Eskenzi PR ad banner Eskenzi PR ad banner

Top 10 Stories

Security researchers have discovered a webmail server attack that enables attackers to steal corporate credentials and underlines the need for continuous monitoring. The attack, which the researchers described as a new and unique advanced persistent threat (APT) technique, involves a malicious module loaded onto a webmail server. Using a malicious dynamic link library (DLL) loaded into a company’s Outlook Web Application (OWA) server, attackers were able to record authentication credentials and gain complete backdoor capabilities,...

Read moreDetails

Car hacking is a topic that has received considerable attention from security researchers in the last year or so, and the general public and (hopefully) lawmakers are finally beginning to perceive the danger as real. Among the researchers that delved into the matter is security consultant Craig Smith, who presented this week at the Derbycon conference the results of his latest efforts: a cheap-to-make testing tool that is made to simulate a car's system, and...

Read moreDetails

Nuclear power plants around the world remain under a very real risk of a “serious cyber-attack" according to a report by the respected Chatham House think tank. ‘Cyber-security at civil nuclear facilities, understanding the risks' by Caroline Baylon with Roger Brunt and David Livingstone is published September 2015 and available in full,  for free of charge here. Part of the Royal Institute of International Affairs, Chatham House has said the likelihood of a serious cyber-attack upon...

Read moreDetails

Personal data on 15 million T-Mobile USA customers has already gone up for sale on the web, according to researchers. T-Mobile customer data stolen by hackers last month has already appeared online for sale, according to security researchers. Trustev, an Irish security start-up, saw listings appear on Friday morning for data matching that from the T-Mobile hack, the firm told finance news publication VentureBeat, which published screen-shots of the data provided by Trustev. View full story

Read moreDetails

Over the weekend, security site Palo Alto Networks detailed a new iOS malware that's able to infect non-jailbroken Apple devices using enterprise certificates and private APIs. It originated in Taiwan and China and was installed through several methods, including hijacking traffic from ISPs, an SNS worm on Windows, and offline app installation. Called YiSpecter, the malware is able to download, install, and launch apps, doing things like replacing existing apps, displaying advertisements in legitimate apps, changing Safari's...

Read moreDetails

GOVERNMENT spies can take total control of your smartphone to look at your browser history, see emails and texts and listen to conversations, according to whistleblower Edward Snowden. The former US security man said the UK Government had invested heavily in technology to hack mobiles. Talking to BBC's Panorama, he revealed Government Communications Headquarters (GCHQ) in Cheltenham uses a secret programme codenamed Smurfs to monitor citizens. View full story

Read moreDetails

Retail brokerage Scottrade has revealed that cyber-hackers attacked its network between late 2013 to early 2014 and that the names and street addresses of around 4.6 million clients were possibly stolen in the data breach. “We have no reason to believe that Scottrade’s trading platforms or any client funds were compromised,” Scottrade said in the statement. “Client passwords remained fully encrypted at all times, and we have not seen any indication of fraudulent activity as a...

Read moreDetails

The risk of a "serious cyber attack" on nuclear power plants around the world is growing, warns a report. The civil nuclear infrastructure in most nations is not well prepared to defend against such attacks, it added. Many of the control systems for the infrastructure were "insecure by design" because of their age, it said. Published by the influential Chatham House think tank, the report studied cyber defences in power plants around the world over...

Read moreDetails

'F' for FAIL: Despite warnings, telco is yet to upgrade from RC4 suites. More than six months since The Register reported that Virgin Media had failed to move away from weak encryption software used on sensitive areas of its website – the ISP is yet to hit the upgrade button. In March, we flagged up security concerns to the Liberty Global-owned firm by pointing out that the RC4 stream cipher used by VM was having its life support cut off...

Read moreDetails

If there's such a thing as "ethical malware," the software security firm Symantec said it might have identified an example: a piece of code named Linux.Wifatch that has infected "tens of thousands" of routers but appears to work to protect those devices from different types of well-known, more damaging malware. Wifatch was first described in November in a two-part post on a blog called "Loot Myself: Malware Analysis and Botnet tracking." It is a "sophisticated piece...

Read moreDetails
Page 361 of 630 1 360 361 362 630