News

...And more from the world of infosec this week

Roundup  Here's a quick catch-up of all things infosec beyond what we've already reported this week.…

Explosives activated by wireless networking signals discovered amid election

Terrorists have been caught strapping Wi-Fi-activated backup triggers to bombs in Indonesia, police revealed this week.…

A cross-site scripting flaw in a popular WordPress plugin enables an unauthenticated attacker to insert JavaScript payloads into impacted websites.

Six-week investigation delay shrank payment by 13%

A $1.2m shipment of livestock feed went awry when "hackers" intercepted and tweaked emails with payment details, eventually costing the cheeky buyers an extra $161,000 after exchange rates moved during the legal fallout.…

The decision to pay a ransom in the case of a ransomware attack can be a complex one for businesses.

The importance of reading the network tealeaves of a company’s network traffic to head off an attack.

We read this week's Huawei happenings and filleted it so you don't have to

Roundup  Huawei has been kicked by a US national emergency proclamation hitting "foreign" gear, spent some cash in France, claimed it's worth billions to Britain and was described as "a potential security risk" by a former head of MI6. And that's just the last five days.…

From a zero day flaw in WhatsApp, to Patch Tuesday fixes, Threatpost breaks down the top vulnerabilities of this week.

Do the thing ASAP, you know how it works by now

Among a bumper crop of 57 security issues Cisco divulged on Wednesday was a fix for a trio of vulns, one critical, in networks management tool Prime Infrastructure.…

If orange is the new black, she's back in black

After seven days of freedom, US Army whistleblower Chelsea Manning is back behind bars for refusing to testify before a secret federal grand jury investigating WikiLeaks.…

Most exciting Enid Blyton book yet – Five accused of international fraud?

Ten people have been accused of masterminded the theft of roughly $100m from bank accounts using the Goznym malware. Five have been arrested, charged, and are facing prosecution, and five have been indicted and remain at large. An eleventh person linked to the software nasty is awaiting sentencing after admitting his crimes.…

DoS cyber-attacks are not just for websites, they may also be for aircraft ILS

Video  Aircraft instrument landing systems (ILS) are susceptible to radio signal spoofing using off-the-shelf equipment, boffins have found, calling into question the adequacy of aviation cybersecurity.…

The bloom is on mobile, whether it be the enterprise, employees or the cybercriminals plotting new ways to slip past a corporate defenses in a post-parameter world.

The web skimming script was recently found stealing payment data on the websites of Forbes Magazine as well as seven others.

As soon as defences are sold as a product, hygiene suffers

The US Cybersecurity and Infrastructure Security Agency (CISA) has become the latest government body to plead with admins to implement security best practices on Microsoft's Office 365 platform.…

The vendor also issued a patch schedule for the still-unpatched bug in its Secure Boot trusted hardware environment, which affects most of its enterprise and SMB portfolio, amounting to millions of vulnerable devices.

Europol said it has dismantled the cybercrime network behind the GozNym malware, which siphoned more than $100 million from businesses.

Dead-tree devotees who recently signed up may want to check their statements

The Magecart credit-card-skimming malware that is the bane of internet shoppers has been spotted again, this time on the Forbes magazine subscription website.…

Google is offering free replacements for its Titan Security Key after discovering a misconfiguration in its pairing protocols.

A pairing problem makes an account compromise possible, although improbable

Google is offering free replacements of its Titan Security Keys, used for two-factor authentication, after learning the widgets' Bluetooth connections could be compromised by nearby hackers.…