News
-
"Chrome on Android: Phishing Attackers Can Now Trick You with Fake Address Bar"A new inception attack brings attention to the importance of displaying the URL bar on a mobile device as the possibility of phishing attackers abusing the concealment of the URL bar has been highlighted. According to a developer, named James Fisher, the…
-
"Researchers Warn of Unpatched Vulnerability in Oracle WebLogic Server"Attackers' scans for the presence of a vulnerability in Oracle WebLogic servers have been detected by several security companies. According to researchers, the vulnerability that has not yet been patched is a deserialization bug that can be exploited by…
-
"Exposed Database Reveals Details on Over 80 Million Us Households"Consumers' privacy has been invaded yet again as discovered by independent researchers led by Noam Rotem. The researchers discovered an unsecured databased stored on the cloud in which the details of more than 80 million U.S. households are exposed. The…
-
"Attackers breached Docker Hub, grabbed keys and tokens"Docker, the company behind a popular virtualization tool, discovered that it had been breached by hackers. On Thursday, April 25th, 2019, the company discovered unauthorized access to a single Hub database storing a subset of non-…
-
"NIST Tool Enables More Comprehensive Tests on High-Risk Software"The National Institute of Standards and Technology (NIST) has updated a tool to improve the testing of safety-critical programs such as those used in the operation of cars, power plants, and more, to ensure that these programs are really safe. The…
-
"New Technique Uses Power Anomalies to ID Malware in Embedded Systems"Using a new technique developed by researchers from North Carolina State University and the University of Texas at Austin, malware can be detected in embedded systems. Embedded systems in voice-activated virtual assistants, industrial control systems…
-
"Embracing Creativity to Improve Cyber-Readiness"Security teams are encouraged to be more creative in their responses to cyberthreats as cyberattacks continue to grow in complexity and frequency. In addition to focusing on employee access, restriction, and controls, to bolster the security of…
-
"Industrial Control Systems Security: To Test or Not to Test?"The increased connectivity of industrial control systems has made such systems more vulnerable to cyberattacks, which could have serious implications in regard to the security and well-being of the communities that rely on them. According to IBM's X-…
-
"DNSpionage Actors Adjust Tactics, Debut New Remote Administration Tool"Threat actors behind the launch of the DNSpionage DNS hijacking campaign have modified their tactics, techniques, and procedures (TTPs), adding a new reconnaissance stage. They have also introduced a new remote administration tool, called Karkoff. The…
-
"Researchers Develop AI Tool Better Able to Identify Bad Data"The HoloClean tool detects bad data and corrects errors prior to processing the data. The new system also can automatically generate bad examples, without tainting source data. This process allows the system to learn to identify and…
-
SoS Musings #25 - Cloudy with a Chance of Data HaulsSoS Musings #25 Cloudy with a Chance of Data Hauls