Serious DoS Flaw Impacts Several Yokogawa Products

Yokogawa products impacted by CVE-2018-16196
A serious denial-of-service (DoS) vulnerability impacts several industrial automation products from Japanese electrical engineering and software company Yokogawa Electric. The flaw exists in the Open Communication Driver for Vnet/IP, a...
Continue reading
0 Comments

Ransomware Attack Against Hosting Provider Confirms MSPs Are Prime Targets

Dataresolution.net, a cloud hosting provider headquartered in San Juan Capistrano, CA and with data centers in Los Angeles CA, Reston VA, London UK, Hamilton Bermuda, and Canada, was infected with...
Continue reading
0 Comments

The Latest Threats to ATM Security

Attacks against automated teller machines (ATMs) are nothing new, for obvious reasons. They are a perfect target for both conventional thieves and hackers, standing at the intersection of physical theft...
Continue reading
0 Comments

Vulnerability in Skype for Android Exposes User Data

A vulnerability in Skype for Android allows an unauthenticated attacker to view photos and contacts, and even open links in the browser, a security researcher has discovered. Found by Florian...
Continue reading
0 Comments

Massive Data Leak Targets German Officials Including Merkel

Hundreds of German politicians, including Chancellor Angela Merkel, have fallen victim to a massive online leak of private data, the government said Friday. "Personal data and documents belonging to hundreds...
Continue reading
0 Comments

Multiple Vulnerabilities Patched in CleanMyMac Utility

Recently addressed vulnerabilities in the popular macOS cleanup application CleanMyMac X could allow attackers to modify the file system as root, Cisco Talos security researchers reveal. Created by MacPaw, CleanMyMac...
Continue reading
0 Comments

Two Critical Flaws Patched in Adobe Acrobat, Reader

Adobe’s first round of security updates for 2019 resolve two critical vulnerabilities in the company’s Acrobat and Reader products, but administrators should not be too concerned about the flaws being...
Continue reading
0 Comments

Blur Exposes Information of 2.4 Million Users

Roughly 2.4 million Blur users had their information exposed online as a result of a misconfigured AWS S3 bucket, the application’s developer, online privacy company Abine, revealed this week. Blur...
Continue reading
0 Comments

Website of Dublin Tram System Hacked

Luas website hacked
Luas hacked
The website of Luas, the tram system in Dublin, Ireland, was hacked on Thursday by an individual claiming to have also gained access to information stored on the organization’s systems....
Continue reading
0 Comments

Confirmation Bias and the Importance of a Second Opinion

Security Organizations Should Remember to Seek a Second Opinion, Which Can Bring Bias to Light According to Wikipedia, “Confirmation bias, also called confirmatory bias or myside bias, is the tendency...
Continue reading
0 Comments

New Crypto-Mining Attacks Leverage NSA-Linked EternalBlue Exploit

A new version of the NRSMiner is actively spreading in the southern region of Asia. The majority of detections (54%) have been found in Vietnam, followed by Iran (16%) and...
Continue reading
0 Comments

Hackers Attempt to Sell Stolen 9/11 Documents

A group of hackers is claiming to be offering for sale a large number of confidential documents related to the September 11 terrorist attacks.  The hacking group, which is known...
Continue reading
0 Comments

Top 5 Security Trends That Will Continue in 2019

At this time of year “what’s in, what’s out” lists proliferate and for many of us, they can be overwhelming. Just when you’ve adjusted to the latest food or fitness...
Continue reading
0 Comments

Multicloud + IoT: Securing IoT Applications in Diverse, Distributed Environments

IoT and Network Threats are Not One-dimensional It’s not just the consumer market driving the rapid proliferation of connected gadgets. The latest connected toys and appliances might be the most...
Continue reading
0 Comments

ICS Security Experts Share Tales From the Trenches

Interesting ICS security stories
SecurityWeek has reached out to several companies that offer products and solutions designed for protecting industrial control systems (ICS) against cyber threats and asked their experts to share some interesting...
Continue reading
0 Comments

New Protocol Authenticates USB Type-C Chargers, Devices

New USB Type-C Authentication specification launched
The USB Implementers Forum (USB-IF) on Wednesday announced the launch of the USB Type-C Authentication Program, which aims to protect host systems against non-compliant chargers and potentially malicious devices. The...
Continue reading
0 Comments

Vulnerability in Chrome for Android Patched Three Years After Disclosure

A vulnerabilitiy recently patched by Google in Chrome for Android was an information disclosure bug that was originally reported in 2015, but not patched until the release of  Chrome 70  in...
Continue reading
0 Comments

Security Concerns Prompt Closing of Dividend Applications

ANCHORAGE, Alaska (AP) — Alaska revenue officials shut down online applications for annual oil wealth checks after personal information of other users popped up on applicants' computer screens. The private...
Continue reading
0 Comments

Inside PolySwarm's Decentralized Threat Intelligence Marketplace

Decentralized threat intelligence marketplace
New Threat Detection Marketplace Connects AV Companies and Enterprises to Improve Protection Coverage Against New Threats Stable version 1.0 of PolySwarm has been reached, and will be announced within the...
Continue reading
0 Comments

Automated System Bypasses Google reCAPTCHA Again

The unCaptcha automated system can once again bypass Google’s reCAPTCHA challenges, despite major updates to the security service. The unCaptcha system was created in April 2017 to target Google’s reCAPTCHA...
Continue reading
0 Comments