Attack rates are increasing across the board
Finance and technology are the sectors most resilient to cyber intrusions, new research from Vectra Networks has found. The company released the results of its Post-Intrusion …
Hackers hosted tools on a Stanford University website for months
Compromising legitimate websites and the web servers that store and deliver them is a time-honoured tactic of opportunistic hackers, and a failure to keep them out can result …
Attacks within the Dark Web
For six months, Trend Micro researchers operated a honeypot setup simulating several underground services on the Dark Web. The goal of their research was to see if those …
New class of attacks affects all Android versions
Researchers have demonstrated how a malicious app with two specific permission can stealthily compromise users’ Android devices. “The possible attacks include …
Lure10: Exploiting Wi-Fi Sense to MITM wireless Windows devices
Karma has long been a staple man-in-the-middle attack used in authorised wireless security assessments and unsanctioned ones, but as many modern operating systems now provide …
DoubleAgent attack uses built-in Windows tool to hijack applications
Security researchers from computer and network security outfit Cybellum have revealed a new zero-day code injection and persistence technique that can be used by attackers to …
Apache servers under attack through easily exploitable Struts 2 flaw
A critical vulnerability in Apache Struts 2 is being actively and heavily exploited, even though the patch for it has been released on Monday. System administrators are …
New attack sounds death knell for widely used SHA-1 crypto hash function
SHA-1 is definitely, provenly dead, as a group of researchers from CWI Institute in Amsterdam and Google have demonstrated the first practical technique for generating a …
Attack types companies expect to encounter in 2017
What are the key attack types expected to cause the biggest security problems in 2017 and how successful will businesses be at defending against them? Tripwire and Dimensional …
Researchers bypass ASLR protection with simple JavaScript code
A group of researchers from the Systems and Network Security Group at VU Amsterdam have discovered a way to bypass address space layout randomization (ASLR) protections of …
Banks around the world targeted in watering hole attacks
The January attacks against Polish financial institutions through the booby-trapped site of the Polish Financial Supervision Authority are just one piece of a larger puzzle, …
Simple Gmail spoofing leaves users open to targeted attacks
Gmail shows no warning as it delivers legitimate-looking spoofed emails seemingly coming from an existing Gmail.com address, even though they come from a non-Gmail server. …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD