VPNFilter malware compromises over 500,000 networking devices around the world
Cisco Talos researchers have flagged a huge botnet of small and home office routers and NAS devices, capable of collecting communications and data and launching cyber attacks. …
Password pattern analysis: Risky, lazy passwords the norm
Dashlane announced the findings of an analysis of over 61 million passwords. The analysis was conducted with research provided by Dr. Gang Wang, an Assistant Professor in the …
Pressures impacting security pros are up, threats are turning up the heat
Trustwave released the 2018 Security Pressures Report based on a global survey of 1,600 full-time IT professionals who are security decision makers or security influencers …
Crypto Me0wing attacks: Kitty cashes in on Monero
It’s been a month since the first Drupalgeddon 2.0 RCE (SA-CORE-2018-002/CVE-2018-7600) exploit was first published, unleashing its destruction into the wild… and …
How a URL shortener allows malicious actors to hijack visitors’ CPU power
URL shorteners are often used by malware peddlers and attackers to trick users into following a link they otherwise wouldn’t. But Coinhive’s URL shortener carries …
Researchers hack BMW cars, discover 14 vulnerabilities
Keen Security Lab researchers have discovered fourteen vulnerabilities affecting a variety of BMW car models. The flaws could be exploited to gain local and remote access to …
High-level vulnerabilities discovered in 84% of Android shopping apps
More than 84% of the shopping apps have three or more high-level security vulnerabilities, according to a security assessment by Appknox and Seworks. A total of 274 …
New Spectre-like flaw found in CPUs using speculative execution
A new flaw that can allow an attacker to obtain access to sensitive information on affected systems has been discovered in modern CPUs. CVE-2018-3639, discovered by …
America’s most cyber insecure cities exposed
Coronet researchers identified Las Vegas, Memphis and Charlotte as America’s most cyber insecure cities. “While big companies may have the budgets, personnel and …
Certain types of content make for irresistible phishes
A mature anti-phishing program keeps organizations safer, claims Cofense, and offers as proof the decreasing susceptibility of their customers’ employees to mock …
The percentage of open source code in proprietary apps is rising
The number of open source components in the codebase of proprietary applications keeps rising and with it the risk of those apps being compromised by attackers leveraging …
The operations and economics of organized criminal email groups
Nine of the 10 captured organized criminal email groups operate out of Nigeria, they all leverage a multitude of attack methods, and business email compromise (BEC) is far …
Featured news
Resources
Don't miss
- What a future without CVEs means for cyber defense
- What it really takes to build a resilient cyber program
- How cybercriminals exploit psychological triggers in social engineering attacks
- Key tips to stay safe from deepfake and AI threats
- UK retailers under cyber attack: Co-op member data compromised