International Cyber Expo International Cyber Expo

Top 10 Stories

Zero-day exploits are a hacker’s best friend. They attack vulnerabilities in software that are unknown to the software maker and are therefore unpatched. Criminal hackers and intelligence agencies use zero day exploits to open a stealth door into your system, and because antivirus companies also don’t know about them, the exploits can remain undetected for years before they’re discovered. Until now, they’ve usually been uncovered only by chance. View full story ORIGINAL SOURCE: Wired

Read moreDetails

Vectra Networks security wonks have spun a cheap webcam into a backdoor to persistently p0wn PCs. The junk hacking expedition led Vectra's chief security chap Gunter Ollman into the internals of the D-Link DCS 930L, a network camera that can be had for US$30. The attacks are useful as an alternative backdoor for targeted attackers who already have access to a machine, or for those capable of compromising a device before it is installed by the...

Read moreDetails

Anonymous has blitzed Thai government websites in the latest phase of protests over the controversial conviction of two migrant workers for the murder of two British backpackers. Zaw Lin and Win Zaw Htun, both 22 and from Myanmar, were sentenced to death last month to death over the murder of Hannah Witheridge, 23, and David Miller, 24, on the beach resort island of Koh Tao back in September 2014. The case is controversial because of...

Read moreDetails

The recently discovered mobile-banking trojan SlemBunk is proving more resilient than first thought and is actively being used in several on-going campaigns. Originally spotted by FireEye in mid December, the research firm said it has continued to study what it called a “nasty Android banking malware.” Their additional effort has unearthed several additional features, including a much longer attack chain that helps it stay hidden. View full story ORIGINAL SOURCE: SC Magazine

Read moreDetails

Security researchers have discovered a glaring security hole that exposes the home network password of users of a Wi-Fi-enabled video doorbell. The issue – now resolved – underlines how default configurations of IoT components can introduce easy to exploit security holes. The Ring allows punters to answer people knocking on your door from your mobile phone, even when you’re not at home. The kit acts as a CCTV camera, automatically activating if people approach your...

Read moreDetails

Akamai has identified a sophisticated SEO campaign that uses SQL injection to attack targeted websites. Affected websites will distribute hidden HTML links that confuse search engine bots and erroneously impact page rankings. Over the course of a two week period in Q3 2015, Akamai analyzed data and observed attacks on more than 3,800 websites and 348 unique IP addresses participating in the various campaigns. View full story ORIGINAL SOURCE: Help Net Security

Read moreDetails

If you want to build a self-driving car and test it on public roads in California, the state’s Department of Motor Vehicles says that every year you have to submit a disengagement report—basically a list of every time the human driver had to take over for the car. This year, Bosch, Delphi, Google, Nissan, Mercedes-Benz, Tesla, and Volkswagen Group were required to submit disengagement reports, and the results are largely what you’d expect from a...

Read moreDetails

A suspected member of an online extortion gang has been arrested, police have said. Officers said they believed they had apprehended a key member of the group DD4BC, while another suspect was also in custody after raids. Forces from various European countries, including Scotland Yard detectives, worked together on the operation. The group is accused of taking down companies' websites and demanding ransoms to stop. Speaking on DDoS ransom attacks, Dave Larson, Chief Operating Officer at...

Read moreDetails

As if striking junior doctors weren’t enough now the UK's NHS also has technology worries, according to a study by app security firm Arxan. All of the NHS-approved apps Arxan audited lacked binary protection against code tampering, and most also lacked adequate protection in the transport layer. Flaws also emerged in FDA-approved health apps in use in the US. View full story ORIGINAL SOURCE: The Register

Read moreDetails
Page 329 of 630 1 328 329 330 630