Three weeks after hijacking Facebook CEO Mark Zuckerberg's Twitter and Pinterest accounts, the mischievous OurMine hacking group appears to have briefly seized control of Google CEO Sundar Pichai's Quora account.
Three weeks after hijacking Facebook CEO Mark Zuckerberg's Twitter and Pinterest accounts, the mischievous OurMine hacking group appears to have briefly seized control of Google CEO Sundar Pichai's Quora account.
A hacker claims to have stolen close to 10 million patient records and is selling them for about US$820,000.
Over the weekend, the hacker, called thedarkoverlord, began posting the sale of the records on TheRealDeal, a black market found on the deep Web. (It can be visited through a Tor browser.)
It's 2016, and Microsoft Office macros are still a viable infection vector: security outfit Avanan says it's spotted a week-long, large-scale malware attack against Office 365 users.
The campaign began on June 22, and Microsoft started blocking the malicious attachment on June 23.
Avanan says the attackers tried to send messages to 57 per cent of the organisations on its security platform using Office 365. Users were sent an Office document that invoked the malware via macros.
Attackers have popped three prominent US hospitals, using deliberately ancient malware so old that it slips under the radar of modern security controls to compromise Windows XP boxes and gain network beacheads.
The attacks were foiled using deceptive honeypot-style frameworks, according to California-based TrapX.
Hospitals were attacked between late 2015 and early this year, potentially compromising medical systems such as x-ray machines, and fluoroscopy radiology systems.
Black hats hack for espionage, crime, and disruption. White hats hack to defend, digging up security vulnerabilities so that they can be fixed. And then there are the confusing ones: hackers whose black hats are covered in the thinnest coat of white paint, or so patchwork that even they don’t seem to remember which color they’re wearing.
Researchers have encountered a denial-of-service botnet that's made up of more than 25,000 Internet-connected closed circuit TV devices.
An Islamic State (Isis)-affiliated hacker group called the Caliphate Cyber Army (CCA)has released a new "kill list" on social media, with names, addresses and emails of over 4,000 people from across the globe. While almost half of the names in the list are of Americans, residents of the UK, France, Canada and India have also reportedly made it to the list.
An unpatched remote code execution hole has been publicly disclosed in the popular Swagger API framework, putting users at risk.
The client and server hole (CVE-2016-5641) exists in code generators within the REST programming tool, also know as the OpenAPI Specification.
A module for the popular Metasploit hacking suite has been crafted making exploitation of the flaw easier. Application security researcher Scott Davis says an injectable parameters in Swagger JSON or YAML files allow remote code execution across NodeJS, PHP, Ruby, and Java.
LTE is a more advanced mobile network but not absolutely secure.
In this presentation, we will introduce a method which jointly exploits the vulnerabilities in tracking area update procedure, attach procedure, and RRC redirection procedure in LTE networks resulting in the ability to force a targeted LTE cellphone to downgrade into a malicious GSM network where an attacker can subsequently eavesdrop its voice calls and GPRS data.
In early May, Igor Kabina, a researcher with security firm ESET, noticed that the group behind the third most prevalent ransomware operation, TeslaCrypt, had seemingly taken a breather.
Following the April release of version 4 of their data-encryption malware, the group's development efforts had slowed. Wondering if the group was closing up shop, Kabina pretended to be a victim and used their support service to ask if they would release their master key.
