Industrial facilities should be on guard against drones. Even off-the-shelf versions of the unmanned aircraft could be used to disrupt sensitive systems.
On Wednesday, Jeff Melrose, a presenter at Black Hat 2016, showed how consumer drones could do more than just conduct aerial spying. The flying machines can also carry a transmitter to hack into a wireless keyboard or interfere with industrial controls, he said.
It’s not enough to place a fence around a building to keep intruders out, according to Melrose, who is a principal tech specialist at Yokogawa, an industrial controls provider. These days, some consumer drones can travel up to 3 miles (4.8 kilometers) or more.To read this article in full or to leave a comment, please click here
The threat of ransomware is becoming widespread among corporations, with almost half of U.S. businesses suffering an attack from the nasty form of malware recently, according to a new survey.Security firm Malwarebytes sponsored the study, which found in June that 41 percent of U.S. businesses had at least encountered between one to five ransomware attacks in the previous 12 months.Another 6 percent saw six or more attacks.The study surveyed corporations in the U.S., Canada, U.K. and Germany to gauge how ransomware affected their operations.
The malware, which can infect a computer and take the data hostage, can be bad for business. 34 percent of the victim corporations in the countries surveyed reported losing revenue because the ransomware had prevented access to important files.To read this article in full or to leave a comment, please click here
The threat of ransomware is becoming widespread among corporations, with almost half of U.S. businesses suffering an attack from the nasty form of malware recently, according to a new survey.Security firm Malwarebytes sponsored the study, which found in June that 41 percent of U.S. businesses had at least encountered between one to five ransomware attacks in the previous 12 months.Another 6 percent saw six or more attacks.The study surveyed corporations in the U.S., Canada, U.K. and Germany to gauge how ransomware affected their operations.
The malware, which can infect a computer and take the data hostage, can be bad for business. 34 percent of the victim corporations in the countries surveyed reported losing revenue because the ransomware had prevented access to important files.To read this article in full or to leave a comment, please click here
Yahoo users might want to reset their passwords. A hacker claims to have stolen the login information for 200 million Yahoo accounts and is selling them on the black market.
The stolen records are up for sale on TheRealDeal, a darknet marketplace that offers illegal goods. For 3 bitcoins, or US$1,824, anyone can buy them.
The hacker, known as peace_of_mind, has claimed to have previously sold login credentials for LinkedIn and Tumblr users.To read this article in full or to leave a comment, please click here
Yahoo users might want to reset their passwords. A hacker claims to have stolen the login information for 200 million Yahoo accounts and is selling them on the black market.
The stolen records are up for sale on TheRealDeal, a darknet marketplace that offers illegal goods. For 3 bitcoins, or US$1,824, anyone can buy them.
The hacker, known as peace_of_mind, has claimed to have previously sold login credentials for LinkedIn and Tumblr users.To read this article in full or to leave a comment, please click here
Yahoo users might want to reset their passwords. A hacker claims to have stolen the login information for 200 million Yahoo accounts and is selling them on the black market.The stolen records are up for sale on TheRealDeal, a darknet marketplace that offers illegal goods. For 3 bitcoins, or US$1,824, anyone can buy them.The hacker, known as peace_of_mind, has claimed to have previously sold login credentials for LinkedIn and Tumblr users.To read this article in full or to leave a comment, please click here
Yahoo users might want to reset their passwords. A hacker claims to have stolen the login information for 200 million Yahoo accounts and is selling them on the black market.The stolen records are up for sale on TheRealDeal, a darknet marketplace that offers illegal goods. For 3 bitcoins, or US$1,824, anyone can buy them.The hacker, known as peace_of_mind, has claimed to have previously sold login credentials for LinkedIn and Tumblr users.To read this article in full or to leave a comment, please click here
Interpol has arrested a top Nigerian email scammer who stole more than US$60 million by tricking businesses into handing over funds by posing as trusted suppliers.The 40-year-old Nigerian, known as “Mike,” is allegedly the leader of a criminal ring that targeted hundreds of victims across the world, Interpol said on Monday.He and at least 40 other individuals pulled off their scheme by allegedly pretending to be CEOs or suppliers using hacked email accounts of legitimate companies.The criminals then sent fake emails, asking the victims to wire funds or send payment to bank accounts under the scammers’ control.To read this article in full or to leave a comment, please click here
Interpol has arrested a top Nigerian email scammer who stole more than US$60 million by tricking businesses into handing over funds by posing as trusted suppliers.The 40-year-old Nigerian, known as “Mike,” is allegedly the leader of a criminal ring that targeted hundreds of victims across the world, Interpol said on Monday.He and at least 40 other individuals pulled off their scheme by allegedly pretending to be CEOs or suppliers using hacked email accounts of legitimate companies.The criminals then sent fake emails, asking the victims to wire funds or send payment to bank accounts under the scammers’ control.To read this article in full or to leave a comment, please click here
SwiftKey, a popular keyboard app, has suspended a syncing feature that may have leaked users’ emails to strangers.The problem has been popping up through the app’s prediction bar. A few users on Reddit have noticed that it’s been offering strange suggestions -- including emails they’ve never seen and foreign language terms they’ve never used.“And now, I'm getting someone else's German predictions,” wrote one user, who recently rooted a Samsung Galaxy S6 phone. “I have never typed German in my entire life.”The problem might be related to how SwiftKey collects data on the words and phrases users type. That data is then analyzed and used to predict the customer’s typing habits, including what emails they tend to enter -- only in this case those predictions are possibly being shared to others. To read this article in full or to leave a comment, please click here
SwiftKey, a popular keyboard app, has suspended a syncing feature that may have leaked users’ emails to strangers.The problem has been popping up through the app’s prediction bar. A few users on Reddit have noticed that it’s been offering strange suggestions -- including emails they’ve never seen and foreign language terms they’ve never used.“And now, I'm getting someone else's German predictions,” wrote one user, who recently rooted a Samsung Galaxy S6 phone. “I have never typed German in my entire life.”The problem might be related to how SwiftKey collects data on the words and phrases users type. That data is then analyzed and used to predict the customer’s typing habits, including what emails they tend to enter -- only in this case those predictions are possibly being shared to others. To read this article in full or to leave a comment, please click here
Donald Trump’s muddled stance on hacking has disturbed security experts at time when the tech industry is looking for clarity on the U.S.'s cyber policy.On Wednesday, the outspoken presidential candidate seemed to call on Russia to break into rival Hillary Clinton’s email system.“Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing,” Trump said, referring to emails Clinton had deleted from a private email server. On Thursday, he walked back his comment and said he was being sarcastic.To read this article in full or to leave a comment, please click here
Donald Trump’s muddled stance on hacking has disturbed security experts at time when the tech industry is looking for clarity on the U.S.'s cyber policy.On Wednesday, the outspoken presidential candidate seemed to call on Russia to break into rival Hillary Clinton’s email system.“Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing,” Trump said, referring to emails Clinton had deleted from a private email server. On Thursday, he walked back his comment and said he was being sarcastic.To read this article in full or to leave a comment, please click here
Even password manager LastPass can be fooled. A Google security researcher has found a way to remotely hijack the software.It works by first luring the user to a malicious site. The site will then exploit a flaw in a LastPass add-on for the Firefox browser, giving it control over the password management software.LastPass wrote about the vulnerability on Wednesday and said that a fix is already out for Firefox users.Google security research Tavis Ormandy first discovered the issue. When examining the password manager, he tweeted on Tuesday, "Are people really using this lastpass thing? I took a quick look and can see a bunch of obvious critical problems. I'll send a report asap."To read this article in full or to leave a comment, please click here
Even password manager LastPass can be fooled. A Google security researcher has found a way to remotely hijack the software.It works by first luring the user to a malicious site. The site will then exploit a flaw in a LastPass add-on for the Firefox browser, giving it control over the password management software.LastPass wrote about the vulnerability on Wednesday and said that a fix is already out for Firefox users.Google security research Tavis Ormandy first discovered the issue. When examining the password manager, he tweeted on Tuesday, "Are people really using this lastpass thing? I took a quick look and can see a bunch of obvious critical problems. I'll send a report asap."To read this article in full or to leave a comment, please click here
Faced with increasingly troubling attacks on its cyber infrastructure, the United States has outlined new measures intended to help it respond more effectively to attacks that might compromise public safety or its national security interests.On Tuesday, President Obama approved a directive that lays out how federal agencies will respond to “significant cyber incidents," with the FBI to be formally in charge of investigating.To read this article in full or to leave a comment, please click here
Faced with increasingly troubling attacks on its cyber infrastructure, the United States has outlined new measures intended to help it respond more effectively to attacks that might compromise public safety or its national security interests.On Tuesday, President Obama approved a directive that lays out how federal agencies will respond to “significant cyber incidents," with the FBI to be formally in charge of investigating.To read this article in full or to leave a comment, please click here
SMS messaging for two-factor authentication might become a thing of the past. A U.S. federal agency is discouraging its use.The National Institute of Standards and Technology is pushing for the change. Its latest draft of its Digital Authentication Guideline, updated on Monday, warns that SMS messages can be intercepted or redirected, making them vulnerable to hacking.Many companies, including Twitter, Facebook, and Google, as well as banks, already use the phone-based text messaging to add an extra layer of security to user accounts.It works like this: To access the accounts, the user not only needs the password, but also a secret code sent by the company by text message. Ideally, these one-time passcodes are sent to a designated phone number to ensure no one else will read them.To read this article in full or to leave a comment, please click here
SMS messaging for two-factor authentication might become a thing of the past. A U.S. federal agency is discouraging its use.The National Institute of Standards and Technology is pushing for the change. Its latest draft of its Digital Authentication Guideline, updated on Monday, warns that SMS messages can be intercepted or redirected, making them vulnerable to hacking.Many companies, including Twitter, Facebook, and Google, as well as banks, already use the phone-based text messaging to add an extra layer of security to user accounts.It works like this: To access the accounts, the user not only needs the password, but also a secret code sent by the company by text message. Ideally, these one-time passcodes are sent to a designated phone number to ensure no one else will read them.To read this article in full or to leave a comment, please click here
Security firm SentinelOne is confident it can beat any of today’s ransomware -- and is willing to put money behind that claim.
The company is offering a new service that will cover up to US$1 million in damages for any customers infected by ransomware.
SentinelOne is calling it the “Cyber Threat Guarantee” and treating it like an extended warranty that customers can buy starting Tuesday.
However, the company is convinced it won’t have to make any pay outs, said Jeremiah Grossman, its chief of security strategy. SentinelOne’s failure rate in stopping ransomware attacks is “way less than 1 percent,” he said in an interview.To read this article in full or to leave a comment, please click here
Michael Kan