Feed aggregator

Academic research finds five US telcos vulnerable to SIM swapping attacks

ZDNet Zero Day - Sat, 01/11/2020 - 02:57
Researchers find that 17 of 140 major online services are vulnerable to SIM swapping attacks.
Categories: Security News

Proof-of-concept code published for Citrix bug as attacks intensify

ZDNet Zero Day - Sat, 01/11/2020 - 01:00
Two Citrix bug (CVE-2019-19781) exploits have been published on GitHub yesterday, making future attacks trivial for most hackers.
Categories: Security News

Friday Squid Blogging: Stuffed Squid with Vegetables and Pancetta

Schneier on Security - Fri, 01/10/2020 - 16:09
A Croatian recipe. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security News

Hundreds of millions of cable modems are vulnerable to new Cable Haunt vulnerability

ZDNet Zero Day - Fri, 01/10/2020 - 12:21
Cable modems using Broadcom chips are vulnerable to a new vulnerability named Cable Haunt, researchers say.
Categories: Security News

Police Surveillance Tools from Special Services Group

Schneier on Security - Fri, 01/10/2020 - 08:41
Special Services Group, a company that sells surveillance tools to the FBI, DEA, ICE, and other US government agencies, has had its secret sales brochure published. Motherboard received the brochure as part of a FOIA request to the Irvine Police Department in California. "The Tombstone Cam is our newest video concealment offering the ability to conduct remote surveillance operations from... Bruce Schneier
Categories: Security News

TrickBot hackers create new stealthy backdoor for high-value targets

ZDNet Zero Day - Fri, 01/10/2020 - 07:32
PowerTrick is reserved for the most lucrative targets on the gang’s hit list.
Categories: Security News

Man jailed for using data breach info leaks to claim over $12 million in IRS tax refunds

ZDNet Zero Day - Fri, 01/10/2020 - 05:57
Information leaked due to data breaches was used to file fraudulent tax returns.
Categories: Security News

Cybersecurity acquisitions run rampant this week: Who has bought what?

ZDNet Zero Day - Fri, 01/10/2020 - 05:00
As a new year unfolds, so do portfolio changes and acquisition deals in the cybersecurity sector.
Categories: Security News

Google details its three-year fight against the Bread (Joker) malware operation

ZDNet Zero Day - Fri, 01/10/2020 - 04:10
Google says it removed more than 1,700 Android apps infected with Bread (Joker) malware since 2017.
Categories: Security News

50+ orgs ask Google to take a stance against Android bloatware

ZDNet Zero Day - Thu, 01/09/2020 - 13:56
Privacy organizations ask Google to introduce new OEM rules for Android bloatware.
Categories: Security News

Unremovable malware found preinstalled on low-end smartphone sold in the US

ZDNet Zero Day - Thu, 01/09/2020 - 10:31
Malwarebytes said it found malware pre-installed on Unimax U673c handsets, sold by Assurance Wireless (Virgin Mobile) in the US.
Categories: Security News

Hackers probe Citrix servers for weakness to remote code execution vulnerability

ZDNet Zero Day - Thu, 01/09/2020 - 08:52
At least 80,000 organizations could be at risk.
Categories: Security News

Travelex customers left in cashless limbo, ICO not formally alerted to data theft claims

ZDNet Zero Day - Thu, 01/09/2020 - 06:04
The ransomware attack has infuriated stranded customers and the ICO has still not seen an official data breach report.
Categories: Security News

City of Las Vegas said it successfully avoided devastating cyber-attack

ZDNet Zero Day - Thu, 01/09/2020 - 02:11
Security breach took place on January 8, but the city said it detected the intrusion in time to prevent any damage.
Categories: Security News

New Iranian data wiper malware hits Bapco, Bahrain's national oil company

ZDNet Zero Day - Wed, 01/08/2020 - 22:28
Saudi Arabia's cyber-security agency spots new Dustman data-wiping malware.
Categories: Security News

Operation Goldfish Alpha reduces cryptojacking across Southeast Asia by 78%

ZDNet Zero Day - Wed, 01/08/2020 - 16:43
Interpol and CERT teams from 10 Southeast Asian countries crack down on hacked MikroTik routers.
Categories: Security News

Mozilla patches Firefox zero-day reported by Qihoo 360

ZDNet Zero Day - Wed, 01/08/2020 - 15:20
Chinese security firm claims there's also an accompanying Internet Explorer zero-day.
Categories: Security News

New SHA-1 Attack

Schneier on Security - Wed, 01/08/2020 - 09:38
There's a new, practical, collision attack against SHA-1: In this paper, we report the first practical implementation of this attack, and its impact on real-world security with a PGP/GnuPG impersonation attack. We managed to significantly reduce the complexity of collisions attack against SHA-1: on an Nvidia GTX 970, identical-prefix collisions can now be computed with a complexity of 261.2rather than264.7,... Bruce Schneier
Categories: Security News

Telegram opens lid on TON project amid SEC spat: ‘Grams won’t help you get rich’

ZDNet Zero Day - Wed, 01/08/2020 - 06:36
No cryptocurrency wallet will be integrated with Telegram Messenger either -- at least, not yet.
Categories: Security News

ATM skimmer sentenced for fleecing $400,000 out of US banks

ZDNet Zero Day - Wed, 01/08/2020 - 05:29
ATM users had their cards read and bank accounts pillaged.
Categories: Security News