From cloud-powered denial-of-service attacks and Big Data vulnerabilities to bio-hacks that defeat authentication systems like fingerprint recognition, we are on the cusp of a brave new world of cyber-attack exploits, Europol warns.
Companies’ Cloud Risk Assessments Are Wildly Off
Even as headlines focus on the security of one’s internet-based cloud communications, at least one study shows that organizations lack the information to understand and mitigate the broader set of risks posed by the use of cloud services. In fact, thei…
Icefog: APT Hackers for Hire and Deliveries to Order
While traditional APTs attack high profile major industry targets with persistent and evasive malware, researchers have described a new approach: small scale, fast moving hackers that target the supply chain.
Vulnerability: Javascript Allowed to Run in the Mailbox iOS App
Mailbox has fixed a flaw in the Mailbox app client (that allows embedded Javascript to run) by filtering out JS code at the company’s servers before the mail hits the client – all within 48 hours of full disclosure.
LexisNexis, Dun & Bradstreet and Kroll Background America (or Altegrity) All Hacked, Says Krebs
Some of the leading data brokers in the US have all been hacked to provide the raw resources (SSNs, date of birth and other personal details) that were resold on the underground ssndob[dot]ms website, claims security researcher Brian Krebs.
Hacker Halted 2013: Charlie Miller says Mobile Attacks are Just Hype
Charlie Miller, computer security researcher at Twitter, declared mobile threats “all hype” despite media headlines suggesting that they are a number one security concern.
F-Secure’s Threat Report H1 2013
F-Secure’s Threat Report for the first half of 2013 says that threat vectors have remained similar but got worse over the first half of this year. Watering hole attacks and mobile malware are good examples.
IE 0-Day Probably Tied to the Hidden Lynx Hacking Group
Last week Microsoft issued a warning on a new zero-day exploit being used in targeted attacks. On the same day researchers published details on the Hidden Lynx hacking group. Now new research ties the IE 0-day to those same hackers.
SafeGov Calls for Greater Controls Over the Use of Google Services in European Schools
The low cost of Chromebooks coupled with the ‘free’ use of Google Apps and their in-built capacity for collaborative work threatens to revolutionize computing in schools. But SafeGov is warning that it may come at the unacceptable cost of the privacy o…
Chaos Computer Club First to Hack Apple Touch ID
In a stinging rebuke on the concept of fingerprint security, Germany’s Chaos Computer Club hacks the iPhone 5s fingerprint access and claims “that fingerprint biometrics is unsuitable as access control method and should be avoided.”