitted that they have clicked on a lick with a work computer that they should not have clicked, those links could lead to the businesses security to be compromised.
-
2019-10-29 at 10:36 #62141
ReveneerCyber
ParticipantWhat’s the best way to educate employees on cybersecurity? Having them go through training seminars or test phishing attacks? There are so many threats out there now
-
This reply was modified 1 year, 5 months ago by
ReveneerCyber.
-
This reply was modified 1 year, 5 months ago by
-
-
2019-10-10 at 14:13 #61616
depern
ParticipantThroughout the manufacturing sector in 2019, major attacks were happening, as in ransomware attacks, WannaCry, even BitPayment ransomware. Even 50% of organizations that are attacked by cyber attacks is the Manufacturing sector.
https://cyware.com/news/major-attacks-that-hit-the-manufacturing-sector-in-2019-bec74e8e -
2019-10-10 at 14:13 #61603
nd14
ParticipantAttackers use malware to steal credit card information from the Sesame Street online store, and various other e-commerce sites using software developed by Volusion
-
2019-10-10 at 14:12 #61582
NStockton09
ParticipantA malware alert that is now being rated high severity has popped up. A bug has been found that allows a hacker to escalate local privilege if an app with the malware is downloaded. This attack is targeting Android phones only.
-
2019-10-08 at 20:54 #61584
NStockton09
Participanthttps://www.cnn.com/2019/10/08/business/ransomware-attacks-trnd/index.html
There is an ever increasing amount of ransomware attacks that are happening recently. Many government buildings, schools, and hospitals are getting hit more and more frequently. 140 important buildings alone have been hit in the past 10 months by ransomware.
-
2019-10-03 at 18:45 #61501
jpilgreen23
ParticipantFacebook and Child Sex Abuse raising issues on encryption.
https://www.nytimes.com/2019/10/02/technology/encryption-online-child-sex-abuse.html?rref=collection%2Ftimestopic%2FComputer%20Security%20(Cybersecurity) -
2019-10-01 at 10:59 #61432
rileysperati
ParticipantThe average growth of cyber breaches annually 11% and the cost of these breaches each year is $3 trillion and it rising each year. People do not know how much of this worlds economy relies on cyber security.
-
2019-09-30 at 22:07 #61402
depern
ParticipantAccording to threatpost there was a new legislation that was focusing on helping government agencies and others combat ransomware attacks by the United States Senate .
https://threatpost.com/senate-passes-bill-aimed-at-combating-ransomware-attacks/148779/ -
2019-09-26 at 22:35 #61304
plosiewicz
ModeratorActing DNI: Cuber war biggest National threat
-
2019-09-26 at 22:35 #61302
plosiewicz
ModeratorActing DNI: Cuber war biggest National threat
-
2019-09-25 at 13:10 #61176
jpilgreen23
ParticipantWith attacks increasing on Power Grids, Power Companies and Utilities, I think this is a definite article that should be included. The Guide is also included in the Article.
https://www.securitymagazine.com/articles/90985-nist-releases-cybersecurity-guide-for-energy-sector-to-improve-operational-technology-
This reply was modified 1 year, 6 months ago by
jpilgreen23. Reason: Link Text wasn't added
-
This reply was modified 1 year, 6 months ago by
-
2019-09-25 at 11:17 #61171
plosiewicz
ModeratorThwe urgent search for a cyber silver bullet against Iran…
https://trendingpress.com/the-urgent-search-for-a-cyber-silver-bullet-against-iran/
-
2019-09-25 at 11:16 #61168
plosiewicz
ModeratorThwe urgent search for a cyber silver bullet against Iran…
https://trendingpress.com/the-urgent-search-for-a-cyber-silver-bullet-against-iran/
-
2019-09-24 at 11:09 #61130
rileysperati
ParticipantThe company Orbitz had a data breach last year in 2018 and had hundreds or thousands of customers data revealed. The data that was revealed was their credit card information and 880,000 different credit cards were revealed.
-
2019-09-20 at 13:14 #61051
jbehr27
Participant -
2019-09-19 at 14:40 #60977
NStockton09
Participant11 IT service providers have been hit by advanced hackers that are attacking them in order to gain access to their customer’s network. Two of the eleven attacks were able to gain admin level access. It primarily effected IT services in Saudi Arabia. This attack ended up compromising 100’s of hosts. It is still unknown how the attack was done.
-
2019-09-19 at 10:24 #60960
depern
ParticipantDo you own a smart TV? People have been finding evidence that Samsung, LG, and other smart TV’s have been sending over sensitive user data to tech firms including Facebook, and Google.
https://threatpost.com/smart-tvs-leak-data/148482/ -
2019-09-18 at 10:34 #60722
depern
ParticipantEntercom Communications a Philadelphia broadcasting company, was infected with a ransom attack which spread to digital systems, from emails, to billing, and demanded $500,000.
-
2019-09-16 at 14:05 #60751
rileysperati
ParticipantA report done by Proofpoint has researched email based cyber attacks and almost all of them can only be used by clicking on the email or the link inside the email. This report shows that if people know about this, there will be less cyber attacks through email.
-
2019-09-12 at 08:35 #60650
jpilgreen23
ParticipantArticle about what the NSA’s plan for the 2020 election and some content about the new cyber security directorate. Some content may be more than a week old.
-
This reply was modified 1 year, 7 months ago by
jpilgreen23. Reason: Spelling error
-
This reply was modified 1 year, 7 months ago by
-
2019-09-10 at 10:06 #60602
depern
ParticipantRecently some cybersecurity researched have found a new computer virus that is associated with a cyber-espionage group which in turns exfiltrates stolen data to an attacker-controlled server.
https://thehackernews.com/2019/09/stealthfalcon-virus-windows-bits.html -
2019-09-09 at 17:32 #60596
rileysperati
ParticipantThis lawsuit is making google and youtube pay $136 million to the FTC and $36 million to New York. The settlement claims that youtube is not meeting COPPA laws. They are not making sure that children are watching the appropriate videos for their age.
-
2019-09-08 at 12:25 #60567
jpilgreen23
ParticipantMasterCard launched a Program that sends employees to Middle Schools to teach Girls on Cybersecurity and Fraud. I think it would be interesting for those who are more concerned with the growth and education in the cybersecurity field.
-
2019-09-05 at 23:54 #60543
NStockton09
ParticipantMobile devices seem to be getting hit a lot more lately and this is just going to make matters worse for already infected Android users, and so far there’s not much Google is doing to try and fix it.
-
2019-08-23 at 13:35 #60286
rtmoran
ModeratorDaily times Ransomware
In this article it talked about how the daily times in water town was attacked yet again by ransomware. This attack effected there email servers and any internet based telephones.
https://cyware.com/news/watertown-daily-times-again-gets-hit-with-ryuk-ransomware-attack-36f62397
-
2019-05-28 at 15:52 #59648
mongi
ParticipantNew report finds defense contractors struggling with cybersecurity requirements
Defense Department contractors are struggling to meet the standards for protecting sensitive DOD information on their networks, as most companies fail to use key controls like multifactor authentication and incident response tests, according to a new report from cybersecurity auditing firm Sera-Brynn. The report issued last week assessed how defense contractors are implementing a provision in the Defense Federal Acquisition Regulation requiring contractors to protect controlled unclassified information (CUI) on their networks using the 110 controls in the National Institute
-
2019-05-28 at 11:26 #59640
Anonymous
InactiveNew report finds defense contractors struggling with cybersecurity requirements
Defense Department contractors are struggling to meet the standards for protecting sensitive DOD information on their networks, as most companies fail to use key controls like multifactor authentication and incident response tests, according to a new report from cybersecurity auditing firm Sera-Brynn. The report issued last week assessed how defense contractors are implementing a provision in the Defense Federal Acquisition Regulation requiring contractors to protect controlled unclassified information (CUI) on their networks using the 110 controls in the National Institute
-
2019-05-28 at 09:56 #59586
Borgeby
ParticipantHere is an interesting article which describes how Satan ransomware and malware evolves to become more sophisticated and more tailored against their target in order to become more lucrative.
Satan can spread on its own and when it compromises a system, the malware attempts to execute its list of exploits against each IP addresses on the local network which makes it harder to defend against.
https://www.darkreading.com/vulnerabilities—threats/satan-ransomware-adds-more-evil-tricks/d/d-id/1334779 -
2019-05-25 at 12:29 #59598
zhonteck
ParticipantGood insight raised by Ian (President, CREST) about Cyber Security in the Financial Sector. Even now in 2019, this still applies. Any related cybersecurity news related to Financial Sector, please share it here.
https://youtu.be/3bVNo1Qo0Os -
2019-04-26 at 08:51 #59396
rtmoran
ModeratorMicrosoft discovers Huawei driver allowing back door access to laptops. Microsoft determined Huawei’s driver allowed for remote device management, as well as, access to the Windows 10 OS.
-
2019-04-25 at 17:08 #59398
rtmoran
ModeratorUnsecured databases discovered leaking 60 million user’s scraped LinkedIn data. Between the eight discovered unsecured databases more than 60 million records, containing what appeared to be LinkedIn user information, were uncovered. When questioned, LinkedIn claimed, that while they were aware of the leaked databases, they did not belong to LinkedIn.
-
2019-04-20 at 23:38 #59222
mwisniewski
ParticipantThe Russian Government is making strides towards censoring what its citizens see online.
https://www.nytimes.com/2019/04/11/world/europe/russia-internet-censorship.html?rref=collection%2Ftimestopic%2FComputer%20Security%20(Cybersecurity)&action=click&contentCollection=timestopics®ion=stream&module=stream_unit&version=latest&contentPlacement=6&pgtype=collection -
2019-04-19 at 11:27 #59142
rtmoran
ModeratorThe NSA reverse engineering tool, Ghidra, which was released a month ago, source code has been officially released. Not only will this allow for review of the code for security consideration, but also further development in an open-sourced environment.
https://www.securityweek.com/nsa-releases-reverse-engineering-tool%E2%80%99s-source-code
-
2019-04-18 at 12:05 #59214
zijad94
Participant(ISC)² Adds Four New Courses to its Professional Development Institute
-
2019-04-18 at 12:04 #59212
zijad94
ParticipantGovernment Best, Healthcare Worst in Protecting Consumer Data
-
2019-04-18 at 12:02 #59210
zijad94
ParticipantThe Importance of Securing Sensitive Data in a 5G World
-
2019-04-12 at 17:22 #59143
rtmoran
ModeratorBy utilizing a HTML5 feature, ping, which notifies a list of URIs in the event that a link is followed, Chinese tech company, Tencent, has weaponized the mobile users of its QQBrowser to unwittingly participate in focused DDOS attacks.
-
2019-04-11 at 17:17 #59137
depern
ParticipantRecently there has been a various amounts of known security flaws found in WPA3 Protocol which lets hackers gain control of WiFi password.
https://thehackernews.com/2019/04/wpa3-hack-wifi-password.html
-
2019-04-10 at 13:31 #59120
rileysperati
ParticipantIn 2016 yahoo had data breach that affected its users. Now yahoo has more than doubled its proposed data breach settlement payout to $117.5 million after having a smaller amount rejected by a California judge in January.
-
2019-04-10 at 13:09 #59118
DukeNukemBOS
ParticipantThis article talks about how a Remote Administration tool called LimeRAT is being used by cyber criminals by using a unique infection technique to spread the malicious sample without being detected by anti-virus software.
-
2019-04-07 at 13:44 #59086
AliciaGeorge
ParticipantMobile devices have been on the rise and we have not been to keep up with the security of mobile devices as rapidly as they are growing. Over half of the RSA attendees are committing to their spending on their mobile device security.
-
2019-04-04 at 16:18 #59078
depern
ParticipantRecently a stalking malware was found on over 58,000 users. Tracking much of their activities throughout their life.
https://cyware.com/news/stalkware-applications-found-installed-on-large-numbers-of-phones-7e7af0c1
-
2019-04-02 at 13:24 #59068
DukeNukemBOS
Participanthttps://cyware.com/news/security-experts-fool-a-tesla-car-into-driving-on-wrong-lanes-d577f37c
This article talks about how security experts were able to fool a tesla into driving on the wrong lanes by creating fake lanes laid out with the use of lane stickers. The tesla could not distinguish the fake lane created by the researchers.
-
2019-04-01 at 14:54 #59021
mwisniewski
Participanthttps://www.bbc.com/news/technology-47653656
Developers working on Facebook stored over 600 million user passwords in plain-text exposing them internally.
-
2019-03-29 at 15:58 #59019
depern
ParticipantThe Attorney General for Washington D.C. Karl A. Racine has introduced the Security Breach Protection Amendment Act of 2019. This Act would strengthen protections for residents’ personal information, and also modernize the District’s data breach law.
-
2019-03-28 at 18:22 #59002
depern
ParticipantIn Saudi Arabia there has been a cyber-esponiage group that has been targeting critical infrastructures, including military and energy sectors.
https://thehackernews.com/2019/03/apt33-cyber-espionage-hacking.html
-
2019-03-27 at 13:02 #58983
DukeNukemBOS
ParticipantThis article talks about how NVIDIA patched a critical security vulnerability in their Geforce Experience app that could allow attackers to escalate privileges, conduct code execution, and perform DOS attacks.
-
2019-03-23 at 12:50 #58952
rileysperati
ParticipantFEMA who works with the people that are affected by natural disasters were working with a new contractor that helps with the victims of the tragedy and give them homes. Over 2.3 million people had their information leaked, which included the last four digits of their SSN and other personal information.
-
2019-03-23 at 12:45 #58951
rileysperati
ParticipantMobile devices have been on the rise and we have not been to keep up with the security of mobile devices as rapidly as they are growing. Over half of the RSA attendees are committing to their spending on their mobile device security.
-
2019-03-21 at 14:52 #58371
depern
ParticipantGhidra, the NSA’s recently released reverse engineering tool was already found to be plagued with a security vulnerability.
https://cyware.com/news/nsas-ghidra-already-found-to-be-plagued-by-a-security-vulnerability-3f1d59fa -
2019-03-21 at 14:39 #58362
mwisniewski
ParticipantBeware of those late night “distraction from studying” quizzes on Facebook (“What does your favorite beer say about your personality?”). Facebook is now suing over these “data-grabbing” quizzes since the “required” browser add-ons are responsible for pulling private user data.
-
2019-03-21 at 12:29 #58367
mwisniewski
ParticipantEuropean cybersecurity firm FireEye announced today that Russian state sponsored hacking groups are targeting European government systems prior to their parliamentary elections.
-
2019-03-20 at 13:10 #58357
DukeNukemBOS
ParticipantThis article talks about how after WinRAR patched a major security bug, cyber criminals have resorted to exploiting the bug in unpatched systems for malicious gains. The Goldmouse threat group is targeting the middle east region and were observed deploying the nebulous njRAT backdoor
-
2019-03-19 at 11:19 #58351
zijad94
ParticipantThe World Wide Web Consortium (W3C) just approved the Web Authentication API, also known as WebAuthn, which is a new way to log into websites without passwords.
-
2019-03-21 at 12:23 #58364
-
-
2019-03-19 at 11:17 #58349
zijad94
ParticipantA majority of attendees at RSA this week plan to spend more on mobile security in the coming year.
Seventy-six percent of respondents to a Lookout survey access corporate data from personal mobile devices and/or public WiFi networks. -
2019-03-08 at 16:30 #58221
rileysperati
ParticipantAccording to a recent study by Experian, they concluded that over a third of businesses and companies are not prepared and don’t know what to do when a breach in their security has accorded. Since that the threat of security is getting higher more professionals in cybersecurity are needed and businesses need to see that.
-
2019-03-08 at 16:25 #58219
rileysperati
ParticipantThere now is a new way to sign into websites without passwords. People might think that is is a security nightmare but according to the CEO W3C it is more secure and that this will move vulnerable passwords in the past.
-
2019-03-06 at 12:37 #58188
DukeNukemBOS
ParticipantThis article talks about how there is a shortage of cybersecurity experts that could lead to a company losing hundreds of millions of dollars. There are 2.93 million cybersecurity positions open and unfilled around the world according to a non profit IT security organization ISC
-
2019-03-05 at 11:20 #57857
mwisniewski
ParticipantChinese enterprise Huawei is starting to turn heads as a future big payer in the telecom world while being known for collecting users data. Uh oh!
-
2019-03-05 at 09:38 #58013
JCowell936
ParticipantI would like to suggest the recent article in Forbes which is targeted at CEO regarding Cybersecurity strategy. It has a couple of interesting points and draws parallels to the cloud business to basically recommend CEOs seriously consider outsourcing their Cybersecurity efforts.
-
This reply was modified 2 years, 1 month ago by
CSIACAdmin. Reason: Removed LinkedIn profile link
-
This reply was modified 2 years, 1 month ago by
JCowell936.
-
2019-03-05 at 09:43 #58016
CSIACAdmin
KeymasterCould you please share a link to the article?
-
This reply was modified 2 years, 1 month ago by
-
2019-03-02 at 13:20 #57966
mwisniewski
ParticipantA vulnerability was discovered in 8 airline e-ticket applications that allows malicious hackers access to the customers PII as well as flight details. This also allows them to change flight details and print the boarding passes.
-
2019-02-28 at 16:24 #57925
rtmoran
ModeratorA new security vulnerability affecting the Thunderbolt data specification, Thunderclap, has been exposed leaving USB-C and DisplayPort hardware vulnerable to attack. The vulnerability can leave affected machines exposed to data theft, file tracking, and malicious code execution.
https://www.theverge.com/2019/2/27/18243503/thunderclap-vulnerability-thunderbolt-computers-attack
-
This reply was modified 2 years, 1 month ago by
rtmoran.
-
This reply was modified 2 years, 1 month ago by
-
2019-02-27 at 13:21 #57905
DukeNukemBOS
ParticipantThis article talks about how the Specialist insurer Beazely collaborated with Marsh, a leader in insurance broking and innovative risk management solutions, to provide cyber insurance cover and breach response US manufacturers. The cyber insurance offers coverage to address cyber and operational risks faced by manufacturers
https://www.securitymagazine.com/articles/89918-beazley-marsh-launch-cyber-insurance-for-manufacturers -
2019-02-21 at 20:28 #57840
hbolic23
ParticipantIdentity Theft will get easier by the days if people keep using the same passwords for different accounts. Individuals usually throw their mail out unripped. Well, identity theft can go as far as someone finding mail with someones Name, Address and other personal info right there on the front of the envelope. Cyberattacks can hit your phone by simply connecting to “Free Wi-Fi” at a nearby cafe. Cyberattacks are floating around is sniffing out it’s next victim and nobody even notices.
-
2019-02-21 at 19:57 #57837
hbolic23
ParticipantElementary schools are using more and more technology on the daily to make school more enjoyable for students. Though, Cyberhackers are taking action against district schools now, (reportedly K-12) and doing actions such as stealing tax dollars and altering school records. As time flies by, the term “Cyber-Secure” loses it’s meaning.
-
2019-02-21 at 12:09 #57823
rileysperati
ParticipantThe reason why companies should give their employees personal VPNs is that you never know what websites your employees are going to access. If employees are using illegal activity on their computers on the corporate network, the corporation could be at risk.
-
2019-03-02 at 13:03 #57964
dmass79
ParticipantI agree,
corporate should soften their restriction sometimes. it is true that we tend to use the whitelisting techniques by keeping off all softwares that we do not trust. but it is also part of security to constantly analyze the surface threat that can be use by hacker to access the organization network via the remote employee. the sophistication of the techniques use to trick the user could lead them to install a malware while surfing web during their me time. incorporating tools like personal vpn,and personal sandbox tool could play an important role in the cybersecurity plan to mitigate risk coming from remote users. -
2019-02-21 at 20:26 #57838
hbolic23
ParticipantI agree
-
-
2019-02-21 at 12:05 #57821
rileysperati
ParticipantContractors and freelancers are the number one cause security incidents at a business and on average there are 3 workforce incidents that can affect the security of those businesses. The people who work at the company are the most vulnerable to error and these employees should be made to take security classes to be more self-aware and have better security in the business.
-
2019-02-19 at 15:29 #57783
DukeNukemBOS
ParticipantThis article talks about how Russian Hackers are eight times faster at compromising a system than other nation-state hackers. The article also talks about how they move faster laterally and accomplishing their primary objective faster than their closet competitors, the North Koreans.
-
2019-02-15 at 15:38 #57750
rileysperati
ParticipantThere is a shortage of cybersecurity professionals which is a major concern for the security of Americans. Without cybersecurity professionals peoples private information and other things people don’t want leaked out to be accessed by others.
-
2019-02-14 at 22:01 #57736
mwisniewski
ParticipantAfter 143 million Americans had their data stolen from the credit rater Equifax, they still don’t know where the data has gone.
https://www.cnbc.com/2019/02/13/equifax-mystery-where-is-the-data.html
-
2019-02-13 at 22:19 #57715
rtmoran
ModeratorRussia is considering a nationwide global internet disconnect, expected before April 1. Designed to gather data for the Digital Economy National Program, all internet traffic within the country will be routed only within its own borders, blocking external access, to test the integrity of an antonymous DNS in the event the country undergoes a cyber attack.
-
2019-02-11 at 17:58 #57659
DukeNukemBOS
ParticipantThis article talks about how E-Ticketing systems of well known airlines have a well known vulnerability that can expose passengers personally identifiable information
https://www.technewsworld.com/story/85836.html -
2019-02-11 at 16:04 #57634
rtmoran
ModeratorDowngrade attack affecting all versions of TLS (including version 1.3 and QUIC) exposed which leverages a side-channel leak via cache timings in order to break the RSA key exchanges of TLS. Inventor of RSA encryption recommending that RSA be deprecated in TLS.
-
2019-02-07 at 20:22 #57610
mwisniewski
ParticipantTwo links this week. An Arizona teenager discovered a serious FaceTime bug on the iPhone that allowed users to eavesdrop on another users phone using FaceTime, without the other person answering the call.
-
This reply was modified 2 years, 2 months ago by
mwisniewski.
-
This reply was modified 2 years, 2 months ago by
-
2019-02-05 at 12:02 #57540
DukeNukemBOS
ParticipantThis article talks about how according to a annual report by the Identify Theft Resource Center, data breaches in 2018 decreased from last year’s all time high of 1,632 by 23% but the records exposing sensitive personal consumer information jumped 126% to 446,515,334.
https://www.securitymagazine.com/articles/89822-million-personal-records-were-stolen-in-2018 -
2019-01-31 at 17:59 #57404
rtmoran
ModeratorThe 24 million credit and mortgage documents stolen in the recent Elasticsearch data breach were found residing in an Amazon S3 bucket. Investigators found the S3 box containing 21 files with 23,000 pages of PDF documents, all open to the public. Included were the original bank documents on which the Elasticsearch data was based.
-
2018-12-28 at 07:37 #57155
lennonjohn000
ParticipantThis article tells you, how to avoid data breaches like Marriott International with better security.
https://blog.loginradius.com/2018/12/put-customer-data-security-first-avoid-breaches-like-marriotts/
-
2018-12-16 at 23:28 #52252
kevinc810
ParticipantThis article explains why emails are still at risk to modern day hacking. This article explains the complexity of email hacking and also the steps to take in order to prevent it.
http://www.digitaljournal.com/tech-and-science/technology/q-a-why-are-we-still-at-risk-from-email-hacking/article/538770 -
2018-12-16 at 23:25 #52250
kevinc810
ParticipantThis article is about how a hacker group hacked a company by taking advantage of an employee using there computer at a coffee shop.
https://www.zdnet.com/article/how-one-hacked-laptop-led-to-an-entire-network-being-compromised/ -
2018-12-16 at 23:13 #52248
kevinc810
ParticipantThis article is about the hotel Marriott and how there recent cyber related breaches exposed massive global cyber security flaws.
https://www.bloomberg.com/news/articles/2018-12-14/marriott-cyber-breach-shows-industry-s-hospitality-to-hackers -
2018-12-16 at 22:06 #52246
kevinc810
ParticipantThis article talks about how big name companies will work with ethical hackers to find flaws in there systems. The article goes into detail revolving how these ethical hackers are making revenue.
https://www.cnbc.com/2018/12/12/freelance-hackers-get-paid-to-test-the-defenses-of-firms-like-tesla.html -
2018-12-16 at 20:26 #52241
kevinc810
ParticipantWith technology on the move students are eager to get there hands on the newest technology. Understanding the basics of authentication and the fundamentals of cyber security can be crucial component to keeping them safe.
https://www.bgfalconmedia.com/campus/cyber-security-experts-explain-how-students-can-protect-themselves-online/article_c301157e-f8ec-11e8-b021-b3ddb4bd7d3c.html -
2018-12-14 at 19:47 #52237
kevinc810
ParticipantWashing state researches have discovered a vulnerability in high end processors that can target the chips communication systems and create process malfunctions. White hat hackers created a series of experiments in order to test the seriousness of the vulnerabilities.
https://www.sciencedaily.com/releases/2018/12/181213155617.htm -
2018-12-14 at 19:30 #52235
kevinc810
ParticipantBitcoin scammers and hackers have been taking over the United States with a series of ransomware attacks. Across the United States schools and public buildings have been forced to evacuate buildings upon receiving a threat that there is a bomb that will explode unless the facility pays a bitcoin ransomware fee.
https://www.theverge.com/2018/12/13/18139724/bitcoin-bomb-threat-scam-email-us-police-department-investigation-evacuations -
2018-12-14 at 19:26 #52234
kevinc810
ParticipantIranian Hacker Group “Charming Kittens” is said to have attempted a hit on Americans working on nuclear projects. Experts have found several interesting links to attacks over the past weeks.
https://www.cbsnews.com/news/iran-hacking-charming-kitten-targets-us-nuclear-officials-cybersecurity-certfa-2018-12-13/ -
2018-12-14 at 19:20 #52233
kevinc810
ParticipantIt is without a doubt that having a cyber security specialist at the work environment is beneficial. Understand what needs to be done in order to make your employees into cyber security specialist themselves.
https://www.entrepreneur.com/article/323375 -
2018-12-06 at 22:28 #52167
ahmedalazzawi
ParticipantA Misconfigured Elasticsearch server leaked around 57 Million US citizen details. personal details such as name,job,address and email.
-
2018-12-06 at 22:22 #52164
ahmedalazzawi
Participanthttps://nakedsecurity.sophos.com/2018/11/30/huge-marriott-breach-puts-500-million-victims-at-risk/
Marriott Starwood brands properties database got hacked at 2014. All clients who made reservation before October 2018 are at risk. personal info and bank info might be compromised according to the Marriott.
-
2018-12-06 at 22:16 #52161
ahmedalazzawi
ParticipantMax Ray also known as iceman, uses a drone from prison to hack peoples credit and debit cards.
-
2018-12-05 at 15:41 #52136
CSIACAdmin
KeymasterFBI’s Counterterrorism Investigations Now Run on Amazon
-
2018-12-03 at 11:40 #52027
Ticia
ParticipantThis article is about how a newly introduced car service in Moscow got hacked and infected with ransomware. The public was promised free rides so when it got attacked only a couple days into its existence, obviously an outrage followed because it had to be shut down.
-
2018-11-28 at 20:23 #52003
mhapple25
ParticipantStatCounter hacked, trying to steal bitcoins from many users. Covered their tracking script with Java coding.
https://blog.avast.com/security-news-hackers-target-bitcoins-uscybercom-shares-malware
-
2018-11-28 at 20:13 #52001
mhapple25
ParticipantMagecart plans to steal more credit card information.
https://blog.avast.com/facebook-hacked-again-nordstrom-employee-data-breached
-
2018-11-28 at 20:00 #51999
mhapple25
ParticipantUber hacked, releasing information from millions of profiles. Pays hacker a hundred thousand dollars to delete the stolen information.
-
2018-11-28 at 19:29 #51996
mhapple25
Participanthttps://blog.avast.com/russian-hackers-at-work-3rd-gmail-glitch-magento-sites-at-risk-avast
Russian hackers hack government businesses using word documents containing malware and sending those through email.
-
This reply was modified 2 years, 4 months ago by
mhapple25.
-
This reply was modified 2 years, 4 months ago by
-
2018-11-25 at 17:34 #51902
mciola10
ParticipantThis article is about a versatile spyware that transformed into a keeping money trojan with ransomware abilities figured out how to dispatch more than 70,000 assaults throughout only three months. The malware is very forceful on the off chance that it doesn’t keep running with lifted authorizations and utilizations an extremely irritating strategy to decide the client to give it the administrator status.
-
2018-11-20 at 11:26 #51843
mhapple25
Participanthttps://thehackernews.com/2018/08/apple-hack-servers.html
16 year old teen hacks Apple and takes secure files!
-
2018-11-19 at 23:51 #51848
mciola10
ParticipantThis article is about how obscure aggressors have abused a weakness in programming running on security equipment items from Cisco. Admins could use this pattern to identify the bad packets and prevent crashing of the security appliance.
-
2018-11-19 at 23:43 #51846
mciola10
ParticipantThis article is about how security refreshes accessible for Adobe Photoshop CC. Adobe has discharged security refreshes for Adobe Photoshop CC variants 19.1.6 and prior. The data divulgence powerlessness in Adobe Flash Player for Windows, macOS, Linux and Chrome OS. It isn’t known whether this weakness was effectively being utilized or what data is revealed.
-
2018-11-19 at 23:35 #51845
mciola10
ParticipantThis article is about how a Magecart Visa skimming assault has been found on the online store for the Infowars site. America is under assault by globalist powers and anybody going to bat for our republic will be assaulted hardheartedly by the corporate press, Antifa and maverick knowledge agents.
-
2018-11-19 at 11:49 #51833
AlliedChemical22
ParticipantAlways have a breach plan in store.
https://www.securitymagazine.com/articles/89607-is-your-data-breach-response-plan-ready -
2018-11-15 at 21:42 #51810
Gecky
ParticipantThis article reveals how the prime minister of cybersecurity for Japan, admitted to never using a computer.
-
2018-11-15 at 16:56 #51805
depern
ParticipantTesco bank was fined 16.4m Euros by the city, over an incident that took place in 2016, where a cyber attack affected thousands of customers.
https://www.independent.co.uk/news/business/news/tesco-bank-cyber-attack-fines-fca-a8562756.html
-
2018-11-15 at 11:35 #51793
mwisniewski
ParticipantHackers infected the StatCounter application with malware which allowed them to steal bitcoin revenue transferred over a specific file path.
-
2018-11-13 at 14:04 #51769
dhoffman
Participanthttps://thehackernews.com/2018/11/dji-drone-hack_8.htmlthe flight records, location, and both the live video feed and photos taken by your drone could have been accessed through vulnerabilities in the DJI Drone web app. DJI finally fixed the three vulnerabilities which allowed this to happen, but it took them almost six months to do so.
-
2018-11-13 at 08:37 #51716
AlliedChemical22
ParticipantFAA contractor cuts telecommunications cables and douses them in gasoline, sets fire to cables, causes $350 million in damages.
https://www.securitymagazine.com/articles/89573-how-to-set-fire-to-all-your-servers
-
2018-11-09 at 09:50 #51608
depern
ParticipantThe BBC Russian Service was told by anonymous individuals, that they have details of over 120million facebook accounts in which they would sell, including private messages of over 80,000 accounts.
-
2018-11-08 at 18:21 #51610
mwisniewski
ParticipantStuxnet was a computer worm that infected Iran’s infrastructure back in 2010 specifically targeting and damaging their nuclear program. Towards the end of October, Iran’s head of civil defense told press about this new generation of the Stuxnet worm attempting to enter their systems.
https://www.infosecurity-magazine.com/news/stuxnet-returns-striking-iran-with/
-
2018-11-08 at 16:01 #51600
-
2018-11-08 at 16:01 #51601
Gecky
Participanthttps://www.nytimes.com/2018/11/07/business/the-mad-dash-to-find-a-cybersecurity-force.html
This article is about the desperate race to find cybersecurity analysts
-
2018-11-08 at 10:44 #51593
chazybear
Participanthttps://www.securityweek.com/google-removes-vulnerable-library-android
google releases security patches for its android platform which addresses security vulnerabilities within the operating system. several vulnerabilities are addressed but the most severe vulnerability could enable an attacker to create a file to execute arbitrary code within the context of a privileged process.
-
2018-11-08 at 10:35 #51591
chazybear
Participanthttps://www.securityweek.com/evernote-flaw-allows-hackers-steal-files-execute-commands
a security breach has been identified in the evernote app when a user adds a picture to a note and later renames it , java script can be added instead creating a potential risk when the picture is later shared with another user. for the attack to work the attacker needs to convince the user to open a evernote note in presentation mode .
-
2018-11-06 at 15:07 #51540
dhoffman
Participanthttps://thehackernews.com/2018/11/self-encrypting-ssd-hacking.html
Some of the self-encrypting SSD will allow attackers to decrypt disk encryption and recover protected data without needing to know the password for the disk. -
2018-11-06 at 13:59 #51538
AlliedChemical22
ParticipantVoting machines will be closely monitored in mid-term election for potential cyber security threats.
-
2018-11-05 at 21:01 #51529
dhoffman
Participanthttps://thehackernews.com/2018/10/windows10-uwp-apps.html
Windows 10 patched a bug which allowed certain apps access to multiple files by default. This would mean that someone would not have to grant that app permission before the app got access to those files. -
2018-11-05 at 17:48 #51528
DukeNukemBOS
Participanthttps://thehackernews.com/2018/11/portsmash-intel-vulnerability.html
This article talks about how security researchers found a vulnerability in the intel cpu that steals encrypted data.
-
2018-11-01 at 18:39 #51476
mwisniewski
ParticipantCommonRansom is a new ransomware that demands not only RDP access to the user computer, but IP and admin credentials as payment, on top of the already required bitcoin payment.
-
2018-11-01 at 15:09 #51472
Ticia
ParticipantThis article is about how an “aggressive” and “sophisticated” malware attacked the networks that are in Iran. It is more violent than any other virus they came in contact with and they are currently trying to “adapt” to it to figure out an efficient and effective way to fight it off.
https://www.bleepingcomputer.com/news/security/new-stuxnet-variant-allegedly-struck-iran/
-
2018-11-01 at 14:53 #51470
Ticia
ParticipantThis article is about how CVE-2018-14665 (A FLAW) makes getting to the “root” level accessible when using the x.org server. Also, this is not something new, it has been present for two years.
-
2018-11-01 at 14:40 #51466
Ticia
ParticipantThis article is about how widely known and used brands are being targeted in “phishing attacks.” This was proved by Vade Secure, an email security provider. Brands like Microsoft, Paypal, Netflix, etc.
-
2018-11-01 at 12:31 #51444
depern
ParticipantFound on the dark web was over 80 million united states voters data that have been marked for sale!
-
2018-10-31 at 18:48 #51403
chazybear
Participanthttps://www.securityweek.com/logical-bug-microsoft-words-online-video-allows-code-execution
Microsoft has announced Microsoft Office has been infected with a logical bug that allows the attacker to access the online video feature in word to execute malicious code .Impacting users of office 2016 or older .
-
2018-10-30 at 16:25 #51373
martialasura
ParticipantThere is a malicious DDOS service for hire, Ox-booter is the DDoS-for-hire. The service is hired by powered by the Bushido IoT botnet. Ox-booter has around 500Gbps of bandwidth and 20,000 bots.
-
2018-10-30 at 16:12 #51371
martialasura
ParticipantMicrosoft silently updated windows 10 to fix a bug with Universal Windows Platform (UMP). The bug gave access to other files through broadFileSystemAccess (Broad Filesystem Access).
-
2018-10-30 at 13:22 #51365
martialasura
ParticipantCybersecurity researchers have discovered an unpatched logical flaw in Microsoft word. The logical flaw involves Microsoft Words ‘online video’ option in word documents.
https://thehackernews.com/2018/10/microsoft-office-online-video.html
-
2018-10-30 at 13:14 #51363
martialasura
ParticipantThe Federal Energy Regulatory Commission (FERC) issued three final rules. Cyber Security – Supply Chain Risk Management, Cyber Security – Electronic Security Perimeter(s), Cyber Security – Configuration Change Management and Vulnerability Assessments. These three rules will be implemented within the next 18 months
-
2018-10-30 at 10:40 #51344
martialasura
ParticipantThe FBI warns the public about possible scams/fraud with the after fact of the super typhoon yutu. They warn to check emails, don’t click on spam emails etc.
-
2018-10-30 at 10:01 #51342
martialasura
ParticipantThe Pakistan bank was attacked by a group of hackers that stole approximately 6 million dollars. The bank identified the breach when the internal security system identified “abnormal transactions” coming from pakistan debit cards coming from outside the country’s boarders.
https://cyware.com/news/hackers-hit-pakistan-bank-and-reportedly-stole-around-6-million-30ca052e
-
2018-10-30 at 09:55 #51340
martialasura
ParticipantIn 2017 the Ransomware Sage started making its name known. Sage was made with a intuitive user interface that was used to request payment. The interface made it easier for the infected person to find out how to solve their problem. Sage also made it so that the amount required to unlock your data is cheaper than the locky Ransomware. The required amount is around $499 USD.
https://cofense.com/sage-ransomware-distinguishes-engaging-user-interface-easy-payment-process/
-
2018-10-30 at 09:46 #51336
martialasura
ParticipantThe ransomwear Locky was one of the most successful ransomwear to emerge so far. Locky came out in early 2016 and lasted till around 2017. Locky was run by a threat group known as Dungeon Spider
https://cyware.com/news/locky-ransomware-being-operated-by-the-dungeon-spider-threat-group-0397c419 -
2018-10-29 at 11:30 #51323
AlliedChemical22
ParticipantDistrust increases with consumers,companies sell consumer data.
-
2018-10-28 at 21:55 #51294
ahmedalazzawi
Participanthttps://nakedsecurity.sophos.com/2018/10/19/serious-d-link-router-security-flaws-may-never-be-patched/
this article is talking about a researcher who found flaws in D-link routers. he contacted D-link and they replied saying that some flaws will be taken care of while others are end of life and will not receive updates anymore. he asked them to publish those routers names or he will. eventually he did and nothing was heard from D-link yet. -
2018-10-28 at 21:29 #51291
ahmedalazzawi
Participanthttps://nakedsecurity.sophos.com/2018/10/23/phishing-is-still-the-most-commonly-used-attack-on-organizations-survey-says/
this article is talking about how big companies are being attacked from outside and inside. from outside it is obvious from hackers, while from inside it is usually employees. they are either “getting duped” according to the article or they are “careless”. -
2018-10-26 at 16:59 #51241
mwisniewski
Participanthttps://www.wired.com/story/i-bought-used-voting-machines-on-ebay/
Brian Varner is a former NSA tactical analyst who now works for a security ops team as the head researcher. In this project he bought previously used voting machines off of eBay to asses their vulnerabilities. This one is definitely worth the read.
-
2018-10-25 at 15:27 #51232
depern
Participanthttps://www.bbc.com/news/business-45974020
This article talks about how there has been in a breach in the Cathay Pacific data. Hitting 9.4 million passengers, and with those people there has been a data leak of passport numbers, expired credit card details, and email addresses. -
2018-10-25 at 08:33 #51215
Gecky
ParticipantThis article is about McAfee’s research article about election misinformation
-
2018-10-24 at 13:23 #51198
plosiewicz
ModeratorHATMAN and Critical Infrastructure
New information from FireEye on the HATMAN Safety Instrumented System attack. This was featured in this week’s CSIAC Cyber Awareness Month piece on Cyber of CI.
For more information the link to my CSIAC article is at:
https://www.csiac.org/national-cyber-security-awareness-month-october-2018/safeguarding-the-nations-critical-infrastructure-national-cyber-security-awareness-month-week-4-october-22-26/From Reuters News:
Russia likely behind dangerous attack on Saudi energy plant: FireEye
http://www.reuters.com/article/us-cyber-russia-triton/russia-likely-behind-dangerous-attack-on-saudi-energy-plant-fireeye-idUSKCN1MX2JJA dangerous computer virus designed to destroy safety systems at industrial plants was likely developed by a Russian government-backed research institute, U.S. cybersecurity firm FireEye said on Tuesday.
Paul B. Losiewicz
-
2018-10-24 at 13:19 #51193
dhoffman
Participanthttps://thehackernews.com/2018/10/iphone-lock-passcode-bypass.html
a vulnerability is found in apple’s iOS 12.0.1 which allows people who have physical access to a phone to gain access to photos and send them. this is done with the help of Siri and VoiceOver screen reader. -
2018-10-23 at 16:10 #51186
AlliedChemical22
ParticipantAmericans willing to overlook data breaches towards brands.
-
2018-10-22 at 20:22 #51175
mciola10
ParticipantThis article is about how The bug influences the broadly utilized jQuery File Upload gadget and enabled an assailant to transfer discretionary records on web servers, including direction spends for sending directions. The jQuery File Upload has been helpless for a long time, since the Apache 2.3.9 discharge in 2010.
-
2018-10-22 at 11:20 #51148
ctaylor212000
ParticipantIn this article, it states that the current state of Cyber Security shows that trust is not the best thing to believe in online. Cyber Security has advanced to a point, protection is very important for this moment, thus meaning the opposition against Cyber Security has strengthened as well. Making sure that you should just trust just anyone on the internet. It shows that there has been above 40% of security breach on healthcare just in 2017. This in turn, just below 30% security breaches for PII (Personally Identifiable Identification).
-
2018-10-22 at 11:14 #51146
ctaylor212000
ParticipantIn this article, it states the biggest cyber security trends. Some of these trends are not the best of trends. The article leaves the readers a few bullet points provided by Head of Security for Dropbox. He states that they need more professionals in the cyber security field and failure has been leading consequences. The use of SaaS software has also been accelerating so they say you should become much more aware of good vs. bad SaaS security postures.
-
2018-10-22 at 11:08 #51143
ctaylor212000
Participanthttps://nyunews.com/2018/10/21/10-22-news-cyber/
In this article, it states that the NYU (New York University) is progressing their Cyber Security advances and fighting for it. They have plans to assist technological innovations with a few colleges. They are also offering programs to undergraduates at the colleges. This is to ensure to help them in future studies. Following this, they seem to have students already wanting this movement to occur.
-
2018-10-22 at 03:43 #51138
ctaylor212000
ParticipantIn this article, it explains that some security applications are quite different and seem to ask more rather than securing your privacy. However it points out a few applications that work along side with cyber security. One of the few applications would be a VPN, which is used for securing a better connection along side with not being able to be tracked down by your internet server provider.
-
2018-10-22 at 03:37 #51136
ctaylor212000
ParticipantIn this article it explains ways to defend against cyber security attacks. It gives you a few tips you can abide by that will allow you to feel much more secure than before. It also explains to reach out to your employees and teach them the necessary skills about security so they can be formatted particularly for the case of a cyber security attack so they have a somewhat idea of what is occurring.
-
2018-10-22 at 03:11 #51134
ctaylor212000
Participanthttps://www.cnet.com/news/facebook-reportedly-shopping-for-a-cybersecurity-company/
In the article, it explains that Facebook is shopping for cyber security companies to help beef up their security. They want to ensure the policy of safety by shopping for cyber security so those using Facebook can feel safer on Facebook without any problems rather than a ton of problems of breaching privacy.
-
2018-10-22 at 02:46 #51132
ctaylor212000
Participanthttps://www.seattletimes.com/business/ibm-takes-cybersecurity-training-on-the-road/
In the article, to explains how it they’re taking IBM cyber security training onto the road. The sudden movement was to create a way to tour around the world whilst teaching the skills of Cyber Security to oncoming colleges in the future in their way while touring. Rather than scrambling their methods to teach members of Cyber Security to know what they’re doing. They take the effort to travel to colleges to create an efficient learning process.
-
2018-10-21 at 18:37 #51130
chazybear
Participanthttps://www.securityweek.com/critical-vulnerabilities-allow-takeover-d-link-routers
researchers have found that attackers are targeting d-link routers with several vulnerabilities that gains access to a file that stores the devices password .The attacker can then execute certain commands to take over the device. No patches have been issued as of yet but in the meantime, the security flaws can be avoided by ensuring that the router is not accessible from the Internet.
-
2018-10-21 at 18:25 #51128
chazybear
Participanthttps://www.securityweek.com/tumblr-vulnerability-exposed-user-account-information
Tumblr announced that a vulnerbility was used by attackers that could be used to obtain customers account information used on blogs for example passowrds and previous used emails and last log in IP’s. the company claims a patch was issued within 12 hours and they’re not able to determine which users were affected.
-
2018-10-21 at 18:03 #51126
chazybear
Participanthttps://www.securityweek.com/google-pixel-3-improves-data-protection-security-chip
google has installed a new second generation , low powered security module on all of its pixel 3 devices called titan M . It is intended to help with the android verified boot . This chip also is used to ensures no-one can unlock a phone , not even google , without the owners cooperation.
-
2018-10-18 at 17:14 #51104
depern
Participanthttps://thehackernews.com/2018/10/iphone-lock-passcode-bypass.html
This article talks about how a new iPhone bug could give anyone access to Private photos!
-
2018-10-17 at 16:00 #51038
DukeNukemBOS
ParticipantThis article talks about how drones can be a threat to security and public safety.
-
2018-10-17 at 10:31 #51037
Gecky
Participanthttps://www.infosecurity-magazine.com/news/cybersecurity-salaries-jump-6/
This article states that salaries in the cybersecutiry field are being raised rapidly
-
2018-10-16 at 18:58 #51031
AlliedChemical22
ParticipantDrones posess new physical threat to cities. Implement drones for added security layer to cities?
-
2018-10-16 at 11:53 #51014
mwisniewski
ParticipantHere’s a nice article to keep us all motivated in our pursuit of a degree in cybersecurity! Salary’s have increased by double the national average!
https://www.infosecurity-magazine.com/news/cybersecurity-salaries-jump-6/
-
2018-10-15 at 12:09 #50997
dhoffman
Participanthttps://thehackernews.com/2018/10/download-fortnite-android.html
The popular game, Fortnite, was released for Android mobile devices but it is not available in Google Play Store. The company, Epic Games, decided to keep it available only on their website to increase revenue but this leaves the door open for malware to be presented as the game on a different website. -
2018-10-15 at 11:27 #50995
Ticia
ParticipantThis article is about how a fake app was found in the Microsoft store. The app claims to be an extension of Google Photos but really it has malicious intentions that mess with Windows 10.
-
2018-10-14 at 20:06 #50958
mciola10
ParticipantThis article talks about how phishers are impersonating the icelandic police sending out malicious emails to people warning them to come in for questioning and if they don’t comply they will issue a arrest warrant. There is also a another phishing scheme that involves making people click on a link that sends them to a fake identical looking website that tasks them to input their social security number and then asks for a authentication code to try to get into the victim’s computer and steal information.
-
2018-10-12 at 14:49 #50934
mwisniewski
Participanthttps://www.bbc.com/news/technology-45757528
The state of California has passed a bill that bans the use of unsafe passwords on net connected devices being produced or sold in California. The “Information Privacy: Connected Devices bill also calls for devices having better security features installed upon manufacturing.
-
2018-10-11 at 23:21 #50939
ahmedalazzawi
Participanthttps://nakedsecurity.sophos.com/2018/10/11/millions-at-risk-from-default-webcam-passwords/
This article is talking about a webcam company that is making their products easier to hack by attackers. Hangzhou Xiongmai Technology Co the company that is producing these cams, is using a standard ID for their cams which is not random. they also use a default password for the admin and never ask the user if they want to change the password which makes it easier for attackers to get into the system.
-
2018-10-11 at 21:40 #50930
Gecky
ParticipantThis article explains that the field of cybersecurity has over half a million vacant jobs
-
2018-10-11 at 16:54 #50910
depern
Participanthttps://thehackernews.com/2018/10/google-plus-shutdown.html
This article seemed very interesting, after the company google shuts down Google+ due to a massive data breach. Leaking private information of hundreds of thousands users.
-
2018-10-11 at 13:59 #50908
DukeNukemBOS
Participanthttps://www.securitymagazine.com/articles/89472-ca-to-ban-weak-passwords
This article talks about how California will start banning weak passwords on January 1st 2020 and will allow customers to sue the companies if they fail to acknowledge the policy
-
2018-10-11 at 00:02 #50890
Ticia
ParticipantThis article is about how Microsoft made an addition to their Controlled Folder Access which has an intended use of protecting specific folders by programs that could be unknown. Secret private folders at that. The article then goes on how it was brought to their attention how all of this could be bypassed by DLL injections.
-
2018-10-07 at 20:49 #50782
mciola10
ParticipantThis article talks about how notification pop-up spam are showing up on the desktop by clicking agree to show the pop-ups which are scams that include fake news, fake downloads, and unwanted extensions. If people don’t like seeing pop-ups on their screen they can disable it through google settings which will stop making it pop-up on people’s screen.
-
2018-10-05 at 18:42 #50770
dhoffman
Participanthttps://thehackernews.com/2018/10/bank-atm-hacking.html
The hacker group known as the Hidden Cobra have been using the method of FASTCash since at least 2016. FASTCash allows them to withdraw millions of dollars from any ATM and has been primarily used in Africa and Asia; an investigation is still under way as to whether or not it has affected any banks in the US. -
2018-10-05 at 14:16 #50676
mwisniewski
ParticipantRecently, Facebook discovered that hackers had gained the ability to possibly access 50-million user accounts through a bug which allowed them to gain digital keys from user logins. Facebook is cooperating with the FBI over the security breach.
-
2018-10-04 at 17:45 #50736
AlliedChemical22
ParticipantHere I have an article that lightly touches on the topic of ethical hacking. Enjoy!
-
2018-10-02 at 15:57 #50673
Gecky
Participanthttps://securityintelligence.com/national-cyber-security-awareness-month-whats-new-for-2018/
October marks the beginning of National Cyber Security awareness month. A time to spread awareness of safe cyber security practices.
-
2018-10-01 at 21:38 #50644
dhoffman
Participanthttps://thehackernews.com/2018/09/linux-kernel-exploit.html
Linux Kernal versions 3.16 through 4.18.8 have a vulnerability which allows anyone to gain a root access in about an hour. This would allow anyone to change data or crash the system, whichever they wanted to do. -
2018-09-29 at 20:13 #50581
Ticia
Participanthttps://www.bleepingcomputer.com/news/security/port-of-san-diego-affected-by-a-ransomware-attack/
The Port of San Diegos IT systems faced a ransomware attack which disrupted the line of work for businesses, parking permits, accessing public record requests, etc. So just about everyone is feeling the damage caused by the cyber-attack. The article also explains how the Harbor Police Department are continuing to work diligently to minimize the impact.
-
2018-09-28 at 20:48 #50576
depern
Participanthttps://thehackernews.com/2018/09/linux-kernel-exploit.html
Recently a Cyber Security researcher for the Google Project zero, uncovered a exploit for a high vulnerability within the Linux system. -
2018-09-28 at 13:05 #50564
mabdulkadhim05
Participantwhat this news articular is about the British airways security. the British whir have alot of security problems where 380,000 customer credit card details got breach.
-
2018-09-28 at 09:11 #50507
mwisniewski
Participanthttps://www.securityweek.com/over-6-million-users-hit-breach-fashion-retailer-shein
Shein was the target of a date breech in which hackers made off with over 6 million user emails and passwords. This article also talks about the aftermath and affirmative action Shein is taking to protect their customers information for the future to come.
-
2018-09-27 at 21:48 #50518
ahmedalazzawi
Participanthttps://www.securityweek.com/ex-nsa-hacker-sentenced-jail-over-kaspersky-leak
This article is about a former NSA hacker who took some sensitive information from work and saved it on his home computer. he protected his computer using Kaspersky anti-virus program which lead Russian hackers hack his computer in 2015 and steal the information.
-
2018-09-27 at 09:53 #50459
chazybear
Participanthttps://www.securityweek.com/how-cybercriminals-are-using-blockchain-their-advantage
cyber criminals are now turning to blockchain as there choice for attacking peoples computers . it works the same way as when we type in a website into a browser by searching for an ip address, essentially turning someones computer into a phone book.
-
2018-09-27 at 09:46 #50457
chazybear
Participanthttps://www.securityweek.com/how-cybercriminals-are-using-blockchain-their-advantage
cyber criminals are now Turning to “blockchain” technology to attack peoples computers. Their new m method of choice attacks. essentially working the same way we type a webpage in a browser it searches for an IP address . this is how blocktrain works.
-
2018-09-26 at 11:44 #50230
mcadwell30
ParticipantProtecting your Cryptocurrency. Because hackers are now finding ways into your Crypto Wallet and tricking or manipulating the device or program to transfer funds directly to themselves, speculations of how to stop that have arised. Crypto Defender is a proactive defense mechanism against Crypto Currency hackers. This program blocks multiple forms of malware, including keylogging malware, from gaining access to your mobile Crypto Wallet.
-
2018-09-26 at 11:43 #50232
mcadwell30
ParticipantProtecting your Crypto Currency. Because hackers are now finding ways into your Crypto Wallet and tricking or manipulating the device or program to transfer funds directly to themselves, speculations of how to stop that have arised. Crypto Defender is a proactive defense mechanism against Crypto Currency hackers. This program blocks multiple forms of malware, including keylogging malware, from gaining access to your mobile Crypto Wallet.
-
2018-09-26 at 11:20 #50429
DukeNukemBOS
Participanthttps://theconversation.com/with-usb-c-even-plugging-in-can-set-you-up-to-be-hacked-102296
This article talks about how usb c can get hacked easily and leak your confidential information that hackers can gain.
-
2018-09-25 at 16:12 #50401
smanchanda
ParticipantMy article discusses the recent discussion surrounding standing up a centralized agency with a cyber mandate in the US. Curious to see other peoples thoughts about the more decentralized fragmented way of cybersecurity seen in countries like the US and Germany vs highly centralized authorities like the CSA in Singapore and the RIA in Estonia.
-
2018-09-25 at 15:23 #50398
Flockhart
ParticipantThis article talks about how Nation-State attacks are on the rise according to Europol. Europol have also raised concerns that the new European data protection regulation (GDPR) is impacting its ability to sidentify threat actors.
http://ftnews.firetrench.com/2018/09/nation-state-attacks-on-the-up-say-europol/
-
2018-09-25 at 13:28 #50395
AlliedChemical22
ParticipantMy article this week is about the U.S. Justice Department having a meeting and discussing concerns about how technology companies handle user data and privacy concerns.
-
2018-09-25 at 12:38 #50390
Gecky
Participanthttps://thehackernews.com/2018/09/4g-ee-wifi-modem-hack.html
A severe vulnerability has been found in the new 4GEE mini modems that allows a hacker to run malicious programs with high privileges. As well as gain access to the entire system.
-
2018-09-25 at 11:49 #50386
dhoffman
Participanthttps://thehackernews.com/2018/09/bitcoin-core-software.html
Bitcoin updated their software to fix vulnerabilities found in their wallet which could have brought down Bitcoin network. Miners could attack the BTC network at the price of 12.5 bitcoins(roughly equal to $80,000) but the update is said to have fixed the problem. -
2018-09-24 at 18:49 #50361
mhapple25
ParticipantAn ad removal tool on the Apple App store watches what you do on your mac computer.
https://thehackernews.com/2018/09/mac-adware-removal-tool.html-
This reply was modified 2 years, 6 months ago by
mhapple25.
-
This reply was modified 2 years, 6 months ago by
-
2018-09-23 at 16:32 #50321
mabdulkadhim05
Participanthttps://www.forbes.com/sites/louiscolumbus/2018/08/31/58-of-all-healthcare-breaches-are-initiated-by-insiders/#1651d3d9601a
A lot of security breach are happen in health and medical people are steeling laptop to have access to medical researcher and health network access,more then 58% breach attempt involve internal actors. -
2018-09-22 at 11:10 #50300
chazybear
Participantfyi warns a rise in cyber-thieves targeting various payroll accounts in various industries. preferred method is phishing which would allow these criminals to capture employees log-in credentials, then secretly change their bank account information. one method the thieves use to tread unnoticed is to ad rules to employee accounts so they will not recieve alerts or notifications.
-
2018-09-21 at 21:06 #50293
Ticia
ParticipantThis article is about how Placebo, a security researcher noticed that Feedify a “customer engagement service” got hacked into. This is extremely important because a Magecart script was put into it (which is basically a credit card and other important information that should remain private thief) meaning that whenever someone loads and uses Feedify, they are unknowingly giving the “malicious code” access to their private information.
-
2018-09-21 at 20:35 #50292
Ticia
ParticipantThis article is about how Microsoft customers are now eligible for support for its ASMI. Protecting them against script-based attacks.
-
2018-09-21 at 14:24 #50284
depern
Participanthttps://www.technologynetworks.com/informatics/news/multiple-malware-threats-for-visitors-to-pirate-websites-309778
This article describes how thousands of malware were found on more than 1,000 websites. Which were suspected to share illegal protected content in an EU-wide research project implemented out by the EUIPO-
2018-09-21 at 20:04 #50290
Ticia
Participanthttps://www.bleepingcomputer.com/news/security/port-of-barcelona-suffers-cyberattack/
This article is about how the Port of Barcelona servers fell victim to a cyberattack. And how they are undergoing a series of plans to reverse the damage.
-
-
2018-09-21 at 14:16 #50283
depern
Participanthttps://www.securitymagazine.com/articles/89403-half-of-government-military-passwords-are-weak
This article is about how half of the governments passwords are very weak. Weak enough to be cracked in less than two days. -
2018-09-20 at 23:41 #50266
mciola10
ParticipantThis article is about how cyber criminals are using a program called “Xbash” that is a malware that searches for computers systems with weak passwords. The Cyber Criminal then scams the victim asking for crpytocurrency in order to restore the data.
-
2018-09-20 at 22:00 #50257
ahmedalazzawi
ParticipantThis article is talking about a hacker called Magecart who attacked and hacked British air lines and newegg online shopping website and stole buyers credit cards information. The attack was stopped on the website after about a month of stealing from the buyers.
-
2018-09-20 at 22:30 #50259
ahmedalazzawi
Participanthttps://www.securitymagazine.com/articles/89403-half-of-government-military-passwords-are-weak
This article is talking about how military employees password are two easy to revel by hackers. research showed that more than half of the employees had the same issue. the research also showed not only the military is facing that issue but also a high percentage of civilians are facing the same issue and making them easy targets to hackers.
-
-
2018-09-20 at 15:10 #50242
Gecky
Participanthttps://thehackernews.com/2018/09/newegg-credit-card-hack.html
Hackers has stolen customer credit card information from the popular retail site NewEgg. The magecart hacking group stole details of customers who purchased any products on the website from August 14th, and September 19th.
-
2018-09-19 at 21:40 #50228
mwisniewski
ParticipantThis article discuses the possible sanctions being brought upon a suspected North Korean hacker. Park Jin Hyok is a North Korean hacker suspected of being responsible for the Sony Pictures hack when the movie “The Interview” was released, as well as the ransomware called “wannacry”. Jin is also being looked at as the possible suspect who tried hacking into Lockeed Martin’s THADD missile system in South Korea.
-
2018-09-19 at 18:25 #50224
dhoffman
Participanthttps://thehackernews.com/2018/09/newegg-credit-card-hack.html
Megacart hacking group uses a digital credit card skimmer to steal the payment information of at least a million Newegg costumers. It affected all costumers who used the Newegg website between August 14 and September 18. -
2018-09-19 at 10:49 #50198
DukeNukemBOS
Participanthttps://thehackernews.com/2018/09/wd-my-cloud-nas-hacking.html
Researchers found that there is a vulnerability in Western Digital’s My Cloud that could let hackers gain admin-level control to certain devices.
-
2018-09-18 at 10:59 #50139
Rmalcinovic
ParticipantAirways disclosed a data breach impacting customer information from roughly 380,000 booking transactions made between August 21 and September 5 of this year.
-
2018-09-17 at 18:06 #50114
chazybear
Participanthttps://www.securityweek.com/feeling-pulse-cyber-security-healthcare
Healthcare providers are a very gainful target for cyber attackers . no surprise, healthcare records are a hot commodity for these cyber criminals, considering the type of information a patients records can consist of very sensitive material.
-
2018-09-17 at 14:32 #50105
AlliedChemical22
ParticipantDDos attacks more common in the Uk’s colleges and universities.
https://www.infosecurity-magazine.com/news/uk-universities-face-growing-ddos/
-
2018-09-17 at 11:18 #50094
-
2018-09-17 at 01:18 #50086
mciola10
ParticipantThis article is about when people input malicious macros onto the Microsoft 365, it will get triggered by AMSI (Anti-malware Scan Interface) the antivirus will track the malicious macro and will send it straight to the antivirus. AMSI helps get rid of malicious macros, once the macro is triggered it will then alert the person and it will be sent to antivirus to help stop the scripted malicious attack.
-
2018-09-12 at 21:18 #50020
mwisniewski
Participanthttps://www.securitymagazine.com/articles/89374-dhs-launches-national-risk-management-center
This article talks about the Department of Homeland Security launching the new National Risk Management Center. The NRMC will not only focus on protecting preferred governmental infrastructure, but will expand its resources to evaluate risks across the industry sector as well.
-
2018-09-11 at 19:03 #50010
Mdenova
Participanthttps://www.wired.com/story/hackers-steal-tesla-model-s-seconds-key-fob/
This article discusses how students at KU Leuven University have discovered how to clone a Tesla key fob. This helped Tesla to change their key fob security to include a pin.
-
2018-09-11 at 18:59 #50009
depern
ParticipantA British Airline was breached just last week which compromised nearly 400,000 booking transactions for the past few weeks. https://www.wired.com/story/british-airways-hack-details/
-
2018-09-11 at 13:48 #50004
Cpalamara23
ParticipantApple removes anti-malware apps from the store. The anti-malware apps were removed for collecting the users’ browser data. https://www.bbc.com/news/technology-45482819
-
2018-09-11 at 12:46 #50001
dhoffman
Participanthttps://thehackernews.com/2018/09/british-airways-data-breach.html
The payment information of close to 380,000 users of the British Airways website and mobile app was stolen. A spokesperson for the company suggests that it was done by a person with security clearance and not a hacker from the outside. -
2018-09-11 at 09:51 #49990
DukeNukemBOS
Participanthttps://www.wesh.com/article/wesh-2-news-investigates-election-cyber-security/23073476
WESH 2 news investigates election cyber security to ensure that residents of Florida are being protected while voting. Greg Fox looks into how it could stop cyber attacks on elections.
-
2018-09-10 at 19:32 #49987
AlliedChemical22
ParticipantHi there I am submitting an article about an article that talks about several unsavory hackers who hacked JPMorgan Chase & Co, including several other us companies. Of course these hackers had previous charges from other crimes. Enjoy!
-
2018-06-13 at 16:17 #37985
capatch
ModeratorDiscusses Air Force’s struggle against culture to develop a more holistic approach to Agile concepts in acquisition.
-
2018-06-07 at 14:37 #36969
plosiewicz
ModeratorVPNFilter back in the news. This is quite a problem alright. The author recommends buying a new router if it cant be updated. the question is to determine if the off the shelf replacements are also covered under recent s/w updates….
https://thehackernews.com/2018/06/vpnfilter-router-malware.html
-
2018-05-11 at 15:06 #32367
plosiewicz
ModeratorQuantum Blockchain discussion from MIT Tech Review
-
2018-05-11 at 14:59 #32359
plosiewicz
ModeratorA major procedural snafu in Government is lack of clarity in Defense Support for Civilian Authorities (DSCA) in the Cyber domain.
It appears that Congress has decided to join in the discussion….
-
2018-05-07 at 23:59 #32303
corycl4
ParticipantFormer employee of PenAir recently pleaded guilty to felony offenses and owes $5,616 back to the airline after hacking into their VPN network and tampering with airline ticket prices. A VPN connection does not secure a user’s identity as private but acts as though your computer had direct hook-up to their network. The employee was a director of system support and was responsible for the updating of security procedures around the networks of the company. The employee wiped out the existing Sabre system three times forcing employees to rebuild their systems. She was able to do this as she created fake employee profiles with extenstive rights before her retirement.
https://nakedsecurity.sophos.com/2018/04/19/employee-from-hell-busted-by-vpn-logs/ -
2018-05-07 at 23:48 #32300
corycl4
ParticipantGoogle has recently rolled out 2FA, or 2 Factor Authentication for logging into apps such as gmail. 2FA is another layer of security that users should take advantage of. The Google approach to 2FA sends a security message to your phone via SMS message, use an authenticator app or type your password. Setting up the 2FA feature is simple and takes a matter of minutes for both android and IOS users. One benefit of this set-up is that next time your account is being signed into from a new device, you will receive a message asking to verify your credentials. Immediately, you will know if someone is trying to get into your account.
https://nakedsecurity.sophos.com/2018/04/26/gmail-users-heres-how-and-why-you-should-set-up-prompt-based-2fa/ -
2018-05-07 at 23:45 #32299
corycl4
ParticipantFred Hutch, a cancer institute joined up with Microsoft to help fight the negative side-effects of chronotherapy with computer technology. They look to accomplish this by studying more before, during, and after visits. The technology part comes into play by examining the immune system, reading a blood sample and correcting multiple errors with the body.
Pokwire.com -
2018-05-07 at 23:44 #32298
corycl4
ParticipantPokwire.com
Microsoft and Amazon’s artificial intelligence systems, Cortana and Alexa, are cross referencing each other. Together, they are both OS assistants that provide google like information and are able to open and close apps as well as able to use any of your apps such as playing pandora or finding a destination. All at the command of your voice. Now two huge platforms bring them together on one device simultaneously to assist you quicker and bring you even further. -
2018-05-07 at 23:41 #32297
corycl4
ParticipantOn World Password Day, Twitter released a statement that a bug in their internal databases left passwords unencrypted, or in plain text. Unencrypted passwords and saving them to a temporary file is a big “no-no”. There are several risks to improperly saving passwords that users should be made aware of and use more precaution with. While Twitter has claimed they have fixed the issue, they strongly urge users to update their passwords on every device they use to log into the site.
https://nakedsecurity.sophos.com/2018/05/04/twitter-admits-to-password-storage-blunder-change-your-password-now/ -
2018-05-07 at 23:40 #32294
corycl4
ParticipantAbbot’s (formerly St. Jude’s Medical) has released a statement that their pace makers are vulnerable to security attacks and battery life loss. It has been reported that roughly 465,000 patients are at risk due to these security threats. MedSec, and IoT company published the bug issues in the equipment in 2016. At that time St. Jude’s decided to sue MedSec for defamation rather than fix the issues. Today however, involvement from the FDA and Department of Homeland Security has urged St. Jude’s to make the appropriate fixes. Patients are strongly encouraged to contact their doctor if they are concerned their pacemaker may be a vulnerable device.
https://nakedsecurity.sophos.com/2018/05/04/half-a-million-pacemakers-need-a-security-patch/ -
2018-05-07 at 23:14 #32292
tcornish13
Participanthttps://blog.avast.com/cambridge-analytica-shuts-down-and-ransomware-victims-pay-up
A school district in MA had been hit with ransomware, shutting down services.
-
2018-05-07 at 23:12 #32290
tcornish13
Participanthttps://www.theverge.com/2018/4/30/17302720/wechat-deleted-messages-china-government-surveillance
The use of the messaging app “Wechat” is being used in the prosecution of criminals.
-
2018-05-07 at 23:10 #32288
tcornish13
Participanthttps://www.theverge.com/2018/5/3/17316684/twitter-password-bug-security-flaw-exposed-change-now
Twitter discovered a bug in their system, and is advising users to change passwords.
-
2018-05-07 at 23:08 #32286
tcornish13
Participanthttps://www.theverge.com/2018/5/4/17303644/volkswagen-car-net-security-location-access
A former owner of a Volkswagen discovered she still had vital access to information about the vehicle after selling it.
-
2018-05-07 at 20:59 #32284
dragonfin
ParticipantThe Trump administration is reportedly looking to rescind Presidential Policy Directive 20 an important policy memorandum that currently guides the approval process for government-backed cyberattacks.
-
2018-05-07 at 20:58 #32282
dragonfin
ParticipantThe state of Delaware launched a website to assist in the compliance of the state’s updated data breach laws.
-
2018-05-07 at 20:57 #32280
dragonfin
ParticipantA new ransomware named after a gladiator is demonstrating how even malware with sparse features can get still get wreak havoc on unsuspecting users.
-
2018-05-07 at 20:54 #32278
dragonfin
Participanthttps://money.usnews.com/investing/cryptocurrency/articles/2018-05-04/is-bitcoin-a-safe-investment
The frequent hacking of cryptocurrency exchanges serves as a warning to investors.
-
2018-05-07 at 19:04 #32270
dalicaic25
Participanthttps://www.technewsworld.com/story/85252.html
Intel has come out with a 8th generation of proccesors that are a big improvement from the last gen -
2018-05-07 at 19:02 #32268
dalicaic25
Participanthttps://www.technewsworld.com/story/85246.html
There had been a shooting at the youtube headquarters and the female suspected was reportedly not fond of youtube and how they ran it -
2018-05-07 at 18:51 #32266
dalicaic25
Participanthttps://www.technewsworld.com/story/85198.html
FitBit has created a new watch to try and rival the apple watch and they wanna grow into the more modern type of watches with different styles -
2018-05-07 at 18:44 #32264
dalicaic25
Participanthttps://www.technewsworld.com/story/85173.html
Microsoft has given its devs more open source to its computing software in order to upgrade it from the last version -
2018-05-07 at 18:41 #32262
dalicaic25
Participanthttps://www.technewsworld.com/story/85153.html
Uber has created a way for people to walk a short distance to a location and get picked up for a lower cost than usual -
2018-05-07 at 18:38 #32256
jgray18b
Participanthttps://arstechnica.com/gadgets/2018/05/a-lightning-strike-shut-off-a-womans-brain-implant/
Elon Musk, has set out on a new project. This time it is a medical research company, called Neuralink, and sets out to develop brain implantation devices. This is meant to help us in the upcoming AI apocalypse, but couldn’t malicious organizations take advantage of these implantations?
-
2018-05-07 at 18:35 #32259
dalicaic25
Participanthttps://www.technewsworld.com/story/85168.html
Apple is trying to open up Health clinics to its employees as a token of gratitude for working for them -
2018-05-07 at 18:31 #32257
dalicaic25
Participanthttps://www.technewsworld.com/perl/section/technology/?init=60
Smart TV’s were getting hacked and people at home are starting to worry wether they are safe to have such TV’s at their house if they can so easily be hacked -
2018-05-07 at 16:41 #32244
dragonfin
ParticipantThis article is mainly talking about big data breaches that have happened in the 21st century. Yahoo being the biggest with over 3 billion user accounts.
-
2018-05-07 at 16:36 #32235
dragonfin
Participanthttps://www.nytimes.com/2018/05/01/smarter-living/how-to-sell-your-phone-safely.html
This article is from the New York Times. It is mainly about how to get rid of your old phone safely and how to wipe all your personal information before handing it off to a stranger.
-
2018-05-07 at 14:49 #32180
dragonfin
Participanthttps://www.nytimes.com/2018/05/04/technology/personaltech/staying-safer-on-public-networks.html
This article is from the New York Times. It is mainly talking about how to protect your personal information whenever you may be connected to a public network.
-
2018-05-07 at 09:45 #32176
dcopperwheat1
Participanthttps://www.securityweek.com/has-your-companys-infrastructure-been-hijacked-bitcoin-miners
With the rise of bitcoin again in the markets, companies have found that their resources have been hijacked to help mine. This article states the best defense is AI powered cyber defense is the best to detect and stop deviations from normal patterns.
-
2018-05-07 at 09:35 #32174
dcopperwheat1
ParticipantMore exploits found within our energy systems of control. In March hackers backed by Russia targeted our systems of energy, nuclear, and water. The system exploit would allow hackers to take control over the same system the U.S. gov’t uses to maintain and control these sites.
-
2018-05-07 at 09:24 #32171
dcopperwheat1
ParticipantGeorgia is looking to make it legal to hack back. I don’t think these politicians understand how hard it can be to track down origins of attacks. If it passes it would be interesting to see what you can get away with under the I was just attacked so I’m responding defense.
-
2018-05-07 at 08:16 #32139
rr1315
ParticipantBrain implants – the extreme form of biometrics! Soon to come with a reduced risk of EMF injury.
https://arstechnica.com/gadgets/2018/05/a-lightning-strike-shut-off-a-womans-brain-implant/
-
2018-05-07 at 08:15 #32143
rr1315
Participanthttps://www.rt.com/business/425942-buffett-cyber-risk-insurance/
Cyber insurance, soon to come – something I’d never heard of before.. but it makes sense. Uncharted territory indeed – this is in the works.
-
2018-05-06 at 22:03 #32154
jgray18b
ParticipantA new bug in Twitter’s code is discovered that stored some user passwords. They (Twitter) sent out alerts to reset passwords after acknowledging the mistake. They reported no indication of a breach or misuse of the passwords
-
2018-05-06 at 19:53 #32153
aaung01
ParticipantIt was a very unfortunate month for “ZTE,” the Chinese based telecom company. After acknowledged that the U.S. companies were banned to sell software and technological tools include CPU, smartphone chip to ZTE. The company now submitted a claim by both to scratch out the ban and give purchase power again like before.
-
2018-05-06 at 19:27 #32152
aaung01
ParticipantFacebook now opened “AI (artificial intelligence)” lab in Seattle and Pittsburgh. Surprisingly, its new hired employees made their own space with creativity like drawing on the wall, or sticking artificial flower. However, those two labs will be working together and by under the mother company of the Facebook.
-
2018-05-06 at 19:04 #32151
aaung01
ParticipantNo matter how many issue that the Google Chrome had, at this time, the users would be satisfy when they use the “Chrome 66.” The benefit of it is very humongous because, surprisingly, it will only allow “1,000” most popular websites to play video automatically with sound. “You Tube” is one out of many. Other than famous video sites, the Chrome will automatically block auto video playing with sound, but it will allow again when the users passionately click the video to watch.
-
2018-05-06 at 18:51 #32150
aaung01
ParticipantGoogle Chrome users around world wide are facing two big problems after upgrading the latest version. After using a while, the site unbelievably stop working and it made very complicated for users to reset and finally ended up and for users, restarting the computer was the only option. Secondly, the sites sometimes did not work by showing “ERR_TIMED_OUT” which meant, it was completely out of control and did not give users able to visit to current website.
-
2018-05-06 at 18:32 #32149
aaung01
Participanthttps://blog.avast.com/5-simple-tips-make-the-most-of-world-password-day
Avast’s one published article given advice of using 5 tips to make yourself stronger when there the time for making and remembering a very strong password. The article also concluded that the “38 %” of American people love to have the password of “…the same or very similar to each others…” which is usually weak and unhealthy.
-
2018-05-06 at 18:09 #32145
aaung01
Participanthttps://arstechnica.com/information-technology/2018/05/researchers-link-a-decade-of-potent-hacks-to-chinese-intelligence-group/
Researchers believed that the reason why the largest technology companies like “GOOGLE” and other popular games companies which were hacked for about a decade was under the operation of the Chinese Government’s Central Intelligent responsibility. They targeted companies mostly in United States, Europe, and Russia mainly. One Chinese researcher found out that the hackers were from all famous Chinese Companies and working together for Central Intelligent.
-
2018-05-06 at 16:28 #32141
rr1315
Participanthttps://www.rt.com/usa/425858-cybercom-combatant-command-nsa/
According to a Pentagon spokesperson, “the cyber domain will define the next century of warfare,” as a handful of the major powers in the world are labelled, by name, as adversaries to the U.S.
-
2018-05-04 at 13:49 #32135
smiles13
ParticipantInvestigators use genealogy sites to track down man connected to at-least 51 rapes and 12 murders. Done after finding someone with a similar DNA match and branching out from there.
-
2018-05-04 at 13:16 #32134
smiles13
ParticipantBug in twitter code is discovered by twitter that stored some user passwords. Twitter sends out alerts to reset passwords after acknowledging the mistake.
-
2018-05-04 at 09:36 #32132
mgallimo30
ParticipantNIGERIAN EMAIL SCAMMERS ARE MORE EFFECTIVE THAN EVER
https://www.wired.com/story/nigerian-email-scammers-more-effective-than-ever/Nigerian email scammers are still bringing in millions, although they are no longer posing as a prince in need. Now they are running a social engineering email scheme and stealing money from business using phishing emails.
-
2018-04-29 at 22:07 #30553
wpolnak
ParticipantThis article about the newest apple update really shows the importance of updating your devices constantly. Updates fix anywhere from minor bugs to mayor security problems and you need to keep yourself updated to keep your devices safe.
-
This reply was modified 2 years, 11 months ago by
CSIACAdmin. Reason: Fixed link and tags
-
This reply was modified 2 years, 11 months ago by
-
2018-04-29 at 22:04 #30552
wpolnak
ParticipantI always found the amazon echo to be kinda creepy just because all you have to do is say its name and it starts. That means to me that is must always be listening even when you aren’t using it. This article shows that to be true.
-
This reply was modified 2 years, 11 months ago by
CSIACAdmin. Reason: Fixed Link and Tags
-
This reply was modified 2 years, 11 months ago by
-
2018-04-29 at 21:58 #30551
wpolnak
ParticipantI found this article to be very important because it reminds people that ransomware is a prominent threat even today. ransomware has changed in many ways but it also isn’t just a large “brand name” virus anymore. There are so many different hackers can do this that it has so many name.
-
This reply was modified 2 years, 11 months ago by
CSIACAdmin. Reason: Fixed link and tag
-
This reply was modified 2 years, 11 months ago by
-
2018-04-29 at 00:12 #30550
henry
ParticipantTesla model X crashed into the concrete divider while it was on autopilot mode. Even though the car can operate on its own, Tesla said, the driver must agree to keep the hand on the steering wheel at all time. That was the first fatal accident by Tesla. Tesla recalled 123,000 of its model S and said there were no accidents or injuries shown.
-
2018-04-27 at 13:07 #30316
smiles13
ParticipantAmazons DNS had traffic rerouted for a cryptocurrency website. Attacks could be connected to Russia as the server that traffic was rerouted to seems to originate from the country.
-
2018-04-26 at 15:18 #30278
cspencer25a
Participanthttps://mashable.com/2018/04/16/taskrabbit-cybersecurity-incident/
According to this article, there has been a breach in Ikea’s app TaskRabbit. There has been little disclosed at this time, but they are calling it a ‘cybersecurity incident’, and they had to shut down the application due to a compromise of security.
-
2018-04-24 at 11:57 #30233
rileysperati
ParticipantMicrosoft again missed the deadline for the 90-day patching deadlines and made it vulnerable to hackers. The leak is a bypass flaw that affects Windows 10 machines with device guard.
-
2018-04-24 at 00:19 #30231
dcopperwheat1
ParticipantAnother data leak from our friends at Facebook from a company called Localbox. Organizations are still able to scrape public websites like Facebook and Twitter. This time an estimated 48 million accounts hit again.
-
2018-04-24 at 00:13 #30230
dcopperwheat1
Participanthttps://nakedsecurity.sophos.com/2018/04/23/linkedin-patches-serious-leak-in-its-autofill-plugin/
For all those of us that use LinkedIn to keep in touch with leads and networking across our respected fields. Nice to know that some programmers created a patch for their auto fill in options to possible allow malicious sites to farm data from the users.
-
2018-04-23 at 10:25 #30214
djones06a
Participanthttps://thehackernews.com/2018/04/adblocker-chrome-extention.html
A few widely used ad-blocking browser extensions available on the Google Chrome Store contain malicious code that can send user information and receive commands from a remote C&C server.
-
2018-04-20 at 22:25 #30212
nrea13
Participanthttps://www.securityweek.com/linkedin-vulnerability-allowed-user-data-harvesting
A vulnerability detected within LinkedIn in regards to an AutoFill feature had been patched. This vulnerability had a possibility of gathering user data for malicious purposes. The problem was identified before somebody could exploit it
-
2018-04-20 at 22:05 #30210
rydilly17
ParticipantWeb trackers are exploiting the “Login with Facebook” feature to gain access to data from the social media firm’s users, according to a report by security researchers at the Freedom to Tinker blog. Third-party JavaScript trackers are embedded on websites where users login through Facebook can gather their data, including email addresses, and as is reportedly the case with Bandsintown, pass that data to other websites.
-
2018-04-20 at 22:02 #30208
rydilly17
ParticipantResearchers have identified a new botnet malware described as the “Swiss Army Knife Malware”. Designed by a veteran threat actor it takes screenshot and drains cryptocurrency wallets.
-
2018-04-20 at 21:58 #30206
rydilly17
ParticipantSun Trust Bank today confirmed it was hit with an insider attack when a former employee, working with a third party, stole company contact lists possibly exposing the personal information of up to 1.5 million customers.
-
2018-04-20 at 21:56 #30205
rydilly17
Participanthttps://www.technewsworld.com/story/85291.html
Facebook on Tuesday unveiled a comprehensive series of privacy enhancements designed to extend protections required by the European Union’s General Data Protection Regulation to all of the social media company’s users around the world.
-
2018-04-20 at 21:45 #30203
rydilly17
Participanthttps://www.technewsworld.com/story/85286.html
Around 20% of the top app available through the google play store contain open source components with known vulnerabilities that can be exploited by hackers
-
2018-04-20 at 21:40 #30201
rydilly17
Participanthttps://www.technewsworld.com/story/85291.html
Facebook on Tuesday unveiled a comprehensive series of privacy enhancements designed to extend protections required by the European Union’s General Data Protection Regulation to all of the social media company’s users around the world.
-
2018-04-20 at 21:37 #30199
rydilly17
Participanthttps://www.technewsworld.com/story/85268.html
A web standards milestone announced Tuesday could point to the end of the road for pesky passwords.The new standard, WebAuthn, has won near-final approval from the World Wide Web Consortium, which establishes Web standards.
-
2018-04-20 at 21:29 #30197
rydilly17
ParticipantOn Tuesday, New York was one of many states who’s computerized English tests were interrupted by a cyberattack. New York education officials confirmed Thursday that its computerized exams suffered the same problems Tuesday as other states, but Questar — the Minneapolis-based company that administers the tests — has yet to detail the cause of the problems.
-
2018-04-20 at 12:44 #30195
awebb19
Participanthttps://www.theverge.com/2018/4/19/17258694/grasshopper-javascript-mini-games
Google has released an app that teaches you how to code javascript through a series of mini games. This is helpful as coding is becoming an increasingly important skill to have.
-
2018-04-19 at 23:47 #30192
rtmoran
Moderatorhttps://thehackernews.com/2018/04/iot-hacking-thermometer.html
Nicole Eagan, the CEO of cyber-security company Darktrace, disclosed, during a London based info-sec event, that an undisclosed casino was hacked through the exploitation of a vulnerability within the casino’s internet connected fish tank wifi thermometer. With internet connected technologies becoming even more commonplace, their presence brings to light new security implications and concerns moving forward.
-
2018-04-19 at 23:00 #30190
zijad94
Participanthttps://www.technewsworld.com/story/85283.html
Microsoft, Oracle and Facebook, along with 31 other companies, on Tuesday signed the Cyber security Tech Accord, an agreement aimed at defending against cyber-attacks, whether coming from rogue hackers or nation-states.
-
2018-04-19 at 21:12 #30188
glesher16
Participanthttps://www.securityweek.com/nigerian-hackers-attempt-steal-millions-shipping-firms
A Nigerian Hacking group, named GOLD GALLEON, have attempted to steal a few million dollars from shipping companies and customers of the companies over the last year. The group uses spear-phishing scams to try and gain credentials to ultimately modify financial documents redirect funds to their bank accounts.
-
2018-04-19 at 16:25 #30184
swoodworth31
ParticipantThe FDA wants to force medical device makers to include mandatory update systems inside their products in hopes of making the devices more secure.
-
2018-04-19 at 15:50 #30182
ttripp07
Participanthttps://www.securityweek.com/iphones-ipads-can-be-hacked-trustjacking-attack
Those with malicious intentions have devised a way to steal information from iOS users. Known as trustjacking, this attack involves the victim plugging his or her Apple device to a charging station and takes advantage of the “sync over Wi-Fi” feature on iOS devices. Even if the user disconnects their iOS device from the charging station, if he or she is on the same network as the attacker, data can still be stolen.
-
2018-04-18 at 19:44 #30172
dzemlevich
ParticipantA new survey suggests firewalls in organizations fall short in giving the needed protection they need. One main security concern for many of the organizations who took the survey is lack of application visibility, which means they are not getting the visibility and control into what’s really happening on their networks.
-
2018-04-18 at 13:31 #30170
mark
Participanthttps://www.theverge.com/2018/4/9/17216656/apple-renewable-energy-worldwide-climate-change
This article explains that the energy Apple uses is now green energy. Green energy for future tech companies should be used more often so we can make the world cleaner and advance technology at the same time.
-
2018-04-18 at 13:28 #30168
mark
ParticipantThis article discusses the new type of security that can easily identify people committing a crime. It shows how it can be used as a security issue, violating privacy and many other rights.
-
2018-04-18 at 09:38 #30162
cspencer25a
Participanthttps://mashable.com/2018/04/16/taskrabbit-cybersecurity-incident/
According to this article, there has been a breach in Ikea’s app TaskRabbit. There has been little disclosed at this time, but they are calling it a ‘cybersecurity incident’, and they had to shut down the application due to a compromise of security.
-
2018-04-17 at 20:30 #30164
austinmarino
ParticipantThis 19 year old got a hold of 7,000 confidential records through a portal. He says his intent was not malicious, but still could face up to ten years in prison. Maybe people should realize that internet security is not taken lightly.
-
2018-04-17 at 18:03 #30160
cspencer25a
Participanthttps://www.lifehacker.com.au/2018/04/microsoft-release-admin-tools-to-simulate-cyberattacks/
This article speaks about Microsoft releasing tools that can be used to simulate cyberattacks. This can be very advantageous especially for corporations that have employees that don’t know what to do in a practical situation.
-
2018-04-17 at 17:02 #30158
nd14
Participanthttps://thehackernews.com/2018/04/iot-hacking-thermometer.html
Hackers were able to gain access to a casino’s network through a fish tank thermometer.
-
2018-04-17 at 16:20 #30156
craigbeach
Participanthttps://thehackernews.com/2018/04/intel-threat-detection.html
Intel announced two new technologies to their processors that allows them to use built-in GPU’s for malware scanning. The two new technologies are: Threat Detection Technology (TDT) and Security Essentials. These technologies not only offer hardware-based built-in security features across Intel processors, but also improve threat detection without compromising system performance (Wang Wei). Current Scanning technologies can do this, but at the cost of GPU performance. Intel tested the new GPU-scanning technique, and CPU utilization for malware lowered from 20% to as little as 2%. Intel’s threat detection technology will be available in computers with 6th, 7th, and 8th generation processors.
-
2018-04-17 at 13:17 #30154
mmuya09
ParticipantThis article is interesting because a a man was an arrested man was used to discover a notorious drug dealer on widely used app that makes video/phone calls around the world or Whatsapp. This is really interesting because “Drug dealers” are using he internet to advertise products.
-
2018-04-16 at 14:42 #30127
glesher16
Participanthttps://www.securityweek.com/us-energy-department-offers-25-million-cybersecurity-tech
The United States Department of Energy announced a funding opportunity that it will award up to $25 million to research, develop, and secure its energy infrastructure. The Office of Electricity Delivery and Energy Reliability’s Cybersecurity for Energy Delivery Systems (CEDS) made the is looking to improve the nation’s enerygy delivery systems.
-
2018-04-16 at 11:51 #30126
aaung01
ParticipantApple will going to give authority to the third party watch faces in the future. And, it will at least giving power to 3 most popular technology invention like “Garmin’s OS, Fitbit OS, and War OS.” Hopefully, consumers will see more fresh, exciting and beautiful watch faces in the future.
-
2018-04-16 at 10:32 #30124
djones06a
Participanthttps://thehackernews.com/2018/04/android-dns-hijack-malware.html
Trojanized facebook and chrome android applications are being spread through the use of the ‘Roaming Mantis’ malware via infected routers.
Using DNS hijacking, the user is redirected to fake versions of trusted sites and asked to input sensitive information. -
2018-04-15 at 23:52 #30121
jgray18b
Participanthttps://www.theverge.com/2018/4/10/17215406/webauthn-support-chrome-firefox-edge-fido-password-free
Web browsers such as Chrome and Firefox, will soon introduce a new way to logn, using biological data, and USB tokens. This will reduce the number of people succumbing to phishing and the like. Services, such as Google and Facebook have already added this feature.
-
2018-04-15 at 17:30 #30119
mgallimo30
ParticipantCybercriminals now targeting tax pros to cash in on fraudulent returns
https://www.cnbc.com/2018/04/14/cybercriminals-now-targeting-tax-pros-to-cash-in-on-fraudulent-returns.htmlHackers have been attacking tax professionals through phishing emails in an attempt to masquerade as them. Allowing the hackers to steal personal tax information and file fraudulent returns.
-
2018-04-13 at 14:38 #30118
smiles13
ParticipantUpdated Article: Facebook Denies obtaining call logs through android phones despite reports. Android phones using older OS were ones that could exposed.
-
2018-04-13 at 13:53 #30117
smiles13
ParticipantUber facing tighter restrictions following breach in 2016. Where in this breach many users emails, mobile phones, drivers and drivers licenses were breached and Uber failed to report it for over a year.
-
2018-04-12 at 22:29 #29596
swoodworth31
ParticipantA malware campaign has been going on for four months, according to a Malwarebytes researcher. Users are redirected to web pages with fake software updates that infect the computer with malware.
-
2018-04-12 at 21:46 #29595
austinmarino
Participant -
2018-04-12 at 19:11 #29593
ttripp07
Participanthttps://www.securityweek.com/mobile-phishing-attacks-85-percent-annually
As how the average consumer uses technology has shifted to primarily involve mobile devices rather than laptops and desktops, attackers have done the same with their targets. It seems the smaller screen makes users less likely to notice when they visit a fake website. It also appears that solving this issue won’t be as simple as it would be on a desktop platform.
-
2018-04-12 at 18:26 #29591
nd14
ParticipantNot too surprising but the Secret Service has issued a warning about criminals swapping out the chips on stolen debit cards. When i was in retail and the use of the chip started i figured it would only be a matter of time before something like this happened.
-
2018-04-12 at 16:38 #29590
rtmoran
Moderatorhttps://thehackernews.com/2018/04/outlook-smb-vulnerability.html
A vulnerability residing within Microsoft Outlook allows attackers to steal Windows passwords by sending an RTF email, containing a remotely-hosted image file (OLE object) that Outlook automatically renders, initiating authentication with an attacker controlled SMB server.
-
2018-04-12 at 13:20 #29221
nrea13
Participanthttps://www.securityweek.com/adobe-patches-vulnerabilities-six-products
Adobe recently released a patch, fixing 19 vulnerabilities across their products. Six that had been declared critical had been patched that included bugs that led to remote execution of the code and information disclosure. Four vulnerabilities remained critical, but pose no threat for malicious use.
-
2018-04-11 at 13:18 #29187
rileysperati
ParticipantAs many people know now facebooks data of their users was shared with Cambridge Analytica and the information they received was used a way many people would not want it used.THere is a link to see if your data was shared, but if it is shared there is not much you can do about it. After this problem the people who use facebook should not share their whole personal live on social media.
-
2018-04-11 at 10:41 #29179
dzemlevich
Participant -
2018-04-10 at 16:40 #29174
awebb19
Participanthttps://www.theverge.com/2018/4/10/17215406/webauthn-support-chrome-firefox-edge-fido-password-free
Web browsers are creating a new way to log in that does not include passwords using things such as biometrics and USB tokens.
-
2018-04-10 at 14:55 #29171
craigbeach
Participanthttps://thehackernews.com/2018/04/helsingin-uusyrityskeskus-hack.html
According to thehackernews.com, Finland experienced their third largest data breach, with 130,000 passwords exposed. The website “http://liiketoimintasuunnitelma.com” was the affected target. The website stored the compromised passwords in plaintext, meaning they were displayed exactly as they are used with no types of encryption. The attackers still remain unknown. The incident has been reported the Helsinki Police of Finland. The affected uses are strongly recommended to change their passwords once the website relaunches.
-
2018-04-10 at 12:41 #29169
mmuya09
ParticipantBaltimore 911 Dispatch/CAD system was hacked by unknown hackers over the weekends. The hackers temporarily shut down the system using Ransomware malware, an investigation is currently underway.
http://www.baltimoresun.com/news/maryland/crime/bs-md-ci-911-hacked-20180327-story.html -
2018-04-10 at 00:32 #29161
henry
Participant
Chinese hackers affiliated with South China sea attacked many U.S. companies trying to get the information that would help their government, said one U.S. cybersecurity company, even though no specific source could be pointed out. However, Chinese hackers have been involved in other attacks as well other than this incident. Fred Plan, who is working for a U.S. cybersecurity company believed that these Chinese hackers are working for their government. -
2018-04-10 at 00:02 #29160
henry
Participant -
2018-04-09 at 23:41 #29159
henry
Participant -
2018-04-09 at 21:18 #29157
zijad94
Participanthttps://www.technewsworld.com/story/85258.html
The attacks have exposed millions of consumer payment cards to fraud. Cyberthieves have used a variety of methods to infiltrate corporate computer systems and resell financial data on the Dark Web.
-
2018-04-08 at 21:17 #29152
djones06a
Participanthttps://thehackernews.com/2018/04/helsingin-uusyrityskeskus-hack.html
Over 130,000 Finnish citizens have had personal information compromised after a cyber attack on a website maintained by the New Business Center in Helsinki. The compromised data included Usernames and Passwords which were reportedly stored in plain text.
-
2018-04-07 at 20:02 #29150
glesher16
Participanthttps://www.securityweek.com/researchers-link-new-android-backdoor-north-korean-hackers
A North Korean hacking group that has been named many things such as Reaper, Group 123, Red Eyes, and ScarCruft, has been linked to an Android backdoor. This backdoor, called the KevDroid, can steal contacts, messages, and phone history and is also able to record phone calls.
-
2018-04-06 at 07:55 #29131
ttripp07
Participanthttp://thehill.com/opinion/cybersecurity/381281-bitcoin-tech-could-become-the-future-of-voting
With all the controversy about illegitimate votes and hacked elections, this article describes what could be the solution to all of this: A voting system that utilizes the same technology as bitcoin, rather than outdated and highly vulnerable methods.
-
2018-04-06 at 07:55 #29135
ttripp07
Participanthttp://thehill.com/opinion/cybersecurity/381281-bitcoin-tech-could-become-the-future-of-voting
As there has been issues of potential hacking involved with various elections, this article explains a possible solution. This solution involves using the same technology used in bitcoin, which is a much more secure method.
-
2018-04-06 at 00:45 #29141
awebb19
ParticipantA unknown attacker used a bug in the Verge cryptocurreny network to accumulated 15.6 million verge coins in three hours. This is equal to $780,000 in cash. The Verge is working to fix the bug.The news of the attack has led to a drop in the verges exchange rate.
-
2018-04-06 at 00:38 #29139
awebb19
ParticipantThere is a new ransomware called WhiteRose that encrypts all the files on your computer, shows you a story, and gives instructions on how to pay the ransom. The good news is that it is decrypt-able so there is a forum that may be able to help if you are infected. It is not known for sure how the ransomware is being distributed.
-
2018-04-05 at 23:11 #29138
dalicaic25
Participanthttps://www.technewsworld.com/story/85238.html
The city of Atlanta has made great strives to recover from their most recent ransomware attack that occured a couple weeks ago. Hackers have accessed the governments important files during that week -
2018-04-05 at 22:07 #29133
cspencer25a
ParticipantIn this article they speak about a recent breach in security and a data breach that hit two large corporations, Delta Air Lines and Sears. With these attacks the main thing that was targeted was credit card details and other user credentials.
-
2018-04-05 at 13:59 #29122
craigbeach
ParticipantAccording to Rene Millman of scmagazine.com, staff at the Northern Ireland assembly showed multiple unauthorized login attempts of its IT system. Specifically, hackers attempted to log on staff email accounts using multiple passwords. This is the second time within a year such an occurrence has happened, the other one being on the House of Parliament, according to Tony Pepper. Bill Evans, the senior Director at One Identity stated that the IT team was doing the right thing on addressing the issue by alerting the staff and inspecting the systems. He also suggested that the staff follow a few guidelines to ensure security: multi-factor authentication, management of privileged accounts, and “ensure only the right people have access to the right things at the right time and educate those users”
-
2018-04-05 at 10:21 #29121
nd14
Participanthttps://thehackernews.com/2018/04/android-spying-trojan.html
New malware on android devices records phone calls and steals private information. The malware is a trojan disguised as an anti-virus called Naver Defender.
-
2018-04-04 at 20:07 #29115
rtmoran
Moderatorhttp://thehill.com/blogs/blog-briefing-room/381494-panera-bread-exposed-millions-of-peoples-private-information
Despite months of advanced warning, Panera Bread exposed millions of customer personal information, including names, emails, physical addresses, birthdays and last four digits of their credit card information. -
2018-04-04 at 17:42 #29113
mark
Participanthttps://www.theverge.com/2018/3/30/17179328/microsoft-windows-reorganization-future-2018
This article shows a life beyond windows. It shows the different ways in which Microsoft is expanding and creating more technology to further themselves in the community of technology.
-
2018-04-04 at 13:31 #29112
dzemlevich
Participant -
2018-04-04 at 12:28 #29109
rileysperati
ParticipantThis past week there was another breach were many Americans credit card information was stolen and this time Lord and Taylor and 5th avenue were the stores that got hacked. The information was stolen from cards that got swiped instead of using the chip reader. When you use a chip or a pi it is much safer but many stores do not allow this yet.
-
2018-04-04 at 10:55 #29107
swoodworth31
ParticipantMichigan signed two bills into law that criminalize the possession of ransomware. The punishment is three years in prison.
-
2018-04-03 at 21:41 #29104
austinmarino
Participant -
2018-04-03 at 10:55 #29046
mgallimo30
ParticipantTHE UNDER ARMOUR HACK WAS EVEN WORSE THAN IT HAD TO BE
https://www.wired.com/story/under-armour-myfitnesspal-hack-password-hashing/When Under Armour was attacked millions of users information was leaked but thanks to good data protection, only parts were leaked, like usernames and email addresses. Passwords were leaked too some with good encryption, bcrypt, and others with bad encryption, SHA-1.
-
2018-04-03 at 10:01 #29012
mgallimo30
ParticipantGOOGLE BANS ALL CRYPTOMINING EXTENSIONS FROM THE CHROME STORE
https://www.wired.com/story/google-bans-all-cryptomining-extensions-from-the-chrome-store/Google is putting one final stop to all cryptomining extensions both malicious and legitimate. Under there current rules, you can have a mining extension such as long as it’s clear that was it’s functionality.
-
2018-04-02 at 20:16 #29008
zijad94
Participanthttps://www.technewsworld.com/story/85238.html
Hackers encrypted many of the city government’s vital data and computer systems in Atalanta.
The hackers demanded that officials pay a ransom of US$51,000 to be sent to a bitcoin wallet. -
2018-04-02 at 14:04 #29007
dzemlevich
ParticipantGone are the days of jaywalkers not being held accountable for their actions, China has decided to use facial recognition technology to publicly humiliate anyone who has jaywalked by publicly displaying their faces on large LED screens placed at interactions.
-
This reply was modified 3 years ago by
jreade. Reason: Fixed Link
-
This reply was modified 3 years ago by
-
2018-04-02 at 11:57 #29002
rileysperati
ParticipantAfter facebooks data scandal they are changing things so it does not happen again. They are creating a new settings menu, new privacy shortcuts, and revised data downloads. With the revised data downloads you will be able to delete old posts that facebook has saved.
-
2018-04-02 at 10:46 #28994
djones06a
Participanthttps://thehackernews.com/2018/04/fastest-dns-service.html
Mohit Kumar of The Hacker News reported today on Cloudflare’s release of their privacy-first, free to use, DNS resolving services located on the easy to remember ‘1.1.1.1’. It also boasts to be one of the fastest DNS services available to the public.
-
2018-04-01 at 14:21 #28987
glesher16
Participanthttps://www.securityweek.com/20-arrested-italy-and-romania-spear-phishing-scam
Twenty individuals have been arrested in Italy and Romania for their connection with a 2-year phishing scam investigation. Through this scam, it is estimated that about $1.23 million was handed over to the scammers who sent spear phishing emails (emails that look like the email is coming from a reliable source such as a bank or firm) posing as tax authorities to gain banking credentials.
-
2018-03-31 at 19:48 #28986
wpolnak
ParticipantThis article was about a windows update had a huge flaw that lead to an easy way for hackers to access valuable information. I think this plays into how important updates are because no matter how hard they try to protect people, hackers still find a way. And updates are constantly fixing old updates.
-
2018-03-31 at 19:40 #28985
wpolnak
ParticipantI found this article to be very important. It talk about a recent event were a hacker attack the Baltimore 911 dispatch. this is important because this can hurt a lot of people that need to reach the police while someone in trying to pull a stunt.
-
2018-03-30 at 11:03 #28981
cspencer25a
ParticipantWith the Memcached servers vulnerable, this makes way for a mass amount of abuse. The concentration of this abuse is in the United States and China, leaving companies and corporations vulnerable to mass DDoS attacks.
-
2018-03-29 at 21:29 #28977
rr1315
ParticipantData is vulnerable to being stolen from internal states of processors. It’s going to be a while before something like this isn’t possible to do.
-
2018-03-29 at 19:11 #28976
austinmarino
ParticipantJust when we thought the WannaCry ransomware was taken care of…
-
This reply was modified 3 years ago by
jreade. Reason: Fixed Link
-
This reply was modified 3 years ago by
-
2018-03-29 at 18:44 #28974
dalicaic25
Participanthttps://nypost.com/2018/03/29/cybersecurity-experts-find-massive-flaws-in-grindr/
Experts of the app world have found out that a app called Grindr which is a gay dating app helped people find another person’s exact location with little to no expert knowledge of a app or a phone which is serious -
2018-03-29 at 18:37 #28973
dalicaic25
Participanthttps://www.technewsworld.com/story/85187.html
The united states was on fire from Russia because Russia was acting like they were pretending to be promoting African american businesses and they got caught.
-
This reply was modified 3 years ago by
jreade. Reason: Fixed Link
-
This reply was modified 3 years ago by
-
2018-03-29 at 15:41 #28716
dcopperwheat1
Participanthttps://www.securityweek.com/3-biggest-malware-trends-watch-2018
Malware trends of 2018, living off the land aspect shows some problems with IT administrators becoming complacent about unused tools and attackers are utilizing those to hide the infection process.
-
2018-03-29 at 15:40 #28653
dzemlevich
Participanthttps://nakedsecurity.sophos.com/2018/03/06/big-bitcoin-heist-sees-600-icelandic-servers-stolen/
Around 600 servers being used for bitcoin mining have been stolen, being valued at about 2 million dollars, police are looking for the culprits by keeping an eye out for unusually spiked energy usage across Iceland.
-
This reply was modified 3 years ago by
CSIACAdmin.
-
This reply was modified 3 years ago by
CSIACAdmin.
-
This reply was modified 3 years ago by
-
2018-03-29 at 13:38 #28940
ttripp07
Participanthttps://www.securityweek.com/big-business-bad-bots
It is no surprise that people are using bots for evil, but the number of them is what shocks me. The most surprising part is the ratio of bot to human traffic on the internet. We clearly need to do something, but if we were to, how can we filter out good bots from bad bots? There may not even be an answer.
-
2018-03-29 at 11:44 #28938
nrea13
Participanthttps://www.securityweek.com/crypto-mining-rampant-higher-education
This article reveals how rampant crypto-mining has become in higher forms of education, compared to other sectors like health-care or government. Higher education has more low risk threats within their overall threats, which are related to crypto-mining. Targeting education are a popular target because student’s are not considered employees compared to the business world and generally are more bound to bring security threats and outside information from third parties which why so many threat are happening within this sector.
-
2018-03-29 at 10:30 #28934
craigbeach
ParticipantRecall from one of my previous posts, the voting system of the United States is vulnerable in terms of Cyber-attacks. According to usnews.com, the United States has taken miniscule action in order to increase the security of our voting systems. According to a report from the Brennan Center for Justice – a “division of the New York University School of Law focused on democracy and justice issues” 41 out of 50 states have voting systems that are at least 10 years old, only three states since 2016 have revoked their voting systems. It is estimated that in 2018 and for at least the near future, 43 states will use voting systems that are discontinued/no longer manufactured, which imposes major security risks to these states.
-
2018-03-29 at 09:01 #28932
mmuya09
ParticipantI chose this article because it really interest me & because I have an iPhone:Law Enforcement Claim they can bypass & unlock any iPhone model on the market.
-
2018-03-29 at 08:13 #28927
rtmoran
ModeratorIt has been revealed that, if not explicitly forbidden, Facebook has been collecting call and SMS metadata on Android users for years. While scanning through an archive facebook had collected of him, a New Zealand man, Dylan McKay had discovered nearly two years’ worth of phone call and SMS metadata from his Android phone residing within.
-
2018-03-27 at 18:02 #28919
nd14
Participanthttps://www.securityweek.com/mozilla-isolates-facebook-new-firefox-extension
A new extension for Firefox isolates Facebook reducing its ability to track activity on other websites
-
2018-03-27 at 14:23 #28918
mark
Participanthttps://www.theverge.com/circuitbreaker/2018/3/23/17155586/apple-foldable-iphone-oled-lg-screen-2020
Apple may have a new phone soon that revolutionizes how we use our mobile devices. Bendable phones that may never break, get scratched, and full waterproof.
-
This reply was modified 3 years ago by
jreade. Reason: Fixed Link
-
This reply was modified 3 years ago by
-
2018-03-27 at 14:18 #28917
mark
Participanthttps://www.theverge.com/2018/3/22/17153050/walmart-patents-drone-shopping-assistants-smart-shopping-carts
This article shows the future of shopping for all Americans when it comes to shopping at Walmart. Walmart is bringing smart carts that work with your phones to communicate. Also they have come up with ways to manage inventory using robotics.-
This reply was modified 3 years ago by
jreade. Reason: Fixed Link
-
This reply was modified 3 years ago by
-
2018-03-27 at 12:42 #28913
swoodworth31
ParticipantExperts have found a new strain of malware that does its best to avoid military and government websites.
-
2018-03-27 at 11:00 #28911
craigbeach
Participanthttps://www.securityweek.com/ransomware-hits-city-atlanta
A possible variant of the “SamSam” ransomware has hit several “customer-facing applications” and some “internal services” in the city of Atlanta, according to securityweek.com. SamSam his hit two healthcare organizations this year. Atlanta’s Police department, water services, and airport(s) were left unaffected. Although, the affected services were demanded to pay in bitcoin, $6,800 for each system, or $51,000 to recover every system. Since Jan 27, the same hacker(s) account has collected $590,000. Mayor Keisha Bottoms suggests that customers and staff should monitor their bank accounts, and more importantly, secure them.
-
2018-03-26 at 21:44 #28907
zijad94
Participanthttps://thehackernews.com/2018/03/carbanak-russian-hacker.html
Spanish Police has arrested the alleged leader of an organised Russian cyber-crime gang behind the Carbanak and Cobalt malware attacks, which stole over a billion euros from banks worldwide since 2013.
-
2018-03-25 at 13:50 #28901
djones06a
Participanthttps://thehackernews.com/2018/03/amd-processor-hacking.html
Previously announced CPU vulnerabilities for AMD’s RYZEN and EPYC series processors by CTS-Labs researchers have now been confirmed by AMD and steps are being taken to supply patches and updates to those effected by the aforementioned vulnerabilities.
However there has been controversy surrounding the way in which CTS-Labs disclosed information about the vulnerabilities to the public only shortly after informing AMD of such issues.
-
2018-03-24 at 19:12 #28899
zijad94
Participanthttps://www.scmagazine.com/trickbot-banking-malware-has-new-trick-up-its-sleeve/article/753255/
Security reserachers have discovered that the Trickbot malware has been updated with you capabilities to evade detection and lock victim’s computers.
-
2018-03-23 at 15:38 #28896
smiles13
ParticipantMore developing news on the supposed hacker who began releasing the democratic committees documents. Following a mistake in forgetting to use a VPN sources were able to track the IP back into Moscow, Russia.
-
2018-03-23 at 15:28 #28895
smiles13
ParticipantAtlanta city government is hit with ransomware attack. Currently demanding a payment of $6,800 to unlock each computer or $51,000 for provision of all keys.
-
2018-03-23 at 02:15 #28881
tcornish13
Participanthttps://www.theverge.com/2018/3/21/17146764/venezuela-petro-cryptocurrency-russia
Venezuela’s crytocurrency has been supported by Russia since 2017, and has been used as a way to overcome US sanctions.
-
2018-03-22 at 23:08 #28879
awebb19
Participanthttps://www.theverge.com/2018/3/21/17147652/netflix-bug-bounty-program-15000
Netflix has opened a bug bounty program to the public. The maximum payout is 15,000 if you are able to find any security bugs and point them out to the company. Samsung and Microsoft currently offer a similar program but with much higher payouts because the security risk to them is much higher than netflix.
-
2018-03-22 at 21:32 #28876
mgallimo30
ParticipantChinese Crooks Assembling Massive Botnet of Nearly 5 Million Android Devices
https://www.bleepingcomputer.com/news/security/chinese-crooks-assembling-massive-botnet-of-nearly-5-million-android-devices/RottenSys has now infected almost 5 million android devices. The adware has taken on a deadly mutation allowing it to now be used as a botnet.
-
2018-03-22 at 20:55 #28874
rr1315
Participanthttps://arstechnica.com/gadgets/2018/03/windows-server-2019-coming-later-this-year-out-now-in-preview/
A new Windows Server release is coming, called “Windows Server 2019.” The future is now. -
2018-03-22 at 20:45 #28870
cspencer25a
Participanthttps://www.cso.com.au/article/635086/google-boosts-gmail-anti-phishing-defenses-tackle-bec-fraud/
Google has implemented a new defense against phishing attacks. This new model is aimed at businesses and to help prevent business email compromise (BEC) fraud.
-
2018-03-22 at 20:42 #28869
dzemlevich
Participanthttps://www.bleepingcomputer.com/news/security/city-of-atlanta-it-systems-hit-by-samsam-ransomware/
Ransomware is normally known to perpetually block access to a user’s data until the demanded money is transferred, well instead of individual users, there is a case in the city of Atlanta involving several local government systems being currently down due to a reported ransomware infection.
-
This reply was modified 3 years ago by
jreade. Reason: Fixed Link
-
This reply was modified 3 years ago by
-
2018-03-22 at 20:11 #28867
ttripp07
ParticipantWe’ve heard many stories about cryptojackers attacking phones and Windows machines, but it now appears that even Linux servers are being targeted. The exploit used is only possible on dated versions of Linux operating systems, but this shows how important it is to keep even Linux machines up to date.
-
2018-03-22 at 12:09 #28758
swoodworth31
Participanthttps://www.bleepingcomputer.com/news/security/ddos-attacks-are-10-per-hour-on-the-dark-web/
A U.S. security firm has found the prices of many items on the Dark Web have increased slightly since 2015. A DDoS attack for an hour is $10, and North American documents cost more than other regions.
-
2018-03-22 at 11:58 #28756
glesher16
Participanthttps://www.securityweek.com/netflix-launches-public-bug-bounty-program
Netflix is now using the Bugcrowd platform to give people money rewards of $100 – $15,000 for finding bugs and vulnerabilities in their services. To date, more than $200,000 has been reward to numerous white hat hackers and researchers and over 220 vulnerabilities have been patched.
-
2018-03-22 at 11:54 #28753
rileysperati
ParticipantMillions of people have iPhones and on all iPhones, Siri is connected. Siri is leaking the private information of their users, but this can be stopped if the iPhone users change their settings.
-
2018-03-22 at 10:49 #28750
mmuya09
Participantthis article is interesting to me because, the USA in accusing Russia for cyber attacks that can shut down power plants in the US and in Europe at anytime. they believe that Russia was doing this to prove that they can shut down the other nations power in a time of war or conflict
https://www.nytimes.com/2018/03/15/us/politics/russia-cyberattacks.html
-
2018-03-22 at 08:08 #28746
loper
Participanthttps://www.kali.org/news/kali-linux-in-the-windows-app-store/
he windows app store now has Kali Linux available for download. While it does have drawback to run it natively on a windows machine, it is now installable through 1 click.
-
2018-03-22 at 00:13 #28747
rtmoran
Moderatorhttp://securityaffairs.co/wordpress/70468/data-breach/frost-bank-security-breach.html
Suffering a major data breach, Frost Bank announced Friday, March 16 that a third-party lockbox software program the company uses was compromised, exposing check images which could be used to forge customer checks in the future. -
2018-03-21 at 18:01 #28742
nd14
Participanthttps://thehackernews.com/2018/03/expedia-data-breach.html
The credit card information of over 800,000 users may have been stolen from the orbitz website
-
2018-03-21 at 14:16 #28738
austinmarino
ParticipantThis article discusses the on going trend of bomb/shooting threats at schools. Regardless if it is a joke between friends on the internet, it is not taken lightly and be labeled as a cyber crime. Maybe people should start thinking before acting. Over 400 different schools were threatened because of childish behavior.
-
This reply was modified 3 years ago by
jreade. Reason: Fixed Link
-
This reply was modified 3 years ago by
-
2018-03-21 at 10:27 #28737
mark
Participanthttps://www.theverge.com/2018/3/20/17144482/orbitz-data-breach-credit-cards
This article warns those who use the traveling website Orbitz not to use it at this time. They were basically hacked and data of everyone’s credit card information can possibly be stolen due to the data breach.
-
This reply was modified 3 years ago by
jreade. Reason: Fixed Link
-
This reply was modified 3 years ago by
-
2018-03-20 at 15:06 #28734
wpolnak
ParticipantI found this article to be interesting because so often people will click on anything when they search for something. This article talks about a fake amazon website that win appear at the top of your searches and if clicked on can infect your computer.
-
2018-03-20 at 14:54 #28733
wpolnak
ParticipantI thought this article was very interesting because it really shows how careful you need to be when it comes to saving passwords. It talks about how even a well known website like Firefox has its own security flaws.
-
2018-03-20 at 01:18 #28725
dcopperwheat1
ParticipantNice history and perspective on Industrial control system attacks.
-
2018-03-20 at 01:06 #28723
corycl4
ParticipantScientist from Japan use AI to read minds, Computers able to see what your thinking. So basically how MRI’s work and when they look at your brain scans but now going a bit more in depth. So these machines are able to pick up and see like colors to a letter. Now by scanning your brain activity , recognizing different shapes they can see more in depth objects like animas and some parts of scenery can be lined. This can all be seen by computers of what your brain is visualizing, simultaneously .
-
2018-03-20 at 01:05 #28720
corycl4
ParticipantChrome recent has a new feature for security that acknowledges if you’re the right user. It recognizes this by the way you put in your credentials. So almost like a key logger but for a positive use. So it keeps track of the time it takes for you to type in one key after the next.
https://nakedsecurity.sophos.com/2018/03/16/the-chrome-extension-that-knows-its-you-by-the-way-you-type/ -
2018-03-20 at 01:03 #28718
corycl4
ParticipantThe smart phone company blackberry teams up with Microsoft and utilizing their app office 365. This mere has been brought about to combine both companies users as well for other companies that use their services, in providing extra level security as well as everything both of the companies already offer. So in all growing their user base even farther.
https://www.geekwire.com/2018/microsoft-partners-blackberry-integrate-office-365-secure-mobile-app-technology/ -
2018-03-20 at 00:31 #28715
dcopperwheat1
Participanthttps://www.securityweek.com/why-do-vast-majority-applications-still-not-undergo-security-testing
Great article about an ongoing problem with the app market. Poor coding practices and lack of good foundation is leading to a flood of attacks over the last year.
-
2018-03-12 at 16:08 #28679
djones06a
Participanthttps://thehackernews.com/2018/03/air-gap-computer-hacking.html
Using malware nicknamed MOSQUITO researchers were able to use ultrasonic waves emitted by speakers and/or headphones to transmit data from one air-gapped computer to another air-gapped computer.
-
2018-03-11 at 10:50 #28659
mgallimo30
ParticipantThe Leaked NSA Spy Tool That Hacked the World
https://www.wired.com/story/eternalblue-leaked-nsa-spy-tool-hacked-world/Almost a year ago now the NSA tool Eternalblue is still running rampid around the world. Despite Microsoft releasing a patch for systems as far back as windows XP and Server 2003.
-
2018-03-08 at 22:40 #28654
tcornish13
Participanthttps://www.securityweek.com/cortana-can-expose-enterprises-attacks-researchers-warn
Microsoft have discovered a way to use voice commands as a way to use a computers browser without having to have access/bypass any locked machine.
-
2018-03-08 at 19:24 #28651
austinmarino
ParticipantThis article talks about a company that has been hacked repeatedly since 2017 and finally calls it quits. Its quite funny and frustrating but if you visit their website and read the notice they have in bold red across their headline you’ll get a feel for how much this company has gotten attacked.
-
This reply was modified 3 years ago by
jreade. Reason: Fixed Links
-
This reply was modified 3 years ago by
-
2018-03-08 at 18:10 #28641
glesher16
Participanthttps://www.securityweek.com/microsoft-detects-massive-dofoil-attack
On Tuesday, March 6th, Microsoft’s anti-malware utility Windows Defender denied 80,000 separate cases of Dofoil (crypto-mining malware) malware. Versions of Windows that were protected include Windows 10, 8.1, and 7.
-
2018-03-08 at 14:21 #28639
cspencer25a
Participanthttps://thehackernews.com/2018/03/prevent-memcached-ddos.html
This article reads about what security researchers have been developing on the threat that is the Memcached server attacks. A kill switch has been discovered that could potentially help prevent DDoS attacks on large organizations. With the reoccurring threat, this makes some of the more damaging DDoS attacks less threatening to the civilian and business population alike.
-
2018-03-08 at 06:44 #28611
rtmoran
Moderatorhttps://www.kali.org/news/kali-linux-in-the-windows-app-store/
Kali Linux is now available in the Windows App Store.
Using the Windows Subsystem for Linux (WSL), users are now able to download and install Kali Linux through the Windows App Store. Kali is accessible to desktop users by Power Shell command line or by GUI desktop manager, such as, XFCE, via remote desktop. -
2018-03-07 at 23:58 #28621
henry
Participanthttps://www.bleepingcomputer.com/news/security/microsoft-updates-guideline-on-windows-driver-security/
Microsoft has launched the instructions about how to safely secure Windows drivers. Drivers are very significant because most attackers aim to attack these parts to gain access. -
2018-03-07 at 23:34 #28620
henry
Participanthttp://money.cnn.com/2018/02/14/technology/huawei-intelligence-chiefs/
In this article, FBI made an alert to the people in the U.S. to not buy smartphones made in China called Huawei. These smartphones are known to be stealing information and creating online threats even though Hwawei itself claimed that they have no intention to do such things like that. -
2018-03-07 at 22:45 #28618
nrea13
Participanthttps://www.securityweek.com/chrome-65-patches-45-vulnerabilities
Google’s newest patch included many patches from it’s previous versions but also adds a bit more bugs, including 27 vulnerabilities with 9 being security rated as a High risk, 15 being considered Medium risk, and 3 rated Low.
-
2018-03-07 at 19:53 #28616
zijad94
Participanthttps://www.technewsworld.com/story/85184.html
The agreement aims to create smart camera standards and to develop a shared cloud infrastructure. Cameras with NICE specifications would store images and video in the cloud, with NICE handling standardized encryption and AI processing for object recognition.
-
2018-03-07 at 19:50 #28614
ttripp07
Participanthttps://www.securityweek.com/triada-trojan-pre-installed-low-cost-android-smartphones
This article is about a trojan that is pre-installed on some low-budget android smartphones. This is incredibly dangerous as many people buy phones just for the sake of having a number to be contacted from, which makes these phones appealing to those who don’t care about getting much else out of their phones. These people are unlikely to have any idea of such malware existing.
-
2018-03-07 at 19:22 #28612
nd14
Participanthttps://www.technewsworld.com/story/85094.html
SentinelOne has released a free, but not opensource, tool for linux systems to monitor meltdown attacks
-
2018-03-07 at 16:06 #28609
awebb19
Participanthttps://www.scmagazine.com/millennial-habits-may-bring-an-end-to-the-password-era/article/746144/
Millennials are changing the way future authentication may be done. Millennials prefer convenience over security. More millennials are comfortable with other forms of authentication such as biometrics. Because of millennials relax attitude toward passwords and creating passwords this could be how we authenticate in the future.
-
2018-03-07 at 12:26 #28604
rileysperati
Participanthttps://nakedsecurity.sophos.com/2018/03/05/worlds-largest-ddos-attack-thwarted-in-minutes/
Last week the largest DDoS attack hit GitHub but the defense against this attack was successful. The attack only lasted nine minutes and appeared to be a ransom attack.
-
2018-03-06 at 19:58 #28599
swoodworth31
Participanthttps://www.bleepingcomputer.com/news/security/new-ddos-record-is-now-17-tbps/
Days after GitHub was hit with a 1.3 Tbps DDoS attack, a new record for the largest DDoS attack was set at 1.7 Tbps on a US service provider. DDoS attacks are estimated to reach 2 Tbps in the near future.
-
2018-03-07 at 10:49 #28603
plosiewicz
ModeratorYou beat me to it. New Memcache record DDS.
-
-
2018-03-05 at 22:51 #28576
mgallimo30
ParticipantGITHUB SURVIVED THE BIGGEST DDOS ATTACK EVER RECORDED
https://www.wired.com/story/github-ddos-memcached/Github was the recent victim of a DDoS of historic proportions. It it’s peak the attack was generating 1.35 TB of data with out using a botnet.
-
2018-03-04 at 16:56 #27733
djones06a
Participanthttps://thehackernews.com/2018/03/biggest-ddos-attack-github.html
Github was hit with one of the largest DDoS attacks on public record on February 28th. At its peak Github’s servers were receiving 1.35Tbps. The effect of this attack was reported to have been amplified by misconfigured Memcached servers.
On a lighter note:
https://www.nbcnews.com/tech/tech-news/girl-scouts-fight-cybercrime-new-cybersecurity-badge-n852971Girl Scouts of the USA will be adding a Cybersecurity Badge. This will likely result in more young people taking an interest in Cybersecurity and other STEM sectors. As such we may see an influx of women working in varying tech fields in the years to come.
-
2018-03-04 at 07:06 #27729
jgray18b
ParticipantA ransomware named Thanatos is new to the scene and demands payments for unrecoverable files in the form of Bitcoin Cash. It encrypts a user’s files with a key, not saving said key, making it increasingly difficult to crack, and then claim that only they have the decode tool to decrypt it.
-
2018-03-02 at 10:04 #27715
austinmarino
ParticipantThis article discusses some details about a massive security breach that happened. A lot of confidential information had been stolen from Americans.
-
This reply was modified 3 years ago by
jreade. Reason: Fixed Link
-
This reply was modified 3 years ago by
-
2018-03-02 at 03:25 #27714
smiles13
ParticipantAfter the cyber-attack of the 2018 Winter Olympic games it is believed that Russia was ultimately behind the attacks. Using a variety of methods to mask who actually initiated and carried out the attacks.
-
2018-03-02 at 03:07 #27713
smiles13
ParticipantUsing a vulnerability in rTorrent an attack has those infected (with Unix systems) installing cryptocurrency applications and mining Monero. So far the Profit is estimated at $43 a day with more expected growth, where the total estimated profit so far has been $3,900
-
2018-03-01 at 22:28 #27711
tcornish13
Participanthttps://blog.avast.com/mobile-security-and-new-data-on-risk-of-banking-trojans
Avast and a collaboration of other teams found that it is becoming increasingly difficult to tell if an app is real or fake.
-
2018-03-01 at 19:55 #27709
rr1315
ParticipantMicrosoft is partnering with Intel and AMD to roll out CPU firmware updates. It’s called for, but rare is it not, that firmware gets updated? This to address the “Spectre variant 2” attack.
-
2018-03-01 at 16:29 #27708
craigbeach
Participanthttps://threatpost.com/fbi-warns-of-spike-in-w-2-phishing-campaigns/130057/
– According to the Federal Bureau of Investigation (FBI), there has been a large spike in W-2 phishing campaigns. Hackers tampering with W-2 forms puts victims’ privacy and personal information in jeopardy. In 2016, there were just over 100 cases of W-2 phishing. In 2017 there were over 900 according to the IRS. To extend the case further, over 200 employers were “victimized”, which potentially put hundreds of thousands of employees’ personal information and identities up for grabs for hackers.
-
This reply was modified 3 years ago by
jreade. Reason: Fixed Link
-
This reply was modified 3 years ago by
-
2018-03-01 at 16:13 #27707
craigbeach
Participanthttps://www.securitymagazine.com/articles/88786-ransomware-as-a-service-hackers-big-business
– A new trend for Cyber Security Criminals, Ransomware is a malicious software intended to lock a victim out of their computer files who is them prompted to pay a ransom to have their files unlocked by the hacker. If the ransom is not paid by the victim, the hacker can keep the files locked indefinitely. According to Security Magazine, a total of $25 million in ransoms were paid to Cyber hackers in the last two years. The standards for learning how to use Ransomware is seldom. Any person who has a basic knowledge of computer technology, can buy instructions on the Dark Web on how to inflict ransomware tactics on victims for only $39 according to Security Magazine.
-
This reply was modified 3 years ago by
jreade. Reason: Fixed Link
-
This reply was modified 3 years ago by
-
2018-03-01 at 11:29 #27393
cspencer25a
Participanthttps://hackaday.com/2018/03/01/memcached-servers-abused-for-ddos-attacks/
This article explains how Memcached servers are being used for Distributive Denial of Service attacks across the nation. There has been an increase in DDoS attacks within the past month, and there is a potential threat in these attacks worsening since Memcached servers are gaining popularity. This can lead to a massive DDoS, and wide-ranging attacks across the country.
-
2018-03-01 at 14:53 #27704
plosiewicz
ModeratorThe original Cloudflare article should be consifdered as well:
https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/
-
-
2018-03-01 at 10:36 #27338
craigbeach
Participant– According to United States News (US News), there are several vulnerabilities that could allow hackers to alter votes and vote count. In the 2016 election, several different hackers actually attempted to hack into 21 states’ voting systems and was successful with tampering with the voting system of Illinois. In fact, states are rated on how well they protect their elections from cyber attacks and machine malfunction. 23 states received a ‘C’, while 17 more received a ‘D’ or an ‘F’. States are working to re-stabilize this massive issue.
-
2018-03-01 at 09:56 #26623
rtmoran
ModeratorNew mobile threat, RedDrop is making rounds among infected Android devices. Found within seemingly benign applications, RedDrop, once installed begins downloading at least seven more APKs embedded into the memory; each with their own malicious intent. Infected devices will begin uploading personal data to remote servers as well as SMS messaging a premium service while immediately deleting evidence – at high cost to the victim.
-
2018-03-01 at 00:36 #26627
nrea13
Participanthttps://nakedsecurity.sophos.com/2018/02/27/unsecured-aws-led-to-cryptojacking-attack-on-la-times/
An interactive map within the LA Time’s website left in an unsecured state let cryptojackers to install foreign software to crypt currency with their hardware. They eventually fixed the problem and not much damage had been left but it goes to show if something like that could happen again and eventually be exploited into malicious use widespread.
-
2018-02-28 at 20:46 #26624
ttripp07
ParticipantThis article explains the change in the trend of how those with malicious intentions plan to exploit users. In the case of this Exploit Kit, the focus has shifted from delivering ransomware to delivering cryptocurrency miners and information-stealing trojans in order to obtain their “easy money.” I find it surprising how much effort criminals put into discovering new methods of earning money in such nefarious ways rather than legitimate means. Is the effort really worth the risk?
-
2018-02-28 at 14:16 #25398
dzemlevich
ParticipantCameras installed in UK schools by third parties and most likely not changing the default password leads to insecure CCTV feeds of students all over the school district.
-
2018-02-28 at 10:55 #25090
rileysperati
Participanthttps://nakedsecurity.sophos.com/2018/02/28/making-private-browsing-more-private/
Browsing on the internet is not private and can be easily traced back to the user. A new server called Veil does not allow your privacy to be broken. Currently, this is only a prototype.
-
2018-02-27 at 21:55 #24642
glesher16
Participanthttps://www.securityweek.com/samsung-smartphones-get-encrypted-communications
KoolSpan, a software company based out of Maryland, now has a partnership with tech giant Samsung to provide encryption for communication across their cellphones. This partnership is to help stop the problem of rising attacks on mobile devices.
-
2018-02-27 at 20:17 #24638
awebb19
ParticipantMicrosoft has released a new guide on driver security. It includes things like a security checklist, driver threat modeling, and many other things. This is important because drivers are a crucial attack surface to all operating systems.
-
This reply was modified 3 years, 1 month ago by
awebb19.
-
This reply was modified 3 years, 1 month ago by
-
2018-02-27 at 19:05 #24636
swoodworth31
Participanthttps://www.bleepingcomputer.com/news/security/new-reddrop-android-spyware-records-nearby-audio/
New Android malware steals phone data like files, photos, and contacts, and can even record nearby audio. The goal of the malware is to subscribe the user to premium SMS services.
-
2018-02-27 at 13:01 #23605
mmuya09
ParticipantThis is interesting because an Apple Mac Malware(Coldroot) goes undetected/unnoticed for 2 years ( Malware can remotely take command of defensless computer and steal information like passwords) http://www.zdnet.com/article/coldroot-nasty-mac-trojan-went-undetected-for-years/
-
2018-02-27 at 11:52 #23601
plosiewicz
ModeratorGreat resource on Quantum Crypto from NIST:
-
2018-02-27 at 02:55 #23599
mark
Participanthttps://www.theverge.com/2018/2/26/17052802/apple-icloud-encryption-keys-storage-china
This article shows why people are worried about security because Apple is letting China store some Apple iCloud encryption’s.
-
2018-02-26 at 22:03 #23596
nd14
Participanthttps://threatpost.com/fbi-warns-of-spike-in-w-2-phishing-campaigns/130057/
The FBI warns of phishing during the tax season
-
2018-02-26 at 21:27 #23593
zijad94
Participanthttps://threatpost.com/revamp-of-pwned-passwords-boosts-privacy-and-size-of-database/130082/
The idea behind Pwned Passwords is to help organizations avoid using passwords that have previously appeared in a data breach or have been otherwise compromised in the past.
-
2018-02-26 at 21:24 #23591
zijad94
Participanthttps://www.technewsworld.com/story/85155.html
AI challenges global security because it lowers the cost of conducting many existing attacks, creates new threats and vulnerabilities, and further complicates the attribution of specific attacks. Given the changes to the threat landscape that AI seems to bring, the report makes some high-level recommendations that companies, research organizations, individual practitioners, and governments can take to ensure a safer world.
-
2018-02-26 at 13:16 #23586
plosiewicz
ModeratorSerious quantum computers are finally here. What are we going to do with them?
https://www.technologyreview.com/s/610250/hello-quantum-world/ -
2018-02-26 at 13:13 #23584
plosiewicz
Moderator‘Memtransistor’ Forms Foundational Circuit Element to Neuromorphic Computing
Combining characteristics of a memristor with a transistor mimics the multiple synapses of neurons -
2018-02-26 at 13:10 #23581
plosiewicz
ModeratorBerkeley Lab ‘Minimalist Machine Learning’ Algorithms Analyze Images From Very Little Data
CAMERA researchers develop highly efficient convolution neural networks tailored for analyzing experimental scientific images from limited training data -
2018-02-26 at 13:07 #23579
plosiewicz
Moderatorhttps://www.disa.mil/NewsandEvents/2018/SPIRNet-migration
DISA modernizes SIPRNet delivery, increases mission partner savings
The Defense Information Systems Agency (DISA) recently completed the Secret Internet Protocol Router Network (SIPRNet) Access Migration Project to improve and modernize the way mission partners connect to the SIPRNet and deliver cost reductions.
The project evolved the network from a point-to-point network to a virtual network, and increased the bandwidth capacity from 1G to 10G. It also reduced the size of the network, resulting in increased network efficiency, increased capacity, and improved survivability.
-
2018-02-26 at 09:27 #23569
mynameistrevor
ParticipantA program that let users link their facebook account to their tinder account has left attackers able to get into random tinder accounts with just a phone number or username. They did this by compromising “access tokens” from the users’ cookies.
-
2018-02-25 at 18:50 #23571
djones06a
Participanthttps://threatpost.com/fbi-warns-of-spike-in-w-2-phishing-campaigns/130057/
With tax season currently underway the FBI and IRS once again warn of a potential rise in Tax/W-2 related phishing schemes.
-
2018-02-23 at 02:45 #23555
pjsnell25
Participanthttps://www.technewsworld.com/story/85126.html
iOS boot loader code was leaked earlier this week which deals a major blow to the security of iOS devices despite being an older version. This released code could aid hackers in jail breaking newer versions of iOS.
-
2018-02-22 at 23:46 #23554
corycl4
ParticipantRecently an Austrian based Cybersecurity company reported that the MiSafes Mi-Cam for baby monitors can be easily hacked. All that is required for the hacker to do is change the request of the HTTP. One thing that can happen as a result of this, is to allow the hacker hear what is going on in the baby’s room. How they are able to do that is once the HTTP is changed they are able to get access to different accounts that are paired with the cameras. Additionally, the cameras are known to have outdated software susceptible to vulnerabilities.
-
This reply was modified 3 years ago by
jreade. Reason: Fixed Link
-
This reply was modified 3 years ago by
-
2018-02-22 at 22:21 #23551
austinmarino
ParticipantPretty disturbing to think that people are hacking into these webcams to lurk around and watch kids… These are being hacked through cloud server usernames, allowing the hacker to utilize this information to track attached devices.
-
2018-02-22 at 21:50 #23549
tcornish13
Participanthttps://www.theverge.com/2018/2/22/17042544/tor-director-shari-steele-steps-down
The current director of the Tor Project has announced her resignation.
-
2018-02-22 at 21:44 #23547
tcornish13
Participanthttps://www.theverge.com/2018/2/21/17036514/tinder-vulnerability-account-takeover-accountkit-login
Researchers recently published their findings that allowed tinder accounts to be taken over with just the phone number of the account owner needed.
-
2018-02-22 at 21:18 #23545
jgray18b
Participanthttps://www.scmagazine.com/tempted-cedar-spyware-spread-in-fake-kik-messenger-app/article/746148/
A type of spyware dubbed “Tempted Cedar Spyware” is being downloaded by users attempting to download the Kik messenger app. This spyware has been designed to steal a user’s information, once they have access; such as, device information and photos. They used fake Facebook profiles to attract people into downloading this Kik app from a 3rd part source.
-
2018-02-22 at 19:03 #23543
nd14
ParticipantDownloadable content for Microsoft flight simulator came with embedded malware
https://web.archive.org/web/20180220010608/https://www.pcgamer.com/flight-simulator-expansion-installed-password-stealing-malware-as-drm/ -
2018-02-22 at 17:28 #23540
majdacivic27
ParticipantIf you had a working phone connected to Account Kits along with an active Tinder account Prakash could easily hack into your account with access to all information. Tinder is not the only thing he would be able to access it could be things such as Facebook also. Both of these sites are frequently used by many people.
-
2018-02-21 at 23:05 #23532
aaung01
ParticipantIn our society no one can deny that Google is the leader when there the time to provide information to people. Almost all of technology tools being inventing somehow using google service. Even, today’s hot webcam like, “Nest Cam IQ” can support a lot like a smart camera for smart people. However, its price is not cheap.
https://arstechnica.com/gadgets/2018/02/nest-cam-iq-gets-ok-google-support-lower-monthly-fee/
-
2018-02-21 at 22:40 #23531
aaung01
ParticipantKeeping Companies’ important data is important and very complex. However, most companies somehow spend much more money for online cloud storage. But, at the same time, what we suppose to ask a clear question to ourselves is, is the online cloud, what we had paid for to protect ours’ information really secure enough? What about if not and or leaking or stolen by hackers?
-
2018-02-21 at 20:32 #23529
mark
Participanthttps://www.theverge.com/2018/2/19/17027570/volkswagen-id-vizzion-concept-car-geneva-motor-show
This article shows off Volkswagon and its new driverless car that doesn’t even have a steering wheel in it. It then goes to show off the new things coming along with the car and shows how it is one of the most technological cars coming out to date.
-
2018-02-21 at 18:42 #23528
rtmoran
ModeratorWith the adaptation of “smart” baby monitors, the conversation of convenience and privacy is being brought to the forefront. Vulnerabilities have been exposed with baby monitor brand, Mi-Cam, affecting more than 52,000 user accounts and monitor feeds; allowing unfettered access to monitors and user accounts.
-
2018-02-21 at 16:53 #23526
wpolnak
ParticipantTesla’s Amazon Web Server cloud system was hijacked by rogue cryptominers. RedLock researchers discovered an unprotected Kubernetes console, belonging to Tesla, that exposed access credentials to Tesla’s Amazon Web Services environment.
-
2018-02-21 at 16:40 #23524
wpolnak
Participanthttps://www.securityweek.com/google-researcher-finds-critical-flaws-utorrent-apps
Google researcher Tavis Ormandy discovered several critical vulnerabilities in the classic and web-based versions of BitTorrent’s uTorrent application. The flaws have been released and made public but, not all of the problems have been fixed yet.
-
2018-02-21 at 15:33 #23521
forkpahwu
ParticipantIntel has released a stable microcode to help address Spectre variant 2 attack on user computers.
https://arstechnica.com/gadgets/2018/02/intel-ships-hopefully-stable-microcode-for-skylake-kaby-lake-coffee-lake/ -
2018-02-21 at 15:26 #23519
nrea13
Participanthttps://www.securityweek.com/intel-releases-spectre-patches-more-cpus
Intel releases a firmware update that patches the vulnerabilities Spectre exploited within their processors. These include, but not limited to Kaby Lake, Coffee Lake, and so on. However, this only levitates a certain variant of Spectre and Meltdown, as the second variant requires more updates to completely fix.
-
2018-02-21 at 14:00 #23516
glesher16
Participanthttps://www.securityweek.com/global-cybercrime-costs-600-billion-annually-study
According to a new study, cyber crime costs have hit the $600 billion mark annual, with Russia being the worldwide leader in cyber crime. Ranked second and third are North Korea and Iran, respectively.
-
2018-02-21 at 12:05 #23511
henry
ParticipantIn this article, Microsoft promised to get rid of programs that force windows users to buy such upgrades or better versions. Microsoft stated, this kind of action is not acceptable and they are going to protect their customers in the future.
-
2018-02-20 at 20:17 #23465
mgallimo30
ParticipantHACK BRIEF: HACKERS ENLISTED TESLA’S PUBLIC CLOUD TO MINE CRYPTOCURRENCY
https://www.wired.com/story/cryptojacking-tesla-amazon-cloud/It was found that Tesla’s Amazon based cloud server was a recent target in the ever growing cryptojacking campaign. It was found by Red Lock when they were scanning the public internet for misconfigured and unsecured cloud servers.
-
2018-02-20 at 16:09 #23463
plosiewicz
ModeratorA new discussion topic: Cyber Laws of War.
U.N. Secretary General Antonio Guterres called on Monday for global rules to minimize the impact of electronic warfare on civilians as massive cyber attacks look likely to become the first salvoes in future wars.
15 Years ago we discussed this in St Petersburg, RU. Not much progress has been made. Anyone looking for a great Estonian SME on this topic should search “Eneken Tikk-Ringas”.
-
2018-02-20 at 13:36 #23457
awebb19
Participanthttps://www.theverge.com/circuitbreaker/2018/2/19/17029916/nintendo-switch-hack-linux-fail0verflow
Hackers from the collective group fail0verflow, have figured out how to run Linux operating system on Nintendo Switch complete with touchscreen support. fail0verflow says the bug theyre using to exploit the switch security system can not be patched on the current hardware.
-
2018-02-20 at 13:26 #23455
swoodworth31
ParticipantCryptocurrency mining malware has been installed on Tesla’s cloud servers after a breach in their system. It is mostly due to the fact that engineers forgot to set a password for the console.
-
2018-02-20 at 11:10 #23453
cspencer25a
ParticipantThe vulnerability that was acknowledged Monday by Apple is now fixed across all their devices. From what Apple has released about the problem that occurred was, that there was a bug in the Unicode symbol, which was a part of the south Indian language, that would cause the devices to crash.
-
2018-02-20 at 10:30 #23447
rileysperati
Participanthttps://nakedsecurity.sophos.com/2018/02/19/us-and-uk-condemn-russia-for-notpetya/
The NOtPetya cyber-attack accused that Russia were the people that were involved and many countries accused them. The problem is accusations only get you so far: no technical evidence against Russia has been found.
-
2018-02-19 at 22:19 #23434
ttripp07
ParticipantA few recent vulnerabilities have been discovered on Kaspersky’s web portal. This left people vulnerable to brute force attacks and credit stuffing attacks among a few other vulnerabilities.
Ironically these vulnerabilities have occurred on a service created by a company dedicated to cyber security.
-
2018-02-19 at 20:08 #23432
rydilly17
Participanthttps://www.scmagazine.com/staybridge-suites-lexington-hotel-hit-with-data-breach/article/744956/
The Staybridge Suites Lexington was notified of malware in a few of their POS devices resulting in a data breach. The types of devices infected are unknown, but we do know that customer names and credit card information was stolen.
-
2018-02-19 at 14:15 #23428
dzemlevich
ParticipantCryptomining scripts have made it to a whole heap of government websites. Web pages across the world that have been affected include the US, UK, and Australia.
-
2018-02-19 at 13:28 #23395
smiles13
ParticipantSatori, a Botnet that surfaced late last year in December has resurfaced again. Originally it had gained control of Routers made by Huawei and Realtek. And in Recent days has managed to infect routers made by Dasan Networks with the most recent count being at 13,700 infected.
-
2018-02-19 at 12:09 #23426
mark
ParticipantThis articles shows how much the economy spends on cyber attacks in the U.S. Then they also mention that data sharing is a big factor and they also explain what they do for there security after you throw there budget at them.
-
2018-02-19 at 08:26 #23416
jreade
ModeratorAir Force security hackathon leads to record payout and there were fewer vulnerabilities than last time. The Hack the Air Force 2.0 challenge from the end of 2017 resulted in volunteers discovering 106 vulnerabilities across roughly 300 of the USAF’s public websites.
-
2018-02-16 at 07:53 #18708
mynameistrevor
ParticipantAmazon will issue a fix to the security problems they were having with “Amazon Key”. A man named MG posted a video a couple weeks ago showing how easy it is to bypass this lock by disrupting wifi connections. MG will not be posting how he did it until Amazon fully releases this fix.
-
2018-02-15 at 23:44 #18706
awebb19
ParticipantMajor new iOS bug can crash iPhones and disable access to apps and iMessages
Italian blog Mobile World has detected a bug in ios 11.2.5 that can crash your iphone as well as disable access to apps and messages. The issue is being addressed by apple in future updates before the release of ios 11.3 in the spring. The bug effects apps such as Whatsapp, facebook messenger, and Outlook for ios. It has not been found to effect skype and telegram however.
-
This reply was modified 3 years, 1 month ago by
awebb19.
-
This reply was modified 3 years, 1 month ago by
-
2018-02-15 at 23:12 #18705
dcopperwheat1
ParticipantNot sure how much information can be released about the Notpetya attacks from Russia in 2017, maybe we can discuss methods of distribution or initial entry points to make sure we are on top of securing our networks. I am sure most of the information gathered on the attacks to Ukraine’s infrastructure isn’t cleared to express in depth, but maybe we can talk about some of the outer layers of the problems Notpetya exploited.
-
This reply was modified 3 years, 1 month ago by
CSIACAdmin. Reason: Fixed Link
-
This reply was modified 3 years, 1 month ago by
-
2018-02-15 at 22:20 #18704
austinmarino
ParticipantJust an article about how much bitcoin miners are actually stealing from people. Still kind of mind blowing that investors are sticking around with all of the controversy.
-
This reply was modified 3 years, 1 month ago by
CSIACAdmin. Reason: Fixed Link
-
This reply was modified 3 years, 1 month ago by
-
2018-02-15 at 14:34 #16651
majdacivic27
ParticipantAn average kid who was 15/16 at the time in England obtained information from the chief of the CIA about Iran and Afghanistan. He obtained this information from the comfort of his own home by easily pretending he was Brennan while calling companies like Verizon.
-
2018-02-15 at 14:25 #16600
rydilly17
Participanthttps://www.technewsworld.com/story/85115.html
A startup company has discovered that wifi most wifi routers have known vulnerabilities that are being neglected by the manufacturers. Insignary conducted the scans during the last two weeks of November 2017. Its research and development team scanned 32 pieces of WiFi router firmware offered in the U.S., Europe and Asia by more than 10 of the most popular home, SMB and enterprise-class WiFi router manufacturers: Asus, Belkin, Buffalo, Cisco, D-Link, EFM, Huawei, Linksys, Netis and TP-Link.
-
2018-02-15 at 14:25 #16601
rileysperati
Participanthttps://nakedsecurity.sophos.com/2018/02/12/you-have-five-months-to-switch-your-website-to-https/
This article explains why HTTP web connections are nearing the and and why HTTPS is the new priority for security.
-
2018-02-15 at 11:11 #16609
cspencer25a
Participanthttps://www.techrepublic.com/article/this-one-business-file-is-most-used-in-cyberattacks/
This article speaks about how businesses are coming under fire from malware attacks across the globe. The way that they are getting this malware is through scanning, downloading, and viewing PDF files that are infected and acting as Trojan Horses on the victim’s devices/machines.
-
2018-02-14 at 21:20 #16597
rtmoran
ModeratorA recently disclosed document suggests Equifax hack was worse than the company admitted. In addition to the theft of names, Social Security numbers, birth dates, and addresses; it is now revealed, hackers also made off with, tax identification numbers, email addresses, and phone numbers.
-
2018-02-14 at 18:47 #16596
zijad94
Participanthttps://www.technewsworld.com/story/85126.html
Apple lawyers have sent a copyright violation notice to Github, following the publication of leaked iOS 9 source code on the site. Though iOS 9 is a dated version of the company’s mobile operating system, it’s possible that the leaked code could be used to jailbreak older devices or worse.
-
2018-02-14 at 17:56 #16594
ttripp07
Participant“Now Cryptojacking Threatens Critical Infrastructure, Too”
https://www.wired.com/story/cryptojacking-critical-infrastructure/This article explains the growing threat cryptojacking poses to industries as critical systems could be run at dangerous capacities. The potential problems such crimes pose include the slowing of services at best and system failure at worst where up-time can be crucial.
-
2018-02-14 at 17:31 #16591
glesher16
Participanthttps://nakedsecurity.sophos.com/2018/02/14/watch-our-ads-or-well-use-your-cpu-for-cryptomining/
The news website “Salon” has been giving their web-visitors using an ad-blocker an ultimatum. They can either disable the ad-blocker to allow the site to run their ads or they keep the ad-blocker on and allow their internet browser to mine the cryptocurrency Monero as they explore the Salon website.
-
2018-02-14 at 16:23 #16589
zmasca29
Participanthttps://www.technewsworld.com/story/85126.html
Just recently it was announced that apple released that their IOS 9 source code was leaked. They are worried that this will allow people to jail break older devices or worse. Lawyers for apple are involved and they are trying to control the leak. Currently IOS 11 is out which most people have or have IOS 10 so this helps its not the most recent source code leaked.
-
2018-02-14 at 15:16 #16587
sam25
ParticipantBe careful hackers are using chatroom’s on valentines day to get users to install malware on their devices.
-
This reply was modified 3 years, 1 month ago by
CSIACAdmin. Reason: Fixed formatting
-
This reply was modified 3 years, 1 month ago by
-
2018-02-14 at 15:08 #16585
forkpahwu
Participanthttps://www.securityweek.com/zero-day-attack-prompts-emergency-patch-bitmessage-client
A major threatening due to Zero-Day attach as prompted the developer of PyBitmessage 0.6.2 to issue an emergency warning against the use of PyBitmessage 0.6.2 leading to Zero-Day on users with this version.
-
2018-02-14 at 14:50 #16583
forkpahwu
Participanthttps://www.securityweek.com/argument-against-mobile-device-backdoor-government.
The argument against government gaining backdoor access to individual mobile devices.
-
2018-02-13 at 14:25 #16581
swoodworth31
Participanthttps://www.bleepingcomputer.com/news/security/rapid-ransomware-being-spread-using-fake-irs-malspam/
An attack called Rapid Ransomware is being distributed through a fake email address from the IRS. Once opened, the file locks the users files and must be bought back from the attackers.
-
2018-02-13 at 13:39 #16578
mgallimo30
Participant“‘OLYMPIC DESTROYER’ MALWARE HIT PYEONGCHANG AHEAD OF OPENING CEREMONY”
https://www.wired.com/story/olympic-destroyer-malware-pyeongchang-opening-ceremony/The Olympics have been under fire from a targeted worm named “Olympic Destroyer.” It’s believed that it was intended to take the entire opening ceremony offline, although it only temporally paralyzed systems the day of the ceremony.
-
2018-02-13 at 12:23 #16577
ncdova97
ParticipantFake Flashlight apps are installing adware in phones
-
This reply was modified 3 years, 1 month ago by
CSIACAdmin. Reason: Fixed issue with URL link
-
This reply was modified 3 years, 1 month ago by
-
2018-02-12 at 13:31 #16566
dzemlevich
Participanthttps://www.bleepingcomputer.com/news/security/android-web-users-victims-of-cryptojacking-campaign/
Android mobile users are at risk at getting cryptojacked. Android users are being diverted to domains where a CAPTCHA appears for the user to answer, but here’s the trick, while the user is taking his/her time solving the CAPTCHA, the website loads and runs a cryptojacking script.
-
This reply was modified 3 years, 1 month ago by
jreade. Reason: Fixed Link Formating
-
This reply was modified 3 years, 1 month ago by
-
2018-02-12 at 06:48 #16532
mgallimo30
Participant“A CLASSIC SCAM FINDS NEW LIFE STEALING BITCOIN ON TWITTER”
https://www.wired.com/story/classic-scam-steals-bitcoin-on-twitter/Scammers are breathing new life into the give a little and get a lot scheme. Where they are impersonating verified twitter accounts and offering to give bitcoins in return for giving smaller amounts of bitcoins.
-
2018-02-12 at 06:45 #16548
djones06a
Participanthttps://thehackernews.com/2018/02/supercomputer-mining-bitcoin.html
Russian scientists working at a Russian nuclear research facility have been arrested for trying to use the facilities hardware to mine bitcoin. The scientists were found out after trying to connect the facilities supercomputer to the open internet.-
2018-02-20 at 15:55 #23461
plosiewicz
ModeratorWe work with a few DOE labs….They would be interested in this! Not DOING it of course 🙂
-
This reply was modified 3 years, 1 month ago by
plosiewicz.
-
This reply was modified 3 years, 1 month ago by
-
-
2018-02-09 at 03:05 #16541
pjsnell25
Participanthttps://www.technewsworld.com/story/85115.html
The South Korean company Insignary has scanned 32 routers by more than 10 manufactures and discovered firmware exploits that have been know about for years have not been patched. They also say that Linux operating systems may be easier to exploit than Windows or iOS because of the many different versions of Linux that exist today. Security patches can not be pushed uniformly to all these versions at once.
-
2018-02-08 at 22:50 #16538
wpolnak
Participanthttps://nakedsecurity.sophos.com/2018/02/07/reddit-users-beware-its-evil-twin/
I found this article to be very interesting. It talks about a site called Reddit.com and a twin cite that has a very similar name called Reddit.co. it’s name is only different by one letter. It is set up as a twin to trick people into putting person information into the wrong cite. It is something that people need to be more aware of especially if it was a more serious web site.
-
2018-02-08 at 20:49 #16536
mynameistrevor
ParticipantAmazon “Key” is a service that allows “In-home delivery” by allowing certain people to have permission to unlock your door via cellphone. A man on twitter, named “MG”, shared a video of how an attacker/intruder can use a “Break and Enter dropbox” to keep the door unlocked after an amazon delivery. Amazon stated that this is an issue with wifi protocol, not the amazon software.
-
2018-02-08 at 17:36 #16534
swoodworth31
ParticipantThis article says that scam websites have found a trick that freezes the visitors’ browser by initiating thousands of download operations. Visitors then panic and call a number on the screen to a scam tech support line.
-
2018-02-08 at 16:38 #16530
rr1315
Participanthttps://www.databreachtoday.com/us-data-breaches-hit-all-time-high-a-10622
This article has graphs showing how people’s personal information was stolen, plus what types of institutions it was taken from. There is a citation for the claim in the article title; apparently this was a bad year.
-
2018-02-08 at 14:46 #16517
cspencer25a
ParticipantThis article talks about the increase in intensity of phishing attacks and the theft of many email accounts. These attacks are directed to people whom conversate via email, and the desired outcome is to spread malware with the email accounts that are compromised.
-
2018-02-08 at 14:26 #16514
craigbeach
Participanthttp://www.securityweek.com/stealthy-data-exfiltration-possible-magnetic-fields
Researchers from a university in Israel have developed two types of malware concepts capable of obtaining information by the use of magnetic fields. These types of malware are capable of obtaining information, even if the device with the information is in a Faraday cage, or is on airplane mode.
-
This reply was modified 3 years, 2 months ago by
jreade. Reason: Edited link
-
This reply was modified 3 years, 1 month ago by
CSIACAdmin.
-
This reply was modified 3 years ago by
jreade.
-
This reply was modified 3 years, 2 months ago by
-
2018-02-08 at 09:29 #16499
jreade
Moderatorhttps://www.infosecurity-magazine.com/opinions/ai-workplace-digital-assistants/
Digital assistants like the Amazon Echo and Google Home have exploded in popularity over the last couple of years, making their way into more and more people’s homes, and are starting to make the transition to the business world. Journalist Sage Singleton examines the potential implications of business use of artificial intelligence (AI) for privacy and security. Since AI tools use voice recognition to function, they are always listening even when not in use, which could easily allow corporate espionage and identity theft. Additionally, since devices may not use end-to-end encryption, data could be vulnerable to third-party mining. Singleton outlines these concerns and potential solutions and steps for protecting your business from attack.
-
2018-02-08 at 09:18 #16496
nrea13
Participanthttp://www.securityweek.com/windows-10-ransomware-protection-easily-bypassed-researcher-says
This article goes over what a researcher has uncovered about exploits with ransomware through Windows Defender Exploit Guard that was added in the Windows 10 Falls Creators Update. They found that people can bypass the new system by using authorized apps like Office to access the data in whatever manner they can.
-
2018-02-07 at 19:50 #16494
-