Eskenzi PR ad banner Eskenzi PR ad banner

Top 10 Stories

Oracle has crushed a critical click-to-play vulnerability attackers used in the NATO-busting hacking operation known as Pawn Storm, Trend Micro threat analyst Jack Tang says. The patch is part of a run of 154 fixes from Big Red including 25 for the ravaged Java runtime. The fix will either irk or amuse the sophisticated hacking group that used the then zero-day flaw (CVE-2015-2590) to attack web assets of NATO, the White House, and other prominent...

Read moreDetails

Vulnerability in FitBit fitness trackers first reported to the vendor in March could still be exploited by the person you sit next to on a park bench while catching your breath. The athletic-achievement-accumulating wearables are wide open on their Bluetooth ports, according to research by Fortinet. The attack is quick, and can spread to other computers to which an infected FitBit connects. Attacks over Bluetooth require an attacker hacker to be within meters of a...

Read moreDetails

The information security industry is broken, according to David Jacoby, senior security researcher at Kaspersky Lab, Sweden. “We think we understand security, but we don’t. We know what we should be doing, but often we don’t do it,” he told the opening session of the (ISC)2 Security Congress, Europe, the Middle-East and Africa 2015 in Munich. According to Jacoby, information security professionals need to start really caring about information security and ensuring the businesses they...

Read moreDetails

Several versions of self-encrypting hard drives from Western Digital are riddled with so many security flaws that attackers with physical access can retrieve the data with little effort, and in some cases, without even knowing the decryption password, a team of academics said. The paper, titled got HW crypto? On the (in)security of a Self-Encrypting Drive series, recited a litany of weaknesses in the multiple versions of the My Passport and My Book brands of...

Read moreDetails

The policy is aimed at creating a coherent and unified system for protecting the data of public and private sector individuals and businesses, as well as those of individual citizens. Manuel Valls, the prime minister, says it will provide a comprehensive security framework. He announced the plan at a conference on Friday to 800 delegates. Named the French National Digital Security Strategy, the plan is to combat "unfair competition and espionage, disinformation and propaganda, terrorism...

Read moreDetails

Paul Mutton, a British security expert, says he's discovered many websites, such as giants like Deloitte, as using SHA-1 certificates that are outdated or inoperable. SHA-1 is generally accepted to be an outdated form of cipher, with experts agreeing to it being shelved by 2017 due to a lack of suitability to modern systems and threats. However, over a quarter of a million SHA-1 certificates currently issued are scheduled to live beyond 2017, which is...

Read moreDetails

Anonymous has launched DDoS attacks on two Japanese airport services' websites as a protest against the dolphin hunting industry. Narita and Chubu, two airports in the east of Japan, found both their websites targeted. No flights were affected, however the sites themselves were out of action for around 8 hours. The attack was part of a campaign known as #OpKillingBay, a campaign by Anonymous against the hunting of dolphins - an issue that also attracts...

Read moreDetails

As many as 256 apps in the Apple store have been identified by security analysts as secretly gathering iPhone users' emails addresses, serial numbers and other personal information that can be used to track and monitor users. There is a tight vetting process in place in the app store, however security analysts from Source DNA have said that even individual app developers are unlikely to know about the data collecting done by their apps, since...

Read moreDetails

The US Secret Service and the FBI are investigating a hacker's claim to have accessed the personal emails of the CIA's Director and the Secretary of the DHS. A hacker, who has described himself as a "stoner high school student", claimed to have access to the social security numbers of staff in the organisations, tweeted on Monday afternoon that he would be releasing 'names, phone numbers and social security numbers', while teasing observers with a...

Read moreDetails

Facebook has announced they will notify users when they expect 'state-sponsored actors' are trying to access or damage their networks. Facebook CSO Alex Stamos, in a statement on Saturday, said that the step is necessary due to the high level of sophistication this kind of threat usually has. China's recent upset at being blamed for cyberattacks in America has raised tensions - if corporations and companies such as Facebook start doing the same, tempers could...

Read moreDetails
Page 356 of 630 1 355 356 357 630