CORE REsilience

266 Flips | 1 Magazine | 3 Likes | 1 Following | 2 Followers | @stefanbotha7146 | RESILIENT NETWORKS

Report: Cops already have workaround for upcoming iPhone security patch

TNW yesterday reported iOS is getting a security update to block hardware that can unlock an iPhone without owner consent. Today, Grayshift, the company behind said hardware, claimed it could already defeat the features in the planned release.<p>Law enforcement agencies and Apple don’t see eye-to-eye …

Privacy

Time to cover your webcam? This stealthy spyware records video and audio

Sneaky malware is highly targeted and goes out the way to avoid detection - and nobody knows how it infects its victims.<p>What is malware?<p>Cyber attacks …

Extracted

The Elite Microsoft Hacker Team That Keeps Windows PCs Safe

One of them jailbroke Nintendo handhelds in a former life. Another has more than one zero-day exploit to his name. A third signed on just prior to …

Windows 10

Russian VPNFilter Router Malware Much Worse Than Thought: What to Do

Remember that Russian router malware warning from last week? The situation is even worse than we originally thought, and a whole lot more router …

Wi-Fi

Report: Nearly half of all enterprises were hacked in the last 12 months

The survey found that organizations that did report a breach in the last year had been hacked an average of 30 times.<p>The daily stream of stories …

Cybersecurity

Israeli cyber company beats hackers in unique competition

The competition was open to hackers from across the globe and hundreds participated.<p>><br>• ><p>A man holds a laptop computer as cyber code is projected on …

Cybersecurity

Justice Department announces seizure of domain behind Russian-backed botnet

<b>Washington (CNN) —</b> The Justice Department announced Wednesday that it had seized an internet domain that's at the center of a Kremlin-backed hacking campaign, largely thwarting the potential weaponization of a network of more than half a million web-connected devices across the globe, experts …

Cybersecurity

Malware Infects 500,000 Routers and Network Devices in 54 Countries, What You Should Do

A new pervasive cyberthreat has been discovered in the devices of many small business and home workers. Amazingly, it probably could have been prevented (and possibly eliminated) with a simple DIY fix.<p>A new malware, known as VPNFilter, recently identified by Cisco Talos Intelligence Group, may have …

Routers

US takes aim at Russian hackers who infected over 500,000 routers

More than half a million routers and network devices in 54 countries have been infected with sophisticated malware, researchers from Cisco's Talos Intelligence Group warn.<p>The malware, which the security researchers are calling VPNFilter, contains a killswitch for routers, can steal logins and …

Cybersecurity

Email Is Dangerous

Electronic mail as we know it is drowning in spam, forged phishing mails, and other scams and hacks. It’s going to get worse before it gets better.<p>One week ago, a group of European security researchers warned that two obscure encryption schemes for email were deeply broken. Those schemes, called …

Security

Teen phone monitoring app leaked thousands of user passwords

Exclusive: A server stored teenagers' Apple ID email addresses and plaintext passwords.<p>At least one server used by an app for parents to monitor …

Information Systems

Ex-Intel security expert: This new Spectre attack can even reveal firmware secrets

A new variant of Spectre can expose the contents of memory that normally can't be accessed by the OS kernel.<p><i>Video: AMD and Microsoft join forces to</i> …

Get Ready for 'WannaCry 2.0'

Another widespread worm attack is "inevitable," but spreading a different more lucrative or destructive payload, experts say.

Cybersecurity

WannaCry fever pays off for cyber security giant Sophos

The ransomware attack on the NHS and new data protection laws helped cap a buoyant year for cybersecurity company Sophos.<p>The FTSE 250 technology company reported a 22pc growth in billings - an indicator of future revenues - to $768.6m (£582m) for the year ending March 31.<p>Sophos reported a 20pc …

Cisco critical flaw warning: These 10/10 severity bugs need patching now

Cisco's software for managing software-defined networks has three critical, remotely exploitable vulnerabilities.<p><i>Cisco patches critical Smart Install</i> …

This Search Engine Is Profitable Without Tracking You Online. And Google and Facebook Could Do It Too

Here's how<p>Facebook could be profitable without tracking you as intently as it does, but the social media network doesn’t want you to realize that. …

Linux admins: Dire vulnerability gives attackers root access in RHEL, CentOS, Fedora

A flaw related to a NetworkManager integration script is trivially easy for attackers to leverage.<p>A command injection vulnerability has been …

This new type of DDoS attack takes advantage of an old vulnerability

The new technique has "the potential to put any company with an online presence at risk of attack", warn researchers.<p><i>Video: US service provider</i> …

This malware is harvesting saved credentials in Chrome, Firefox browsers

Researchers say the new Vega Stealer malware is currently being used in a simple campaign but has the potential to go much further.<p>Vega Stealer …

Two-factor authentication hackable - easy to spoof

Two-factor authentication may not be the panacea of securing access to online accounts that many believe it is as KnowBe4's Kevin Mitnick shows how …

Email No Longer a Secure Method of Communication After Critical Flaw Discovered in PGP

If you use PGP or S/MIME for email encryption you should immediately disable it in your email client. Researchers have discovered a critical …

How the cyber insurance industry detects the next big attacks

Jenny Soubra, Allianz's US head of cyber, talked with TechRepublic about counterintelligence measures on the dark web and Yelp-style sites for rating …

Patch your Windows 10 PC, now! Hackers are exploiting a zero-day flaw

Patch your Windows 10 device quick, as hackers are currently taking advantage of a zero-day “Double Kill” flaw in Internet Explorer to infect PCs …

Windows 10

Windows critical flaw: This security bug is under attack right now, says Microsoft

Microsoft patches two flaws that are already under attack, among the 67 bugs in May's Patch Tuesday update.<p><i>Video: Microsoft's reverse engineering</i> …

These 3 cyberattacks hit businesses hardest in 2017

Internet crime cost victims $1.42 billion in 2017, according to the FBI.<p>Internet crime cost victims $1.42 billion in 2017, according to the FBI's …

Equifax Now Says Over 56,000 Driver's Licenses, Passports, and Other IDs Were Stolen, Too

Credit-reporting agency Equifax has revealed new details this week about the personal data of customers exposed in last year’s data breach.<p>In …

Over 55,000 security camera DVRs are vulnerable to an exploit so simple it fits in a tweet

Last month, Argentinian security researcher Ezequiel Fernandez published CVE-2018-9995, a vulnerability he discovered in dozens of brands of DVR that …

Thousands of Companies Are Still Downloading the Vulnerability That Wrecked Equifax

When the news emerged that Equifax had succumbed to a colossal data breach from mid-May through July of last year, consumers were livid—in part …

NSA: The Silence of the Zero Days

NSA: The Silence of the Zero Days US Defense Department Defenders Say Attackers Don't Need No Stinking Zero Days Mathew J. Schwartz (euroinfosec) • …

Defending Against an Automated Attack Chain: Are You Ready?

Recent threats like AutoSploit bring malware-as-a-service to a whole new level. Here are four ways to be prepared.