SecuArk

116 Flips | 1 Magazine | 21 Following | 1 Follower | @SecuArk | www.secuark.com

Vulnerable industrial controls directly connected to Internet? Why not?

Even some devices with patches available are connected to the naked Internet.<p>Yesterday, Siemens issued an update to a year-old product vulnerability …

20 most dangerous mobile apps: How to best mitigate the risk

Mobile apps can be a nightmare for IT. There are millions of them, and most were developed without any concern for security. Some IT organizations …

Microsoft is issuing software updates to fix the damage caused by Intel's Spectre and Meltdown patches

If it doesn't sound clear, it's because it is indeed a mess. Here's what happened:<p>When the Spectre and Meltdown security flaws were found, Intel issued some security patches that compromised performance on Windows 10 machines, but seemingly kept them safe from being exploited.<p>Some users, however, …

Do website design platforms pose too big a security risk?

Here’s why the epidemic of malicious ads grew so much worse last year

Forced redirects from Zirconium group push phony malware and fake Flash updates.<p>Last year brought a surge of sketchy online ads to the Internet that …

Apple issues Meltdown and Spectre patches for older versions of its Mac operating system — and you should install them right away

If you've got a Mac running an older version of Apple's computer operating system, you can now download a software patch to protect your device from the Meltdown and Spectre attacks.<p>Apple on Tuesday issued updates for macOS Sierra and OS X El Capitan, the two versions of its computer operating …

Hacker Uses Malware to Steal Gas From Paying Customers

Russian authorities have arrested Denis Zayev in Stavropol, Russia, on accusations of defrauding countless of car owners with malware installed on …

Behind the simulations imagining the nuclear apocalypse

Nightmare scenario<p>The nuclear plant employees stood in rain boots in a pool of water, sizing up the damage. Mopping up the floor would be straightforward, but cleaning up the digital mess would be far from it.<p>A hacker in an adjacent room had hijacked a simulated power plant, using the industrial …

The top 10 security challenges of serverless architectures

Broken authentication and privileged access without cause are among the most common security concerns.<p>Serverless architectures, also known as …

Beware of hackers and scams when you’re installing Meltdown and Spectre patches

Last week, the world learned that most computers and smartphones out there contain chips that come with severe hardware flaws that would allow …

Satori Botnet Attack Hijacks Ethereum From Mining Rigs

The massive Satori botnet has reappeared with a new target. According to security researchers , the collection of compromised Internet of Things …

Meltdown and Spectre: to patch or not to patch

As IT recoils from the Spectre and Meltdown chip exploits, companies face patches that are incompatible, leading to crashes, reduced performance and …

PSA: New macOS DNS hijacking malware discovered, also capable of screenshots, file access, more

Apple’s macOS is reportedly the target of a new DNS hijacking exploit. As noted by The Hacker News, the malware is being likened to the DNSChange trojan that affected over four million computers in 2011…<p>This sort of malware works by changing DNS server settings on affected computers, thus routing …

'Text bomb' is latest Apple bug

A new "text bomb" affecting Apple's iPhone and Mac computers has been discovered.<p>Abraham Masri, a software developer, tweeted about the flaw which typically causes an iPhone to crash and in some cases restart.<p>Simply sending a message containing a link which pointed to Mr Masri's code on programming …

Microsoft releases PowerShell script to check if your PC is vulnerable to Meltdown and Spectre

In the wake of the Meltdown and Spectre chip bug revelations, people around the world are wondering whether or not they are affected. Bearing in mind …

Huawei Router Exploit Code Used in IoT Botnet Goes Public

Hackers have released the exploit code for Huawei router vulnerability that helped to enable the Satori IoT botnet.

Sublist3r – Fast Python Subdomain Enumeration Tool

Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and …

WannaCry, Petya, NotPetya: how ransomware hit the big time in 2017

For thousands of people, the first time they heard of “ransomware” was as they were turned away from hospitals in May 2017.<p>The WannaCry outbreak had shut down computers in more than 80 NHS organisations in England alone, resulting in almost 20,000 cancelled appointments, 600 GP surgeries having to …

Cybersecurity

Popular Chrome extension with over 105,000 users found secretly mining cryptocurrency

The extension was found running the popular cryptocurrency miner Coinhive to hijack visitors' CPU processing power and mine Monero.<p>The year 2017 has …

Guy arrested for 'Nigerian prince' email scams is definitely not Nigerian royalty

The "Nigerian prince" email scam is one of the most notorious cybercimes out there, and the people behind it may have hit a bit of a snag after one …

Identity Theft

Forever 21 Releases Details of Security Breach

The retailer found encryption technology turned off and malware installed in some of its U.S. store cash register systems.<p>Forever 21 said Thursday it …

Security

Britain’s spy agency can’t stop losing cyber talent to major tech companies

The NSA isn’t the only secretive national intelligence agency having trouble keeping its tech-savvy recruits. In a new document from the Intelligence and Security Committee of Parliament, Britain’s spy agency describes its difficulty in fending off tech companies keen to poach its workers.<p>In the …

How to Use Encryption: It's Easy

The past year was a tough one for data security, with consumers being affected by ransomware attacks, phishing scams, and a dizzying number of data …

Information Systems

'Steve Jobs' is an Italian company — and Apple can't do anything about it

Steve Jobs jeans, anyone?<p>After years of legal battles, a pair of brothers — Vincenzo and Giacomo Barbato — have successfully managed to win a legal battle against Apple, earning the right to call their company “Steve Jobs,” after Apple’s iconic founder, according to <i>la Repubblica Napoli</i><i>.</i><p>The fight …

The 12 biggest hacks, breaches, and security threats of 2017

Security issues took a turn for the serious in 2017. This time around we still suffered the password breaches, malware annoyances, and stolen credit card numbers that have become commonplace in recent years. But the headlines were dominated by more sobering issues.We saw foreign adversaries trying …

Importance of Data Security in the Age of Artificial Intelligence

Policymakers need to look at standardization of digital health records by identifying a systematic approach to IT in healthcare<p>4 min read<p>Opinions expressed by <i>Entrepreneur</i> contributors are their own.<p>You're reading Entrepreneur India, an international franchise of Entrepreneur Media.<p>In the age of …

Digital Health

Vulnerability Affects Hundreds of Thousands of IoT Devices

Here's something to be cheery on Christmas Day —a vulnerability affecting a web server that's been embedded in hundreds of thousands of IoT …

Criminals spoof scanners and printers by the millions to spread malware

Cybercriminals are spoofing scanners by the millions to launch attacks containing malicious attachments that appear to be coming from the network …

Hackers are spreading cryptocurrency mining malware through Facebook Messenger

Either by choice or through hacks, drive-by cryptomining is becoming popular. The increasing price of cryptocurrencies has seen more websites …

Trend Micro

No More Ransom: a clearinghouse for removing ransomware without paying

No More Ransom is a joint effort by Europol, the Dutch police, Kaspersky and McAfee to help people who've been compromised by ransomware get their …

Ransomware