You are here:-Vulnerabilities | Alerts | Solutions

Vulnerabilities | Alerts | Solutions

IoT Security Concerns Peaking – With No End In Sight | Threatpost

SAN FRANCISCO – With the massive influx of connected devices into our digital lives, it’s no surprise that IoT security was on the forefront of the 2018 RSA Conference this year. But despite numerous talks about IoT vulnerabilities this week, a clear resolution seems nowhere in sight. “A lot of the manufacturing behind

By | 2018-04-20T01:56:28+00:00 April 19th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Cloud Credentials: New Attack Surface for Old Problem | Threatpost

SAN FRANCISCO – Credential theft and abuse have long been a nagging problem for local network administrators. The threat surface ranges from pretexting scams to insiders who abuse network privileges in order to grant themselves higher permissions than otherwise assigned. Here at RSA Conference, CyberArk researchers Asaf Hecht and Lavi Lazarovitz outlined a

By | 2018-04-20T00:51:26+00:00 April 19th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Chris Vickery Discusses Data Leak of 48 Million Users by Private Intelligence Firm | Threatpost

SAN FRANCISCO – Profile data of 48 million users that was scraped from social networks and websites ranging from Facebook, LinkedIn, Zillow and Twitter was leaked by a private intelligence agency. The data was left on an Amazon S3 storage bucket accessible without a password by Localblox, the company that harvested the data.

By | 2018-04-20T00:22:52+00:00 April 19th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Use of ‘StegWare’ Increases in Stealth Malware Attacks | Threatpost

SAN FRANCISCO – Researchers are warning of an uptick in the malicious use of steganography as a vehicle for delivering malware. Steganography, they say, is increasingly becoming a go-to tool for cybercriminals not just for infection, but also command-and-control, data exfiltration and as an encryption alternative to sending secret messages. Simon Wiseman, chief

By | 2018-04-19T23:23:05+00:00 April 19th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Researcher Billy Rios, Talks Medical Device Security at RSA Conference 2018 | Threatpost

by Tom Spring April 18, 2018 , 9:41 am Researcher Billy Rios, founder of WhiteScope, discusses medical device hacking at RSA Conference 2018 with Threatpost’s Tom Spring. Rios also talks about his work where he demonstrated how an attacker could remotely hack an internet-connected car wash and used it to attack and damage

By | 2018-04-18T15:35:03+00:00 April 18th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Nate Cardozo, Attorney with EFF Talks Encryption at RSA Conference 2018 | Threatpost

January 11, 2018 , 2:19 pm House Votes to Reauthorize Controversial Spy Provision, Section 702 The U.S. House of Representatives voted to renew U.S. spy provisions, extending the powers of the NSA to collect internet communications for another six years. Read more... September 28, 2017 , 2:40 pm Civil Liberties Activists Hit By

By | 2018-04-18T23:05:57+00:00 April 18th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Millions of Apps Leak Private User Data Via Leaky Ad SDKs | Threatpost

SAN FRANCISCO – Millions of apps leak personal identifiable information such as name, age, income and possibly even phone numbers and email addresses. At fault are app developers who do not protect ad-targeting data transmitted to third-party advertisers. “The scale of what we first thought was just specific cases of careless application design

By | 2018-04-18T10:17:45+00:00 April 17th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Google Play Boots Three Malicious Apps From Marketplace Tied to APTs | Threatpost

AMD Rolls Out Spectre Fixes April 11, 2018 , 11:01 am Google Play Boots Three Malicious Apps From Marketplace Tied to APTs April 16, 2018 , 11:01 am Adobe Patches Four Critical Bugs in Flash, InDesign April 10, 2018 , 12:21 pm New ‘Early Bird’ Code Injection Technique Helps APT33 Evade Detection April

By | 2018-04-16T21:04:46+00:00 April 16th, 2018|Categories: Vulnerabilities | Alerts | Solutions|0 Comments

Outlook Bug Allowed Hackers to Use .RTF Files To Steal Windows Passwords | Threatpost

A vulnerability in Microsoft Outlook allowed hackers to steal a user’s Windows password just by having the target preview an email with a Rich Text Format (RTF) attachment that contained a remotely hosted OLE object. The bug was patched by Microsoft as part of its April Patch Tuesday fixes, over a year after

By | 2018-04-12T21:17:36+00:00 April 12th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Calls For Regulation Build After Facebook Privacy Fallout | Threatpost

As Facebook CEO Mark Zuckerberg appeared before Congress this week, politicians stressed the need for regulation to secure end users’ data privacy on social media platforms. The series of hearings on Tuesday and Wednesday gave members of Congress an opportunity to question Facebook about multiple recent scandals that left user data completely open,

By | 2018-04-13T07:07:44+00:00 April 12th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments