February 2018
SEC Consult broadcasts raft of ClipBucket vulnerabilities Video-on-demand platform urged to conduct full security audit | 28 February 2018 at 02:36 UTC HKPC – ‘IoT devices need to be regulated’ Wilson Wong, general manager of IT at the Hong Kong Productivity Council, discusses the increasing threats presented by smart systems | 28 February 2018 at 11:16 UTC Signed, sealed, delivered Hackers gilding malware with code-signing certificates | 28 February 2018 at 09:20 UTC The Avalanche falls Alleged leader of international cybercrime network arrested | 27 February 2018 at 03:13 UTC FTC issues new guidelines for mobile VPNs Consumer protection agency urges users to shop around with security in mind | 27 February 2018 at 01:47 UTC Fitbit applies ‘multifaceted approach’ to cybersecurity Fitbit’s director of brand protection, Brett Millar, provides some insight into how the company is tackling cybersecurity issues in 2018 | 27 February 2018 at 12:05 UTC False flag? Russia ’blamed Olympics ceremony hack on North Korea’ US officials claim Russian spies used North Korean IP addresses to cover their tracks | 26 February 2018 at 01:52 UTC Drupal patches XSS vulnerability CMS platform issues update to address numerous critical issues | 26 February 2018 at 12:15 UTC Slave to the algorithm GitHub removes legacy cryptographic standards | 26 February 2018 at 11:13 UTC New SEC guidelines call for clearer breach disclosures Agency also warns company bosses against selling stock following a cybersecurity incident | 23 February 2018 at 04:30 UTC Social Security – w/e 23 Feb ‘I don’t want to live in a world where younger generations grow up without privacy’ | 23 February 2018 at 04:00 UTC ‘Technology alone can’t defeat cybercrime’ Security expert Joseph Carson discusses how UK councils can empower employees to take cybersecurity seriously. | 23 February 2018 at 12:22 UTC uTorrent users urged to update app after hijacking bug exposed Torrent client issues patch for RCE vulnerability that allows hackers to take full control of users’ devices. | 23 February 2018 at 10:24 UTC Maritime telecoms giant patches SQL vulnerability Navarino delivers Infinity hotfix to an estimated 6,000 vessels | 22 February 2018 at 04:25 UTC Free, ready-to-infect ransomware available on the dark web Unskilled cybercriminals can now gain access to file-encrypting malware without the need for upfront payment | 22 February 2018 at 02:40 UTC Placing trust in the industry: Siemens launches global cybersecurity charter Siemens’ global head of government affairs outlines the key principles of the newly launched Charter of Trust | 22 February 2018 at 11:30 UTC Australia’s breach disclosure law now in effect The NDB scheme means consumers will no longer be left in the dark – but how will the term ‘serious harm’ be defined? | 22 February 2018 at 11:14 UTC HardWare Zone forum hacked in Singapore’s biggest-ever data breach SPH Magazines apologizes to customers after 685,000 profiles were viewed by hackers | 21 February 2018 at 04:19 UTC Tempting fate: Avast outlines latest Facebook phishing scam Facebook Messenger users are being duped into downloading spyware disguised as Kik Messenger app | 21 February 2018 at 03:35 UTC US Department of Energy creates new cybersecurity office CESER established to address the emerging threats of tomorrow | 21 February 2018 at 12:28 UTC Tesla becomes latest victim of cryptojacking epidemic Hackers infiltrated electric car giant’s cloud environment | 20 February 2018 at 04:10 UTC Flight sim add-on installer bundled with Chrome password stealer FSLabs admits move to combat piracy was ‘a bit heavy-handed’ | 20 February 2018 at 01:08 UTC Microsoft vulnerabilities double as Google exposes Edge flaw Security flaws in Microsoft’s operating systems and Edge browser are up 132% since 2013 | 20 February 2018 at 12:35 UTC California wildlife agency issues breach alert Employee data heads into the wild | 19 February 2018 at 03:42 UTC Hackers behind major US credit card breach sentenced Successful SQL injection attacks resulted in the loss of 160 million card details | 19 February 2018 at 02:46 UTC Going public: Intel expands bug bounty program Bounties have been raised across the board | 19 February 2018 at 12:18 UTC Hackers steal $2m from India’s City Union Bank SWIFT network once again leveraged for fraudulent transactions | 19 February 2018 at 11:38 UTC Google rolls out adblocker for Chrome Built-in browser feature aims to tackle annoying and intrusive ads | 16 February 2018 at 04:01 UTC ‘We’re fortunate that the attackers had a very limited imagination’ Security researcher Scott Helme takes stock of this week’s BrowseAloud cryptojacking campaign | 16 February 2018 at 11:21 UTC UK gov’t points finger at Moscow for last year’s NotPetya attack Russia accused of being responsible for one of 2017’s biggest cybersecurity incidents | 15 February 2018 at 02:37 UTC Blink to the future Scanning the biometric horizon | 14 February 2018 at 09:07 UTC Eternal Romance exploit tied to Winter Olympics cyber-attack Cybercrooks are still showing love for leaked NSA code | 13 February 2018 at 12:37 UTC Equifax hack: More consumer data exposed than previously reported Tax ID numbers, email addresses, and phone numbers added to the hit list | 12 February 2018 at 02:48 UTC Belgian authorities release Cryakl ransomware keys Victims can decrypt their files for free | 09 February 2018 at 03:23 UTC Social Security – w/e 9 Feb ‘A secure web is here to stay’ | 09 February 2018 at 01:07 UTC Hold the phone: Swisscom breach hits 800,000 customers Incident prompts Swiss telco to reassess its security posture | 08 February 2018 at 04:07 UTC Moving security forward by looking back Infosec experts must learn from past mistakes in order to avoid the dreaded Hamster Wheel of Pain | 08 February 2018 at 02:40 UTC EU-led NIS Directive will underpin UK’s cybersecurity laws, post-Brexit Just 10 months will separate the introduction of new cybersecurity regulations in the UK from the country’s ultimate departure from Brussels – but the timing could not be better | 08 February 2018 at 12:25 UTC Adobe releases patch for Flash Player zero-day Successful Windows exploit tied to Group 123 in North Korea | 07 February 2018 at 11:28 UTC Crypto-mining Android botnet spreading globally ADB.Miner propagating through open diagnostic test ports | 06 February 2018 at 04:25 UTC Critical mass: Singapore’s Cybersecurity Bill passed in Parliament New law aims to strengthen critical information infrastructure in the island nation | 06 February 2018 at 11:56 UTC Pwn2Own returns with new targets and $2m prize pool Virtualization category expanded to include Oracle and Microsoft solutions in 2018 | 05 February 2018 at 04:29 UTC Cybersecurity in Canada: The best offense is a good defense Canadian cybersecurity specialist Dave Lewis takes a closer look at the country’s ongoing efforts to strengthen its defenses ahead of the 2019 federal elections | 05 February 2018 at 03:24 UTC Massachusetts gov’t launches online data breach reporting tool Web-based service will help reduce potential damage to Bay State residents | 05 February 2018 at 12:01 UTC Vulnerability found in Oracle POS terminals Retail and hospitality businesses urged to patch Micros flaw | 02 February 2018 at 11:00 UTC In the know: Australian breach disclosure rules come into force this month Notifiable Data Breaches scheme applies to businesses with an annual turnover of $3 million or more | 01 February 2018 at 01:14 UTC