Post

Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

No, Panera Bread Doesn’t Take Security Seriously

The dots do matter: how to scam a Gmail user

Vulnerability Note VU#578598

OSINT from ship satcoms

Tracking & hacking ships with Shodan & AIS

Remotely hacking ships shouldn't be this easy, and yet ...

Hacking train Wi-Fi may expose passenger data and control systems

IBM bans all removable storage, for all staff, everywhere

L'ultima frontiera delle cybertruffe: Pec false di banche online, svuotati centinaia di conti correnti

Over a Million Dasan Routers Vulnerable to Remote Hacking

New Hacking Tool Lets Users Access a Bunch of DVRs and Their Video Feeds

Hyperoptic's ZTE-made 1Gbps routers had hyper-hardcoded hyper-root hyper-password

Single single-sign-on SNAFU threatens three Cisco products

A $152, 000 Ether Theft Just Exploited A Massive 'Blind Spot' In Internet Security

Windows-powered medical scanners are being hit by health care hackers

An Elaborate Hack Shows How Much Damage IoT Bugs Can Do

Securing wireless neurostimulators

Android apps prove a goldmine for dodgy password practices

Exposed: Lazy Android mobe makers couldn't care less about security

UK And US Accuse Russia Of Hacking Home Routers In Global Cyberattacks

Thousands of compromised websites spreading malware via fake updates

Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password

Finland probing 130,000 login credentials breach

‘FakeUpdates’ campaign leverages multiple website platforms

Secret Service Warns of Chip Card Scheme

“Open sesame”: Industrial network gear hackable with the right username

Cambridge Analytica website running an critically vulnerable version of Drupal

Saks, Lord & Taylor Hit With Data Breach

Be wary when scanning QR codes with iOS 11’s camera app

Qualcuno ha rubato 2 milioni di euro alla Lazio?

State-Sponsored Cyber Theft

DOJ Indicts 9 Iranians for Cyber Heists Against 144 Colleges

Update Samba Servers Immediately to Patch Password Reset and DoS Vulnerabilities

Anonymous ha attaccato il Miur e pubblicato le mail di 26 mila insegnanti

Nine Iranians Charged With Conducting Massive Cyber Theft Campaign on Behalf of the Islamic Revolutionary Guard Corps

Nine Iranians accused of hacking 320 unis, 47 businesses in 22 nations on Tehran's orders

Hackers steal banking & personal data of 800,000 Orbitz customers

Suspicious likes lead to researcher lighting up a 22, 000-strong botnet on Twitter

Off-the-Shelf Smart Devices Found Easy to Hack

Israeli Security Attacks AMD by Publishing Zero-Day Exploits

Attacks on 4G LTE networks could send fake emergency alerts

It's March 2018, and your PC can be pwned by reading an article

Pre-Installed Malware Found On 5 Million Popular Android Phones

A Cyberattack in Saudi Arabia Had a Deadly Goal. Experts Fear Another Try.

AMDFLAWS

Poisoned peer-to-peer app kicked off Dofoil coin miner outbreak

Attacco hacker, il MIUR precisa: dati pubblicati non sono riconducibili a componenti dei sistemi informatici del Ministero

Crooks Created 28 Fake Ad Agencies to Disguise Massive Malvertising Campaign

EFF and Lookout Uncover New Malware Espionage Campaign Infecting Thousands Around the World

British 15-year-old gained access to intelligence operations in Afghanistan and Iran by pretending to be head of CIA, court hears

Brazilian government providing warm waters for shoals of phish

UPDATE 1-Schneider Electric says bug in its software exploited in hack

Schneider Electric says software bug exploited in watershed hack

Lebanese Government Hackers Hit Thousands of Victims With Incredibly Simple Campaign

How I exploited ACME TLS-SNI-01 issuing Let's Encrypt SSL-certs for any domain using shared hosting

Researchers: SCADA Mobile Apps Continue to Have ‘Shocking’ Number of Vulnerabilities

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300, 000 Sites

1 out of 5 USBs given away to promote Taiwan's cybersecurity campaign contain virus

Correggio, attacco hacker di Anonymus contro gli autovelox

Hackers Broke Into Forever 21's Payment System For Over Half of 2017

WhatsApp Flaws Could Allow Snoops to Slide Into Group Chats

ESET research: Appearances are deceiving with Turla’s backdoor-laced Flash Player installer

Western Digital My Cloud drives have a built-in backdoor

Critical Unpatched Flaws Disclosed In Western Digital 'My Cloud' Storage Devices

US Homeland Security breach compromised personal info of 200, 000+ staff

CoffeeMiner: Hacking WiFi to inject cryptocurrency miner to HTML requests

New Android trojan targeting over 60 banks and social apps

Android banking Trojan targets more than 232 apps including Indian Banks : Quick Heal Technologies Security Blog : Latest computer security news, tips, and advice

Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign

Multiple vulnerabilities in the online services of (GPS) location tracking devices

Nintendo Switch Hacked to Run Pirated Games

That Game on Your Phone May Be Tracking What You’re Watching on TV

LastPass Authenticator Android app is easy to break into

Mirai Variant "Satori" Targets Huawei Routers

JexBoss - JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool

NotPetya’s Cost to FedEx: $400 Million and counting

Washington DC’s surveillance cameras hacked… to send spam

Romanian hackers infiltrated 65% of DC's outdoor surveillance cameras

Home Economics: How Life in 123 Million American Households Was Exposed Online

How a Dorm Room Minecraft Scam Brought Down the Internet

Forever 21 clothing stores hit by credit card data breach after encryption failure

With deletion of one wallet, $280M in Ethereum wallets gets frozen

Flaw crippling millions of crypto keys is worse than first disclosed

Code Execution via Insecure Lenovo Objects

Mailsploit: using emails to attack mail software

Microsoft leaks TLS private key for cloud ERP product

Mailsploit: it's 2017, and you can spoof the 'from' field in e-mail

Modern-day “Ferris Bueller” hacks school, changes grades, applies to Ivy League colleges

CVE-2017-11826 Exploited in the Wild with Politically Themed RTF Document

Man-in-the-Middle Attack against Electronic Car-Door Openers

Imgur breached back in 2014, wasn’t storing your passwords properly

Bitcoin Gold wallet compromised, users may have downloaded malware

17-Year-Old MS Office flaw CVE-2017-11882 could be exploited to remotely install malware without victim interaction

Oracle Products Affected by Critical JOLTandBLEED Vulnerabilities

Confusion reigns over crypto vuln in Spanish electronic ID smartcards

BlueBorne Vulnerability Also Affects 20Mil Amazon Echo and Google Home Devices

How AV can open you to attacks that otherwise wouldn’t be possible

Google says hackers steal almost 250,000 logins each week

Silence – a new Trojan attacking financial organizations

Day trader indicted for 'cyber boiler room' scheme targeting hacked online brokerage accounts

Microsoft issues advisory to users after macro-less malware attacks

Critical Tor flaw leaks users’ real IP address—update now

It took Russian hackers just over a week to penetrate Clinton campaign email

Stuxnet-style code signing is more widespread than anyone thought

Falsi F24 via e-mail, ecco il malware che "si traveste" da Agenzia delle Entrate

HomeHack: How Hackers Could Have Taken Control of LG’s IoT Home Appliances

Savitech USB audio drivers install a new root CA certificate

CryptoShuffler Trojan has quietly stolen $140,000 worth of Bitcoin

A One-Minute Attack Let Hackers Spoof Hotel Master Keys

Medic! Orangeworm malware targets hospitals worldwide The Register

Hotel motel Holiday Inn? Doesn't matter they may need to update their room key software The Register

piccole spese: cornici - acquisti

Bot-ched security: Chat system hacked to slurp hundreds of thousands of Delta Air Lines Sears customers' bank cards The Register

Brain monitor had remote code execution and DoS flaw The Register

Learning by playing

Tennessee hospital notifies 24, 000 patients after EMR system attacked with cryptocurrency mining software

Wish you could log into someone's Netgear box without a password? Summon a genie=1 The Register