News

The cyber security industry in Northern Ireland provides employment for nearly 1,700 people and is on course to generate more than £70m in salaries each year, according to Máire O’Neill, professor at Queen’s University Belfast.Source: Computer Weekly

Hackers drained cash from Amazon merchant accounts over a six month period, a redacted U.K. filing from November 2018 spotted by Bloomberg reveals. In the filing, which details “extensive fraud”, without naming the sum stolen, Amazon’s lawyers asked a London judge to approve account statement searches at Barclays and Prepay, where the hackers had access to accounts used in the fraud.Source: Computer Business Review

A recent Ponemon Institute study found that there has been a dramatic increase in IoT-related data breaches specifically due to an unsecured IoT device or application since 2017. The study found these breaches account for 26 percent of incidents, up from 15 percent, although the actual number may be greater as most organisations aren’t aware of every unsecured IoT device, application, or third party platform, according to the firm’s "Third Annual Party IoT Risk: Companies...

The apps bundled with many Android phones are presenting threats to security and privacy greater than most users think. This according to a paper (PDF) from university researchers in the US and Spain who studied the pre-installed software that 214 different vendors included in their Android devices. They found that everyone from the hardware builders to mobile carriers and third-party advertisers were loading products up with risky code.Source: The Register

An annual study by the University of Roehampton has found that fewer 16-year-olds in England are getting a computing qualification. It also said schools have cut back on the hours spent teaching the subject. In 2018, 130,000 students got a GCSE in either computer science or ICT (information and communications technology), down from 140,000 the previous year. Source: BBC

A recent article in Nature highlights a discovery that pushes the boundaries of our imaginations and challenges some of the very attributes that make us human. The piece details how artificial intelligence is creating speech by interpreting brain signals (and even offers an audio recording for a chance to hear it for yourself). It’s a key advancement for people who can’t speak because it provides a direct technologically-enabled path from thought to speech. Source: Fortune

Samsung has announced its new Exynos i T100 chip that integrates a processor and memory. The solution, which is aimed at Internet of Things (IoT) devices will bolster the security and reliability of products that ship with this hardware. With more and more smart home devices coming online, maintaining good security is critical. Source: neowin.net https://www.neowin.net/news/samsung-launches-exynos-i-t100-chip-to-bolster-iot-security

Binance, one of the top five cryptocurrency exchanges in the world, announced a "large scale security breach" during which hackers stole over 7,000 Bitcoin, worth nearly $41 million at the time of writing. The breach occurred today, May 7, and was disclosed on the company's blog and social media channels. Binance said hackers used various techniques --such as "phishing, viruses and other attacks"-- to gain access to user accounts, including "API keys, 2FA codes, and potentially other...

A scammer looking to take over a YouTube account got a big fat nothing by targeting the owner of a channel that saw right through the fraud and spread the word about the attempt. The scam was simple and could have gotten through had it not been for some details that rang the alarm bells of the intended victim. Source: Bleeping Computer

Cisco has patched a critical, remotely exploitable authentication bypass vulnerability in Cisco Elastic Services Controller (ESC), a popular enterprise software for managing virtualized resources. About the vulnerability (CVE-2019-1867): “The vulnerability is due to improper validation of API requests. An attacker could exploit this vulnerability by sending a crafted request to the REST API. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on an affected system,”...