Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Oracle
Oracle releases emergency Oracle Identity Manager patch

Oracle has issued an out-of-cycle patch that plugs a critical vulnerability (CVE-2017-10151), affecting Oracle Identity Manager, its widely-used enterprise identity management …

Android
Cryptocurrency-mining script planted in apps on Google Play

Coinhive’s cryptocurrency-mining script has found its way into mobile apps offered on Google Play. Trend Micro researchers have spotted two apps that have been equipped …

Firefox fingerprint
Firefox will soon block canvas-based browser fingerprinting attempts

Starting with Firefox 58, users will be able to refuse websites’ requests for information extracted via the HTML5 canvas element, which can be used to fingerprint their …

Google Chrome biohazard
Malicious Chrome extension steals all data

There’s a glut of malicious Google Chrome extensions out there, but some are more harmful than others. The one that SANS ISC incident handler Renato Marinho has dubbed …

LG HomeHack
Researchers turn LG’s Hom-Bot vacuum cleaner into a real-time spying device

Check Point researchers have discovered a vulnerability in LG’s smart home infrastructure that could have allowed hackers to take over the legitimate user’s account and, …

maritime control panel
Critical flaws in maritime comms system could endanger entire ships

IOActive security consultant Mario Ballano has discovered two critical cybersecurity vulnerabilities affecting Stratos Global’s AmosConnect communication shipboard platform. …

Hands
Offshore law firm Appleby confirms data breach

Appleby, a major offshore law firm based in Bermuda, has confirmed it has suffered a data security incident in 2016 that resulted in some of their data being compromised. …

Coinhive
Coinhive breached due to old, reused password

Coinhive has suffered another setback: their DNS records have been surreptitiously changed by attackers, allowing them to steal cryptocurrency mined via the project’s …

NotPetya successor Bad Rabbit hits orgs in Russia, Ukraine

Bad Rabbit ransomware, apparently modeled on NotPetya, has hit a number of organizations across Russia, Ukraine, and Eastern Europe on Tuesday. Russian security outfit …

Windows 10
Is the Windows 10 controlled folder access anti-ransomware feature any good?

With last week’s release of Windows 10 Fall Creators Update, users get a new feature aimed at stopping ransomware from encrypting their most important files. It’s …

Pixie
Camera-based, single-step two-factor authentication resilient to pictionary, shoulder surfing attacks

A group of researchers from Florida International University and Bloomberg LP have created Pixie, a camera-based two-factor authentication system that could end up being a …

find
The impact of threat hunting on your security operations

The main goal of threat hunting is to find traces attackers have left behind in the organization’s IT environment. These traces can date back to already solved crises or …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools