According to Ken Munro, a security researcher with Pen Test Partners, gaining access to the network of a ship is in most cases “a low-skill attack.” As Munro explains: “[P]assword security and patch management are so poor at sea that compromise does not require significant expertise.” This is very worrisome, because a

A new report by Kaspersky Lab describes WinPot, a new malware strain designed for “ATM jackpotting” attacks, in which cyber criminals get ATMs to spit out cash. The striking thing about WinPot is that the interface is designed to look similar to a slot machine, as if to underline that plundering cash

Microsoft is investigating a cyber attack campaign by Russian hacking group Fancy Bear, also known as APT 28. The campaign lasted from September to December of last year and targeted think tanks in Europe, including the German Council on Foreign Relations, The Aspen Institute and The German Marshall Fund. The

Ukraine has announced that it will hold joint defense exercises with the European Union (EU) before the country’s March 31 presidential election. The Secretary of the Ukrainian National Security and Defense Council stated that “[t]he available information indicates that Russia intends to use the entire existing arsenal, including cybernetic means, to

American cybersecurity technology company Crowdstrike has released a report showing that China is no longer adhering to a 2015 agreement between the US and China to stop targeting each other in hacking operations. According to the research, Chinese hackers gradually commenced going after US targets in 2017 and by 2018 the

Researchers with Check Point have uncovered the first-known North Korean cyber attack campaign that targets Russian businesses. North Korean hackers belonging to the notorious Lazarus Group have been targeting Russian firms with emails containing malicious Microsoft Office documents. If a recipient opens the attachment, malicious code is launched that installs the KEYMARBLE

The 2019 Global Threat Report by CrowdStrike shows that Russian hacking groups with ties to Moscow are able to start moving laterally across a compromised network in under 20 minutes after they have gained a first foothold. This average “breakout time” is far faster than that of state-backed hackers from

New research by Independent Security Evaluators (ISE) has found serious flaws in the top password managers 1Password, Dashlane, KeePass and LastPass, which render the products about as secure as text files containing passwords. ISE CEO Stephen Bono stated that “100 percent of the products that ISE analyzed failed to provide the

North Country Business Products (NCBP), a US vendor of point-of-sale (POS) products, suffered a serious security breach last month in which a threat actor managed to upload malicious software (malware) onto the POS networks of 139 of its customers. The targets are bars, coffee shops and restaurants. Dunn Brothers Coffee was hit

The media committee of the UK parliament has released a report in which it claims that Facebook “intentionally and knowingly violated both data privacy and anti-competition laws,” adding that “[c]ompanies like Facebook should not be allowed to behave like ‘digital gangsters’ in the online world, considering themselves to be ahead of and