06 Aug 2019

Russian APT Abuses IoT Devices to Infiltrate Corporate Targets

Microsoft researchers have detected a new attack campaign by the Russian-linked hacking group Fancy Bear (aka APT28 or STRONTIUM) that targets corporate networks by compromising vulnerable Internet-of-things (IoT) devices. The targeted devices include VOIP phones, office printers, and video decoders. Hackers are taking advantage of devices that use default passwords

Read More
06 Aug 2019

Connected Cars Could be a Threat to National Security, Group Claims

In a new report, the US nonprofit Consumer Watchdog (CW) warns that Internet-connected vehicles are a threat to national security due to the risk of coordinated hacking attacks that could target many vehicles at the same time. Currently, connected cars make up 20% of all vehicles on American roads and

Read More
06 Aug 2019

StockX was hacked, exposing millions of customers’ data

E-commerce platform StockX appears to have suffered a massive data breach exposing the personal information of millions of customers. While the stolen information is already for sale on the dark web, the company has yet to acknowledge the incident, according to a TechCrunch report. Last week, StockX reset all user

Read More
05 Aug 2019

Destructive Malware Goes Mainstream as Attacks Soar 200%

IBM X-Force on Monday released an alarming report showing that the number of destructive malware attacks has surged by 200% in the first six months of this year, compared to the first half of 2018. These destructive campaigns are currently costing targeted organizations $239 million per attack, which is more

Read More
01 Aug 2019

The Pentagon Spent Millions on Vulnerable Chinese Tech in 2018, Watchdog Says

An internal Pentagon audit by the inspector general found that the US Department of Defense last year spent around $33 million on 8,000 printers and 1,500 computers from Chinese companies that have been accused of involvement in cyber espionage by national security officials. Moreover, the printers contained serious security flaws

Read More
01 Aug 2019

Capital One is not alone: 3.5B malicious login attacks target banks and customers

Between November 2017 to April 2019, threat actors carried out 3.5 billion malicious login attempts as part of credential stuffing attacks, in which credentials exposed in a data breach at one firm are used to gain access to accounts at another company. Akamai also identified close to 200,000 phishing domains

Read More
31 Jul 2019

Why nation-state hacking groups are increasingly turning to mobile malware

A new Crowdstrike report sounds the alarm on the rise of nation-state cyber campaigns targeting mobile devices. State-backed hacking groups in countries like China, North Korea, Russia, India and Pakistan increasingly use mobile malware to gather information on dissidents, journalists and for other malicious purposes. These campaigns are on the

Read More
31 Jul 2019

Insecure Real-Time Video Protocols Allow Hollywood-Style Hacking

New research by Forescout Technologies shows that default settings in millions of network-connected video cameras could allow threat actors to carry out Hollywood-style attacks by replacing video streams with whatever they want. Video feeds rely on the real-time transport protocol (RTP). While secure versions of this protocol have been developed,

Read More
31 Jul 2019

US Issues Hacking Security Alert for Small Planes

Because security researchers from Rapid7 recently discovered that modern flight systems in small planes can be easily disrupted by a threat actor with physical access to an aircraft, the US Department of Homeland Security (DHS) on Tuesday sent out an alert urging plane owners to restrict this type of access.

Read More
30 Jul 2019

Capital One Data Breach Affects 106 Million People, Suspect Arrested

Capital One, the 10th largest bank in the United States, has suffered a massive data breach impacting 100 million people in the US and another 6 million in Canada. The exposed data includes sensitive financial information such as transaction data, credit scores, payment history and balances. In addition, the social

Read More