International Cyber Expo International Cyber Expo

Top 10 Stories

Bad news for Java users, in 2013 Oracle released a patch to fix the CVE-2013-5838 vulnerability, but security experts discovered that it could be easily bypassed to compromise the latest versions of the software. This means that attackers can exploit again the same vulnerability hacking machines running the latest versions of Java. View full story ORIGINAL SOURCE: Security Affairs

Read moreDetails

GhostShell, also known as DeadMellox and numerous other aliases, began his hacktivism on January 1, 2012 with attacks against his own government. The situation in Romania had deteriorated badly and had robbed him of the future he had envisioned for himself, he tells us. He frankly admits that he longer remembers whether he was the one who started #OpRomania, as other Romanian hackers were already active, but he did start the AnonOpsRomania account, and was active in attacking the...

Read moreDetails

Staminus Communications Inc., a California-based Internet hosting provider that specializes in protecting customers from massive “distributed denial of service” (DDoS) attacks aimed at knocking sites offline, has itself apparently been massively hacked. Staminus’s entire network was down for more than 20 hours until Thursday evening, leaving customers to vent their rage on the company’s Facebook and Twitter pages. In the midst of the outage, someone posted online download links for what appear to be Staminus’s...

Read moreDetails

Men lose three times as much money as women to cyber criminals, according to a report from the City of London Police, which runs the national Economic and Cyber Crime Prevention Centre (ECPC). The average loss for men was £2,354 for men compared with only £809 for women between November 2014 and October 2015. But while men lose more money, the data showed how women are being deliberately targeted- they are six times more likely...

Read moreDetails

The Obama administration is preparing to publicly attribute a 2013 cyber attack against a New York dam to Iranian hackers, according to U.S. officials familiar with the investigation. The Justice Department has prepared an indictment against people thought to be behind the attack, according to the officials. An announcement could come in the next week. View full story ORIGINAL SOURCE: CNN

Read moreDetails

Russian security tester Timur Yunusov has found critical vulnerabilities in routers and 3G and 4G modems from Huawei, ZTE, Gemtek, and Quanta. The flaws mean attackers could completely compromise machines and intercept SMS and HTTP traffic. The research first detailed in December and showcased to hackers yesterday at the Nullcon conference in Goa revealed un-patched flaws in eight devices of which thousands were exposed over the Shodan device search engine. View full story ORIGINAL SOURCE:...

Read moreDetails

Hackers would have stolen $1bn (£700m; €890m) in an online heist last month involving the Bangladesh central bank and the New York Federal Reserve if it had not been for a crucial spelling mistake. The unknown thieves still managed to get away with $80m (£56m: €71m), making it one of the largest known bank thefts in history. View full story ORIGINAL SOURCE: International Business Times

Read moreDetails

Technology companies could face civil penalties for refusing to comply with court orders to help investigators access encrypted data under draft legislation nearing completion in the US senate. The long-awaited legislation from senators Richard Burr and Dianne Feinstein, the top Republican and Democrat on the senate intelligence committee, may be introduced as soon as next week, sources said. View full story ORIGINAL SOURCE: IT News

Read moreDetails

Frustrated security professionals acting on behalf of equally irritated researchers unable to gain Common Vulnerabilities and Exposures (CVE) numbers for their bugs have started an alternative numbering system to help triage what they describe as a huge backlog of ignored software flaws. Several prominent researchers are now backing the Distributed Weakness Filing (DWF) System badged as an alternative for the herds of researchers unable to gain the CVE for their legitimate vulnerabilities. View full story...

Read moreDetails

The custom firmware that the FBI would like Apple to produce in order to unlock the San Bernardino iPhone would be the most straightforward way of accessing the device, allowing the federal agency to rapidly attempt PIN codes until it found the one that unlocked the phone. But it's probably not the only way to achieve what the FBI wants. There may well be approaches that don't require Apple to build a custom firmware to...

Read moreDetails
Page 312 of 630 1 311 312 313 630