Eskenzi PR ad banner Eskenzi PR ad banner

Top 10 Stories

GozNym, a banking Trojan discovered only two months back, has added a new trick to its arsenal and is using it to target high-level business banking services in the US. IBM's X-Force security team discovered GozNym in April 2016, when they detected the Trojan targeting customers of financial institutions in the US and Canada. In its initial versions, the Trojan was using a technique called Web injections, which relies on malicious DLLs loaded in the user's browser...

Read moreDetails

The Clinton Foundation has added its name to the list of major US political organisations that have been breached by Russian hackers in a large-scale operation being enacted ahead of the 2016 elections. Three people "familiar with the matter" told Bloomberg that a breach at the foundation had been spotted by government investigators last week, following analysis of the command and control servers used by the hackers running the attacks. The foundation is a controversial...

Read moreDetails

The central banks of Indonesia and South Korea are reportedly bulking up security on their public-facing websites after being hit with cyberattacks and distributed-denial-of-service (DDoS) disturbances linked to notorious hacking collective Anonymous. In response to the attempted cyberattacks, Ronald Waas, deputy governor of Bank Indonesia (BI), told Reuters his institution was forced to block 149 regions that don't usually access its website, including "several small African countries". View full story ORIGINAL SOURCE: International Business Times

Read moreDetails

The controversial Investigatory Powers Bill or the snooper's charter, which will be reviewed by the House of Lords in the coming week, will reportedly provide security agencies with the licence to hack into electronic devices of an entire town anywhere in the world. A Home Office document has disclosed the expansive hacking powers the legislature would grant the GCHQ. According to the document, security agencies will be licenced to access "bulk data" using "a range of techniques under...

Read moreDetails

If you're a user of online backup service Carbonite, you're getting a new password. Don't make it one you've used somewhere before. Carbonite has released a statement telling users it's run a system-wide password reset in the face of a password-reuse attack. The company claims its own systems haven't been compromised, but if a user ID/password combination was in a list from another large breach, the account would have been popped. "While we will continue to monitor...

Read moreDetails

Researchers from Cisco's OpenDNS security team have uncovered a complex phishing scheme aimed at collecting user credentials from various Bitcoin-related services, which, under a closer scrutiny, led back to a known bulletproof hosting firm. The first to stumble over this campaign were the security researchers from CYREN, who spotted it in the first week of June. The crooks behind the phishing campaign were relying on pixel-perfect cloned Web pages for various Bitcoin wallet services, with a...

Read moreDetails

Hackers have taken control of virtual cash worth $60m (£41m) by exploiting a bug in a system designed to help start-ups. The attack targeted an investment fund called the DAO which is based on technology derived from the Bitcoin crypto-currency. DAO members are now debating how to recover the diverted funds. One suggestion involves rolling back the entire computerised system to a time when the hack had not happened. The DAO, or Decentralised Autonomous Organisation,...

Read moreDetails

Multiple cybersecurity firms analysing malware samples collected from the recent hack at the Democratic National Committee (DNC) have found evidence backing up assertions that Russian state-sponsored hackers were responsible for the politically-motivated cyberattack. The independent research – conducted by firms including Fidelis Cybersecurity and FireEye'sMandiant – comes after a lone hacker dubbed "Guccifer 2.0" claimed responsibity for the breach and leaked over 20 internal documents including a strategic playbook compiled on rival candidate Donald Trump. View full story ORIGINAL SOURCE: International Business Times

Read moreDetails

The US government should overhaul its policies on vulnerability disclosure according to a new report. Authored by Ari Schwartz and Rob Knake, the paper seeks to cut a middle ground between those who say that the government has the right to collect and exploit vulnerabilities and those, like Bruce Schneier, who says it does not. It takes specific aim at the US governments disclosure mechanism.   Original Source: SC Magazine View the full story here.

Read moreDetails

A single attacker has mounted two massive account takeover (ATO) campaigns against a financial institution and an entertainment company earlier this year, and used a gigantic botnet comprised of home routers and other networking products to do it. “ATO attacks (also known as credential stuffing) use previously breached username and password pairs to automate login attempts. This data may have been previously released on public dumpsites such as Pastebin or directly obtained by attackers through...

Read moreDetails
Page 278 of 630 1 277 278 279 630