International Cyber Expo International Cyber Expo

Top 10 Stories

A stored cross-site scripting (XSS) vulnerability in Yahoo Mail that affects more than 300 million email accounts globally was patched earlier this month, bagging a $10,000 bug bounty for the researcher who discovered it. The flaw allowed malicious JavaScript code to be embedded in a specially formatted email message. The code would be automatically evaluated when the message was viewed. The JavaScript could be used to then compromise the account, change its settings, and forward...

Read moreDetails

A report released by the online security firm SplashData on Tuesday found the most commonly used by global Internet users were "123456" and "password" in 2015 -- unchanged since 2011. The fifth annual report by SplashData was compiled from more than two million leaked passwords during the year, and showed little change. Despite the introduction of some new and longer passwords required by some websites, "the longer passwords are so simple as to make their...

Read moreDetails

The UK government's official voice encryption protocol, around which it is hoping to build an ecosystem of products, has a massive backdoor that would enable the security services to intercept and listen to all past and present calls, a researcher has discovered. Dr Steven Murdoch of University College London has posted an extensive blog post digging into the MIKEY-SAKKE spec in which he concludes that it has been specifically designed to "allow undetectable and unauditable...

Read moreDetails

Among the seven Iranians freed in a prisoner swap between the United States and Iran over the weekend was a man accused of hacking into a Vermont-based defense firm to steal software. His case was a reminder that cyberspace has been a flashpoint in the often-tense U.S./Iran relationship. Federal officials announced in December 2015 that Nima Golestaneh had pleaded guilty to hacking aerodynamics firm Arrow Tech Associates. According to the plea deal, he helped infiltrate...

Read moreDetails

Users of Facebook’s Android app can now privately browse the world’s largest social network through the anonymity service Tor, the company said on Tuesday. The feature expands a collaboration that allowed Facebook users to directly access its site via Tor’s browser on personal computers. It comes as policymakers and technology companies debate whether digital privacy should be curbed to help regulators more easily thwart hackers. View full story ORIGINAL SOURCE: The Guardian

Read moreDetails

British shoppers might want to check out the following YouTube video by security consultant Paul Moore, especially if they buy their groceries online from ASDA. Moore says that he notified ASDA of various serious security flaws on its website in March 2014, and was promised a fix "in the next few weeks". However, Moore says that after waiting 677 days he has run out of patience.   Original source: Graham Cluley View the full story...

Read moreDetails

The infamous Tinba financial trojan has been updated and is now targeting banks in the Asia Pacific region. Malware bods from security company F5 refer to the fifth iteration of the trojan as Tinbapore since it began moving 70 percent of its infection base to the region. About 30 percent of infections are located Singapore and 20 percent in Indonesia. Only five percent are in Australia.   Original source: The Register View the full story...

Read moreDetails

The World Economic Forum gathers each year some of the world's biggest political and business leaders, all in the area of a few square kilometers. While this may be the perfect method of discussing and advancing sensitive world economic topics and various agendas, for infosec professionals, this is a nightmare scenario. Kaspersky security experts expect APT groups to intensify their efforts and attempt to hack into the computers and mobile devices of high-ranking officials from...

Read moreDetails

The UK's chief scientific adviser has urged the government to adopt the technology that powers crypto-currency Bitcoin to run various public services. Bitcoins are powered by blockchains - digital ledgers that record information from Bitcoin transactions to DNA. Sir Mark Walport has argued that they could be used by government departments as a more secure way of managing data.   Original Source: BBC News View the full story here

Read moreDetails

Security researcher Troy Hunt has come across a new type of spam – $0 invoices from PayPal accounts. These emails evade spam filters as they fail to trigger the typical characteristics of a suspicious email. Sharing a screencap on his website of an email of dubious origin, Hunt explains how the email managed to get through to him as it is in fact a legitimate PayPal email, just one that asks for no money.  ...

Read moreDetails
Page 327 of 630 1 326 327 328 630