News
-
"Netgear Zero-Day Allows Full Takeover of Dozens of Router Models"Researchers have discovered an unpatched, zero-day vulnerability in firmware for Netgear routers. The flaw is a memory-safety issue present in the firmware's httpd web server, and it allows attackers to bypass authentication on affected…
-
"Half of Mobile Banking Apps are Vulnerable to Fraud Data Theft"According to a recent study by Positive Technologies, more than half of mobile banking applications are vulnerable to fraud and data theft because of easily exploitable security flaws. The company's security experts examined 14 banking apps. The findings…
-
"Intel's Tiger Lake Processors Will Feature On-Chip Malware Protections"Intel recently announced the next generation of Intel mobile processors, which will include a defense mechanism against control-flow hijacking attacks. Intel's Control-Flow Enforcement Technology (Intel CET) will provide this protection via the company's…
-
"Data Security in Website Tracking"Companies use tracking services to collect data for targeted advertising. These tracking services collect troves of data, including what websites were accessed by users, the times they visited the websites, and location information. Due to the…
-
"China-Backed Hackers Target Biden Campaign in Early Sign of 2020 Election Interference"Google recently announced that earlier this month, on June 4th, an APT group targeted Biden's campaign staff with phishing attempts. The group behind the attacks is called APT31, also known as Zirconium. Zirconium is a Chinese state-sponsored…
-
"Cybercriminals Unleash Diverse Wave of Attacks on COVID-19 Vaccine Researchers"Organizations working to develop a COVID-19 vaccine have been experiencing an increase in government-led attacks. A variety of attacks on COVID-19 research teams and facilities aim to steal information about potential vaccines. Google released a report…
-
"Pentagon Wants to Scale Up Its Device Security Program"The U.S. Defense Department's (DoD) Comply-to-Connect (C2C) program aims to ensure that smartphones, laptops, desktops, and other devices connected to the department's network meet the Pentagon's cybersecurity requirements. The DoD wants to expand the…
-
"AWS Said it Mitigated a 2.3 Tbps DDoS Attack, The Largest Ever"Amazon's AWS shield service mitigated the largest DDoS attack ever recorded, stopping a 2.3 Tbps attack in February of this year. The attack was carried out by adversaries using hijacked CLDAP web servers and caused three days of "elevated threat" for…
-
"Companies Still Struggle With SOC Staff Shortages, Security Skills Gap"A survey conducted by Exabeam to which 295 respondents in the U.S., Canada, Germany, and Austalia responded, give insight into how analysts and security operations center (SOC) leaders perceive their operations, technologies, hiring and staffing,…
-
"LinkedIn ‘Job Offers’ Targeted Aerospace, Military Firms With Malware"A recently discovered malware campaign researchers call Operation In(ter)ception is targeting Middle Eastern and European aerospace and military companies. The adversaries are impersonating human resource employees from General Dynamics, and…
-
"U Nevada-Reno's programs Designated Center of Academic Excellence in Cyber Defense (CAE-CD)"The Centers for Academic Excellence in Cyber Defense (CAE-CD), co-sponsored by the National Security Agency (NSA) and the Department of Homeland Security (DHS), aims to ensure that cyber defense professionals graduate with cybersecurity expertise gained…
-
"Critical Flaws in Embedded TCP/IP Library Impact Millions of IoT Devices Across Industries"Critical vulnerabilities found in an embedded TCP/IP library put millions of devices, including infusion pumps, printers, IP cameras, video conferencing systems, and industrial control systems at risk. The 19 vulnerabilities discovered by JSOF, a company…