Top 10 Stories

A new kind of attack is targeting unsecured Internet of Things devices by scrambling their code and rendering them useless. Security firm Radware first spotted the newly found "BrickerBot" malware last month after it started hitting its own honeypots, logging hundreds of infection attempts over a few days. When the malware connects to a device with their default usernames and passwords -- often easily found on the internet -- the malware corrupts the device's storage, leading to...

Oracle today emitted a huge batch of 299 security fixes for its software – including a patch for a vulnerability exploited by a leaked NSA tool that can hijack Solaris systems. Details of the massive April dump can be found here: Oracle describes the updates as "critical," and urges admins to install them "without delay." Among the trove is a patch for CVE-2017-3622, a local privilege escalation hole in the Common Desktop Environment on Solaris 10 that is...

An unexpected location is making a serious case as a worldwide centre of excellence in cybersecurity: Ireland. Cybersecurity activity in Ireland covers a thriving ecosystem, from multinationals at the cutting edge of cloud and mobile security, to indigenous companies working in a range of industries and with a variety of technologies, to academic research and education in computer forensics, privacy, network analysis and security analytics software. A 2016 report by consultants Deloitte found that Ireland ranks as a...

A stolen ID may have been used to set up an elaborate ASIC email scam designed to infect victims’ systems with malware. MailGuard CEO, Craig McDonald said the email had been sent out to Australian businesses this morning, containing a type of malicious software designed to install malware on victims’ computer systems. Experts from the MailGuard cybersecurity team said the mail was most likely to download a trojan or ransomware. “The zero-day email appears to...

Cybercriminals are taking advantage of US taxpayers leaving it to the last minute to file their taxes: they're using the April 18 deadline as a cover to spread remote-access Trojan malware that can compromise victims' computers and the data stored on it. Tax season is a prime time for cybercriminals attempting to steal financial information and personal data, especially when potential victims are concerned about money they either owe or are owed. It's such a major...

A new ransomware as a service (RaaS) called Karmen has been discovered by security researchers at Recorded Future. This service allows anyone, including novices, to set up an account and customize their own ransomware campaign. The Karmen RaaS costs $175 and lets buyers set ransom prices, determine how long to give victims to pay and offers multiple ways to communicate with targets. The console also acts as a dashboard allowing subscribers to keep tabs on the number...

Far-right group Britain First, which has been banned from London and entering any UK mosques, recently became a victim to angry hackers, who posted death threats on one of the organisation's leader's website, warning the group to 'stop being racist to Muslims'. Unknown hackers reportedly hacked and defaced the Twitter account of Britain First leader Paul Golding and the personal website of the organisation's deputy leader Jayda Fransen. View full story ORIGINAL SOURCE: IBTimes

Threat hunting is becoming an integral part of defensive activities in larger enterprises or those that have been heavily targeted in the past, according to a new SANS survey. Yet, findings also show that threat hunting is still an immature practice that relies mostly on human intuition to conduct the searches. SANS defines threat hunting as a focused and iterative approach to search out, identify and understand adversaries that have entered the defender’s networks. Hunting...

The BankBot trojan is targeting hundreds of apps on Google Play as part of a plot to steal Android users' banking credentials and payment card details. Security information security consultant Niels Croese first came across the malware, whose source code went online earlier this year, in an app called Funny Videos 2017. The app appeared legitimate other than the fact that someone had infected it with the trojan probably around 8 April 2017, which was the last time...

One in five British companies has been hacked by cyber criminals over the past year, a new survey has indicated. While data breaches at web giant Yahoo, telecoms firm TalkTalk and the dating website Ashley Madison have hit the headlines in recent years, the survey by the British Chambers of Commerce (BCC) shows how problem is worryingly widespread. Further, only a quarter (24%) of the survey's 1,200 respondents said their business had security measures in...