International Cyber Expo International Cyber Expo

Top 10 Stories

A number of severe security vulnerabilities have been patched in Lenovo products, one of which involving a hard-coded password which has been awarded the title of the third 'worst password' of all time. Researchers have disclosed four vulnerabilities in Lenovo ShareIT which could result in information leaks, security protocol bypass and man-in-the-middle (MITM) attacks. Although now patched, one, in particular, places Lenovo's understanding of basic security principles at risk -- as a hard-coded password set...

Read moreDetails

Rental fraud is rising sharply, the BBC has learned during an investigation in which it confronted two online fraudsters for their crimes. Scam artists offer cheap flats for rental, demanding instant deposits. But they do not actually own the homes - and would-be tenants' cash is lost. Reports of rental fraud in England and Wales leapt from 2,216 in 2014 to 3,193 in 2015. View full story ORIGINAL SOURCE: BBC

Read moreDetails

On three separate calls, an attacker used social engineering techniques to trick a representative of Amazon's customer service into disclosing a user's personal information. An Amazon user named Eric Springer described how it all started with an email from Amazon's customer service thanking him for reaching out. Curious, Eric contacted Amazon's customer service only to discover that someone claiming to be him had contacted a representative of the popular e-commerce company and had tricked them into disclosing...

Read moreDetails

A new prank circulating on Twitter, Facebook and other social media platform could crash your iPhone or iPad completely. If you come across a link to crashsafari.com, you are advised not to open it on your iPhone, iPad or even Macs. Doing so will cause Safari application to crash, potentially causing your Apple device to restart. View full story ORIGINAL SOURCE: The Hacker News

Read moreDetails

ISIS is luring Indian hackers with top dollar to hack into government websites and steal sensitive data.  Hackers are also being asked to identify and create a database of potential recruits from Twitter and Facebook.  For each ‘job’, a hacker would be paid upwards of $10,000. This is by far the most lucrative offer from the hacking community in India, experts say.  “There are various underground communities online where hackers interact regularly. Our investigation reveals...

Read moreDetails

The US government has handed over its sensitive cybersecurity role to the military. The move is seen as a snub to the Office of Personnel Management, the agency at the center of last year’s scandal over one of the worst government data breaches known to the public. US officials believe a Chinese espionage operation infiltrated OPM’s records accessing information on 21.5 million current and former employment or job applicants. Fingerprint images belonging to some 5.6 million...

Read moreDetails

The Nuclear Threat Initiative’s security index rightly criticizes other countries for failing to address the threat of cyberattack against their nuclear facilities but overlooks the failings of our own country. The report assigns the United States a perfect cybersecurity score, although the Nuclear Regulatory Commission does not require nuclear fuel production facilities, some possessing bomb-usable materials, to have comprehensive programs to protect against cyberattack. The N.R.C. is working on such a rule, but it may...

Read moreDetails

If you are backing up your data using iCloud Backup, then you need you watch your steps NOW! In government fight against encryption, Apple has positioned itself as a staunch defender of its user privacy by refusing the federal officials to provide encryption backdoors into its products. When it comes to Apple's iMessage service, the company claims that it can't read messages sent between its devices because they use end-to-end encryption, which apparently means that only you and...

Read moreDetails

Last week, Magento released a very important bundle of patches for their eponymous e-commerce platform that should be implemented as soon as possible. The bundle plugs a number of critical vulnerabilities, including two stored cross-site scripting (XSS) flaws that can be easily exploited by attackers to take over the site's shop. Sucuri Security has provided more details about one of these, which has been discovered by their vulnerability researcher Marc-Alexandre Montpas. The bug can be exploited remotely...

Read moreDetails

Sainsbury's Bank website still relies on insecure cryptography protocols that more security conscious organisations have abandoned as obsolete. The UK supermarket-owned bank’s "secure" site rates an “F” in tests using the industry standard Qualys’ SSL Labs service – chiefly because of the support for protocols security experts reckon are well past their sell-by date. “Shocking really: RC4, SHA-1 cert and other issues,” Mal M, the Reg reader who brought the issue to our attention, commented. “Someone there should be...

Read moreDetails
Page 325 of 630 1 324 325 326 630