Security researchers at CRITIFENCE cyber security labs publicly announced this morning (November 1, 2016) major cyber security vulnerabilities affecting one of the worldâs largest manufacturers of SCADA and Industrial Control Systems, Schneider Electric. Â The zero-day vulnerabilities dubbed PanelShock, found earlier this year by Eran Goldstein, CTO and Founder of CRITIFENCE, a leading Critical Infrastructure, […]
A former employee of the Office of the Comptroller of the Currency downloaded 10,000 records onto thumb drives before his retirement in November 2015. On Friday, the USÂ banking regulator told Congress about a potential “major information security incident” after it discovered that a former employee has downloaded a large number of files onto thumb drives […]
The ShadowBrokers hacker group leaked a fresh dump containing a list of servers that were hacked by the NSA-linked group known as Equation Group. The notorious Shadow Brokers hacker group has posted a fresh dump containing a list of servers that were hacked by the NSA-linked group known as Equation Group. The hackers disclosed the […]
AT&T has been data-mining and willingly sharing user phone data, through its âHemisphereâ Project, which is essentially a mass surveillance program. The NSA may be the well-known governmental entity notorious for conducting spy surveillance of its citizens and its massive record retention program, but the private sector is also capitalizing on such opportunities. AT&T, a […]
The Chinese APT Lotus Blossom is trying to lure victims with fake invitations to Palo Alto Networksâ upcoming Cybersecurity Summit. The Chinese APT Lotus Blossom, also known as Elise and Esile, is behind a new cyber espionage campaign that is trying to lure victims with fake invitations to Palo Alto Networksâ upcoming Cybersecurity Summit. With this […]
Experts from the firm Sucuri observed a spike in the number of attacks in less than 24 hours after Joomla released patches for two critical flaws. On October 25, Joomla released the version 3.6.4 to fix two high severity vulnerabilities, CVE-2016-8870, and CVE-2016-8869. The first flaw, tracked as CVE-2016-8870, could be exploited by attackers to create user accounts even if […]
An 18-year-old man from Arizona, Meetkumar Hiteshbhai Desai, was arrested this week because he is suspected for the severe disruption of 911 service. A few weeks ago, a group of researchers from Ben-Gurion University of the Negev’s Cyber-Security Research Center demonstrated how it is possible to significantly disrupt the US’ 911 emergency call system. An attacker […]
Authorities identified a man in Florida that powered spamming campaigns abusing an army of corporate servers and private email accounts. Spam is still a profitable business for crooks and to give you an idea of how the cyber criminals work let share with you the story of the leader of a spamming gang. Timothy Livingston (31), […]
According to a study published by the independent anti-virus testing outfit AV-TEST, the number of malicious search engine results has been increasing. The vast majority of the Internet users blindly trust data provided in response to their queries to the search engines. Actually, search engine results are increasingly poisoned with malicious links, the experts noticed a […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. First of all, let me inform you that at the #infosec16 SecurityAffairs was awarded as The Best European Personal Security Blog http://securityaffairs.co/wordpress/48202/breaking-news/securityaffairs-best-european-personal-security-blog.html THANK YOU! Linux.BackDoor.FakeFile.1, a new Linux backdoor in the wild American hacker The Jester defaced a Russian […]