11 Oct 2019

Iranian oil tanker hit off Saudi coast, may have been missiles – Iran reports

Iranian media and government sources on Friday reported that an Iranian oil tanker was attacked 60 miles (96 km) off the coast of Saudi Arabia. Iran state television said the tanker had been hit by missiles, while Iran’s Foreign Ministry said the vessel had been struck twice.  The incident has

Read More
11 Oct 2019

Turmoil Spreads in Kurdish-Held Syria as Turkish Invasion Enters 3rd Day

Tens of thousands of civilians have fled northeastern Syria since Turkish forced began advancing into the region earlier this week. Turkey claims that the campaigns aims to fight terrorism in the region and to create a “safe zone.” However, analysts say that the regime of President Tayyip Erdogan aims to

Read More
11 Oct 2019

ICS cybersecurity investment should be a priority in protecting operations from disruption

A new Tripwire study reveals that the overwhelming majority (93%) of ICS security professionals are worried about disruptive cyberattacks impacting business operations or resulting in downtime of customer-facing services. 77% of companies have invested in ICS cybersecurity in the last 2 years in order to mitigate these threats. However, about

Read More
11 Oct 2019

AppSec ‘Spaghetti on the Wall’ Tool Strategy Undermining Security

In order to mitigate application security risk, organizations often use a ‘spaghetti on the wall’ approach, meaning that they use lots of different tools and hope for the best, a new Radware report indicates. The most common AppSec solutions are Web Application Firewalls (WAFs, used by 75% of firms), cloud WAF services

Read More
11 Oct 2019

Flaw in iTunes for Windows Abused for Ransomware Attacks

Security researchers with Morphisec are warning the BitPaymer ransomware actors have been exploiting a security flaw in the Bonjour updater for the Windows version of Apple iTunes in order to avoid detection by anti-malware solutions on targeted systems. Bonjour contains an “unquoted path vulnerability,” that can enable threat actors to

Read More
11 Oct 2019

China’s Sway Over Tech Companies Tested with Apple, Blizzard

US tech firms Apple and Blizzard are both facing criticism for seemingly bowing down to China in separate incidents related to the ongoing mass anti-government protests in Hong Kong. Earlier this week, Chinese state media accused Apple of protecting “rioters” in Hong Kong by hosting an app called HKmap.live on

Read More
11 Oct 2019

Magecart Attack on eCommerce Platform Hits Thousands of Online Shops

Trend Micro recently discovered a new Magecart campaign targeting webshops hosted on the Volusion platform. Magecart is an umbrella term for various criminal groups that attack websites with the aim of injecting them with “skimming” malware designed to steal the payment card information of visitors. Last month, threat actors compromised

Read More
11 Oct 2019

Gaming, photo apps in Google Play infect Android handsets with malware

Last month, researchers with Dr. Web discovered that a number of apps on the Google Play Store were riddled with malware, including banking Trojans, adware, spyware, and info stealers. The malicious apps claimed to be games, tools, camera plugins or other seemingly legitimate software. Among the discovered malware samples was

Read More
11 Oct 2019

Imperva blames data breach on stolen AWS API key

Last month, cybersecurity firm Imperva announced that the data of a “subset of customers” of Imperva’s Cloud Web Application Firewall was exposed in a “security incident” in September 2017. This week, the company published an analysis of the breach, which shows that the incident was made possible by the company

Read More
11 Oct 2019

Escort forums in Italy and the Netherlands hacked, user data put up for sale

Two European web forums serving sex workers and their customers have been breached by a Bulgarian threat actor who is now selling 330,000 stolen user records on underground marketplaces. The hacker, who uses the moniker InstaKilla, exploited a recently disclosed critical vulnerability in vBulletin in order to steal 300,000 records

Read More