Yet again, Shodan leads an attacker to low-hanging fruit. It's worth searching for your own network addresses just to see what's open The attacker told users to sort out their printer security -- and subscribe to the vlogger "overlord," too... https://twitter.com/HackerGiraffe/status/1068714506770149376
This actually strikes me as remarkably good value. Cheaper than a full subscription to Equifax... [...] NEW DELHI: Your personal data may be up for sale on Dark Web for as low as Rs 3,500 that includes stolen social media accounts, banking details and credit card information from sites like Uber as well as gaming and porn websites, a new research has warned. According to cyber security firm Kaspersky Lab that investigated Dark Web markets to find out how much personal dat
We may laugh, but who hasn't used, and reused, a laughably simple password at some point?...: The "Worst Password Offenders of 2018," assembled by password management vendor Dashlane, goes from the ridiculous to the horrifying. The No. 1 offender on the list is the former, Kanye West, who shared his password — 000000 — on television as he unlocked his iPhone to show the screen to President Trump during an Oval Office meeting. [...] Other offenders on the list includ
A reminder that most cyber crime doesn't involve sophisticated, genius-level hackers in hoodies...: [...] Save the Children Federation, which conducts charity operations in countries across the world, told the Boston Globe that hackers gained entry into an employee's email account. The hackers then used fake invoices and other means to fraudulently direct about $1 million to a fraudulent entity based in Japan. By the time the attack was discovered, it was reportedly too l
A repost of Brian Krebs' analysis of the latest patches. The thing that caught my eye was, yet again, a zero-day exploit in Adobe Flash. Seriously...hunt and destroy all Flash-based stuff...: Adobe and Microsoft each released updates today to tackle critical security weaknesses in their software. Microsoft’s December patch batch is relatively light, addressing more than three dozen vulnerabilities in Windows and related applications. Adobe has issued security fixes for its A
The message here is that you cannot trust any network to deliver authentication for you. I like the idea that trust comes when an identified, authorised individual or process connects over a secure communications path to an identified application. Note that you don't trust any component, just the combination...: Communication infrastructure is a vital infrastructure component of every country and is, therefore, a lucrative target for any cyberattack. Mobile networks carry ...
Despite the billions thrown at information security, our report card for 2018 isn't looking great...: [..] Backdoor and ransomware detections increased 44% and 43%, respectively, in 2018, the same year nearly 30% of computers faced at least one malicious threat online, researchers report. The Kaspersky Security Bulletin 2018 found malware should be among everyone's top concerns as we head into the new year. Kaspersky Labs handled 346,000 new malicious files each day in th...