August 30th, 2017 By Ankit Gupta What if I tell you that there are big companies out there in the market whose names you are yet to hear, but they know you very well, in fact, more than what you can think of. They are termed as Data Brokers, and their job… Continue reading Why do companies collect, sell, buy or store personal data
Month: August 2017
Researchers uncover maze of hidden backdoors in European embassy and ministry systems
August 30th, 2017 By Chris Bing A series of covert backdoor implants were secretly installed over the last year on dozens of computers used by embassies and foreign ministries across Southeast Europe and former Soviet states, according to new research published by cybersecurity firm ESET. The malicious software was sent to victims through… Continue reading Researchers uncover maze of hidden backdoors in European embassy and ministry systems
Siemens Fixes Session Hijacking Bug in LOGO!, Warns of Man-in-the-Middle Attacks
August 30th, 2017 By Chris Brook Administrators who have Siemens’ LOGO! logic module deployed in automation setups are being urged to update its firmware. The German industrial manufacturing giant pushed out an update for its LOGO! 8 BM devices Wednesday morning to fix a vulnerability (CVE-2017-12734) that could let an attacker hijack… Continue reading Siemens Fixes Session Hijacking Bug in LOGO!, Warns of Man-in-the-Middle Attacks
New Locky Variant ‘IKARUSdilapidated’ Strikes Again
August 30th, 2017 By Tom Spring A second wave of the Locky ransomware variant called IKARUSdilapidated has been identified by security experts. The source of the ransomware is a botnet of zombie computers coordinated to launch phishing attacks that send emails and attachments appearing to come from a targeted recipient’s trusted business-class multifunction… Continue reading New Locky Variant ‘IKARUSdilapidated’ Strikes Again
Office 365: A Vehicle for Internal Phishing Attack
August 30th, 2017 By Kelly Sheridan A new threat uses internal accounts to spread phishing attacks, making fraudulent emails even harder to detect. Cybercriminals go where the users are. Office 365, which has more than 100 million active monthly subscribers, has become a hotspot for compelling and personalized cyberattacks. Users trust emails… Continue reading Office 365: A Vehicle for Internal Phishing Attack
711 million email addresses ensnared in “largest” spambot
The spambot has collected millions of email credentials and server login information in order to send spam through “legitimate” servers, defeating many spam filters. August 29th, 2017 By Zack Whittaker (Image: file photo) A huge spambot ensnaring 711 million email accounts has been uncovered. A Paris-based security researcher, who goes by… Continue reading 711 million email addresses ensnared in “largest” spambot
DJI Launches Drone Bug Bounty Program
by Chris Brook The lack of security in commercial drones has been well documented, but one Chinese manufacturer is working to fix that by incentivizing researchers who can poke holes in the software its drones run on. One of the largest unmanned aerial vehicle manufacturers, Dà-Jiāng Innovations Science and Technology (DJI), announced Monday… Continue reading DJI Launches Drone Bug Bounty Program
Telnet Credential Leak Reinforces Bleak State of IoT Security
by Michael Mimoso Shortly after the Mirai attacks, Johannes Ullrich of the SANS Internet Storm Center (ISC) decided to try a little experiment. He put a security camera DVR online—a poorly secured one with default credentials—and observed how long it would take to become infected, and how often. He wasn’t disappointed. Ullrich said last… Continue reading Telnet Credential Leak Reinforces Bleak State of IoT Security
App install fraud a $300 million business – analysis
August 29th, 2017 By Filip TRUTA Advertising on the web has taken many forms over the years, with one recent type of ad proving extremely profitable for ad networks and publishers, as well as fraudsters: app install advertising. App install advertising offers developers and publishers an efficient, albeit costly, way to promote… Continue reading App install fraud a $300 million business – analysis
Google removes Play Store apps used in WireX DDoS botnet
See Also – Tech Firms Team Up to Take Down ‘WireX’ Android DDoS Botnet August 29th, 2017 By Warwick Ashford Google has axed around 300 Play Store apps after security researchers revealed the apps were hijacking Android devices to carry out DDoS attacks Security researchers have discovered that hundreds of seemingly benign… Continue reading Google removes Play Store apps used in WireX DDoS botnet