RSAC 2019: 58% of Orgs Have Unfilled Cyber Positions

Kapersky Labs - Mon, 04/03/2019 - 14:00
The workforce and skills gap in cybersecurity continues to plague organizations.
Categories: News

Container Escape Hack Targets Vulnerable Linux Kernel

Kapersky Labs - Mon, 04/03/2019 - 13:30
A proof-of-concept hack allows adversaries to tweak old exploits, have code jump containers and attack underlying infrastructure.
Categories: News

RSAC 2019: An Antidote for Tech Gone Wrong

Kapersky Labs - Mon, 04/03/2019 - 11:00
As many ponder the big ethical questions around cyber, some are proposing public interest technologist as a solution.
Categories: News

Visitor Kiosk Access Systems Riddled with Bugs

Kapersky Labs - Mon, 04/03/2019 - 11:00
Student researchers working with IBM X-Force Red team find security holes in five leading visitor management systems.
Categories: News

Ah, this military GPS system looks shoddy but expensive. Shall we try to break it?

The Register - Mon, 04/03/2019 - 07:59
Did we say break? We meant test its 'survivability'

Who, Me?  Hello, dear readers. We see you've come for your weekly dose of Who, Me? to shake off this serious case of the Mondays.…

Categories: News

RSAC 2019: New Operation Sharpshooter Data Reveals Higher Complexity, Scope

Kapersky Labs - Mon, 04/03/2019 - 02:00
New look at server data behind a previously-identified espionage campaign shows that it has exceeded researchers' expectations in complexity, scope and breadth.
Categories: News

How the Dark Web Data Bazaar Fuels Enterprise Attacks

Kapersky Labs - Sun, 03/03/2019 - 15:26
What does the age of near-ubiquitous data breaches, deep fakes, and fallible biometric authentication mean for enterprise security?
Categories: News

WannaCry-hero Hutchins' trial date set, Microsoft readies Google's Spectre V2 fix for Windows 10, Coinhive axed, and more

The Register - Sat, 02/03/2019 - 11:14
PS: Update Adobe ColdFusion, Cisco WebEx Meetings, Nvidia drivers with security fixes

Roundup  Here's your weekend rapid-fire roundup of infosec news, ahead of next week's RSA Conference, beyond what we've already covered.…

Categories: News

When the bits hit the FAN: US military accused of knackering Russian trolls, news org's IT gear amid midterm elections

The Register - Fri, 01/03/2019 - 21:05
Despite fried RAID and deleted hard drives, Federal News Agency calls US Cyber Command attack a failure

A Russian new service is claiming that US attacks on it and an organisation accused of state-sponsored trolling has left storage systems damaged and international servers wiped after multiple malware attacks.…

Categories: News

Adobe Patches Critical ColdFusion Vulnerability With Active Exploit

Kapersky Labs - Fri, 01/03/2019 - 20:22
Adobe has hurried out a patch for a critical arbitrary code execution vulnerability in its ColdFusion product.
Categories: News

Podcast: RSA Conference 2019 Preview

Kapersky Labs - Fri, 01/03/2019 - 18:11
The Threatpost team talks about the biggest cybersecurity stories, trends and research we'll see at RSA this year.
Categories: News

Did you hear the one about Cisco routers using <code>strcpy</code> insecurely for login authentication? Makes you go AAAAA-AAAAAAArrg *segfault*

The Register - Fri, 01/03/2019 - 18:02
RV110W, RV130W, RV215W need patching to close remote hijacking bug

Cisco has patched three of its RV-series routers after Pen Test Partners (PTP) found them using hoary old C function strcpy insecurely in login authentication function. The programming blunder can be exploited to potentially hijack the devices.…

Categories: News

Necurs Botnet Evolves to Hide in the Shadows, with New Payloads

Kapersky Labs - Fri, 01/03/2019 - 15:41
Using an on-again, off-again strategy of C2 communication helps it hide from researchers.
Categories: News

After last year's sexism shambles, 2019's RSA infosec event has upped its inclusivity game

The Register - Fri, 01/03/2019 - 13:39
But the proof of the pudding will be in the eating

RSA  As San Francisco gets ready for its annual RSA Gabfest Conference, organisers appear to have got the message over inclusivity following last year's fiasco, but they aren't out of the woods yet.…

Categories: News

Spot the cyber-crims before they spot your data: Find out more in this here webinar – free for every <i>Reg</i> reader

The Register - Fri, 01/03/2019 - 07:03
Learn attackers’ ways to keep your systems safe

Webcast  Today's cyber-miscreants get smarter all the time, constantly learning from each other and finding new ways to hack into organisations' IT systems.…

Categories: News

Surprise, surprise, yet another cryptocurrency creator collared, hit with $6 million fraud rap

The Register - Thu, 28/02/2019 - 20:27
All that glitters ain't gold, as they say

The founder of now-dead cryptocurrency My Big Coin has been arrested and charged with seven counts of fraud and unlawful money transfers for what is allegedly an extraordinarily blatant scam, even in the shady world of cyber-cash schemes.…

Categories: News

In the cloud, things aren't always what they SIEM: Microsoft rolls out AI-driven Azure Sentinel

The Register - Thu, 28/02/2019 - 18:00
And 'ask a Redmond security bod' panic button for Windows Defender ATP customers

Microsoft has wheeled out two new enterprise security tools – Azure Sentinel, a cloud-based SIEM, and Microsoft Threat Experts, an infosec advice-as-a-service bundled with a panic button.…

Categories: News

Qbot malware's back, and latest strain relies on Visual Basic script to slip into target machines

The Register - Thu, 28/02/2019 - 16:15
We've said it once, we've said it a thousand times. Don't open weird attachments, kids

A new version of the decade-old banking credential-stealing Qbot malware is doing the rounds, according to infosec firm Varonis.…

Categories: News

Coinhive to Mine Its Last Monero in March

Kapersky Labs - Thu, 28/02/2019 - 16:11
The controversial cryptomining service is shutting down.
Categories: News

Cisco Fixes Critical Flaw in Wireless VPN, Firewall Routers

Kapersky Labs - Thu, 28/02/2019 - 14:27
Cisco said that CVE-2019-1663, which has a CVSS score of 9.8, allows unauthenticated, remote attackers to execute arbitrary code.
Categories: News


Subscribe to Sec Tec Limited aggregator - News