What is a “zero-day,” exactly? In information security, occasionally there is a brand new cybersecurity vulnerability or exploit in the news, and the reporter calls it a “zero-day” exploit. What are they talking about. This is a concept similar to “patient zero” in medical epidemiology. This is where the bad thing started to happen.
A zero-day vulnerability is a flaw ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.Under the overarching theme of ‘Own IT. Secure IT. Protect IT.’, the 16th annual National Cybersecurity Awareness Month (NCSAM) ...
Continue Reading →
Another guest post by Tony Chiappetta of CHIPS
Agent Smith is frightening Google Android users around the world. This malware has replaced legitimate apps with malicious versions on 25 million Android devices. Here is what you need to know.
Around 25 million Google Android devices have been infected with a new variant of mobile malware. Once ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Original release date: September 8, 2019
U.S. Cyber Command has released 11 malware samples to the malware aggregation tool and repository, VirusTotal. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review U.S. Cyber Command’s VirusTotal page to view the samples. CISA also ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Equifictitious sites popped up within days of Equifax agreeing to pay up to $700m to settle claims over the 2017 data breach.
Original release date: July 18, 2019
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Russia has been hijacking signals sent by Global Navigation Satellite Systems (GNSS) systems such as GPS, researchers claim.
1,600 guests were filmed with hidden webcams that live-streamed the action. The site also sold videos.
A quick Saturday digest of cybersecurity news articles from other sources.From the Electric Frontier Foundation (EFF). Do you like what has happened to your cable and Internet service? In December 2017, the FCC voted to roll back the 2015 Open Internet Order, giving Internet service providers (ISPs) free reign to engage in unfair and discriminatory data practices. That decision ...
Continue Reading →
Lately there have been a spate of incidents involving smartphone apps for the iPhone and Android phones that were discovered to be malicious in various ways. The important commonality in these revelations was that cyber-criminals had actually modified legitimate apps by hijacking several developer’s credentials, including their “Developer Certificate.” The developer key provides a digital signature that validates the app as being the ...
Trojan horse, backdoor, and spyware exploits are back with a vengeance, according to a recent report by cybersecurity firm Malwarebytes. These exploits may seem like old and out-of-date attack vectors, but these tools have been updated and revamped, and are appearing at an alarming rate. Last year, Trojan horse deployments increased by 132%, backdoors increased by 173%, and spyware exploits increased 142%.
Crypto-ransomware and crypto-jacking exploits have been the hot and sexy ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.10/12/2018 06:37 PM EDT Original release date: October 12, 2018
The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Continue Reading →