Google Removes Inline Installation of Chrome Extensions

Google this week detailed plans to completely remove the inline installation of Chrome extensions from its web browser by the end of the year. Introduced in 2011, inline installation was...
Continue reading
0 Comments

SAP Releases Critical Updates for Two Security Notes

Of the ten Security Notes in SAP’s June 2018 Security Patch Day, five were updates for previously released Notes, including two rated Hot News (Critical severity). Impacting SAP Business Client...
Continue reading
0 Comments

DHS HART Biometric Database Raises Security, Civil Liberties Concerns

Protecting the DHS HART National Biometric Database Against Theft and Abuse
In February 2018, Northrop Grumman Corporation announced that it had been awarded a $95 million contract to develop increments one and two of the Department of Homeland Security (DHS) Homeland...
Continue reading
0 Comments

Australia Agrees Solomons Internet Cable After China Concern

Australia will help fund and build an underseas communications cable to the Solomon Islands, it was agreed Wednesday, after the Pacific nation was convinced to drop a contract with Chinese...
Continue reading
0 Comments

Microsoft Releases Mitigations for Spectre-Like 'Variant 4' Attack

Updates released by Microsoft on Tuesday for its Windows operating system add support for a feature that should prevent attacks involving the recently disclosed speculative execution vulnerability known as “Variant...
Continue reading
0 Comments

Microsoft Patches 11 Critical RCE Flaws in Windows, Browsers

Microsoft’s Patch Tuesday updates for June 2018 address a total of 50 vulnerabilities, including nearly a dozen critical remote code execution flaws affecting Windows and the company’s Edge and Internet...
Continue reading
0 Comments

New 'PyRoMineIoT' Malware Spreads via NSA-Linked Exploit

A recently discovered piece of crypto-currency miner malware isn’t only abusing a National Security Agency-linked remote code execution exploit to spread, but also abuses infected machines to scan for vulnerable...
Continue reading
0 Comments

$175 Million in Monero Mined via Malicious Programs: Report

The popularity of crypto-currency malware has been skyrocketing over the past year, and the segment appears to have been highly lucrative for cybercriminals, a new Palo Alto Networks report reveals....
Continue reading
0 Comments

Code Signing Flaw Affects all Mac OS Versions Since 2005

Okta Rex (Research and Exploitation) researcher Josh Pitts has discovered a method of exploiting the code signing mechanism in MacOS. If exploited, the flaw could allow malicious untrusted code to...
Continue reading
0 Comments

Crestron Patches Command Injection Flaw in DGE-100 Controller

Critical vulnerability in Crestron DGE-100
Crestron recently addressed a command injection vulnerability in the console service preinstalled on the Digital Graphics Engine 100 (DGE-100) and other hardware controllers made by the company. Tracked as CVE-2018-5553,...
Continue reading
0 Comments

North Korean Hackers Abuse ActiveX in Recent Attacks

An ActiveX zero-day vulnerability discovered recently on the website of a South Korean think tank focused on national security has been abused by the North Korean-linked Lazarus group in attacks,...
Continue reading
0 Comments

Splunk to Acquire DevOps Alert Firm VictorOps for $120 Million

Machine data solutions firm Splunk announced Monday that it has agreed the acquisition of alert management start-up VictorOps for approximately $120 million. The acquisition is expected to close during Splunk's...
Continue reading
0 Comments

Vietnam MPs Approve Sweeping Cyber Security Law

Vietnamese lawmakers on Tuesday approved a sweeping cyber security law which could compel Facebook and Google to take down critical posts within 24 hours, as space for debate is crushed...
Continue reading
0 Comments

Security Vulnerabilities: A Threat to Automotive Innovation

The pace of innovation within the automotive industry has been breath-taking. Only ten years ago, the very concept of self-driving cars and heavy goods vehicles was still regarded as far-fetched...
Continue reading
0 Comments

Chip and No Signature: What's Behind the Move?

Chip and No Signature: What's Behind the Move? Mastercard's Linda Kirkpatrick on the Decision to Ditch Signatures and Forgo a PIN Mandate) • June 11, 2018     10 Minutes   ...
Continue reading
0 Comments

Coinrail Cryptocurrency Exchange in South Korea Hacked

Coinrail Cryptocurrency Exchange in South Korea Hacked
Breach Notification , Cybercrime , Data Breach $50 Million Believed Stolen as Exchange Attacks Continue( euroinfosec ) • June 11, 2018    South Korean cryptocurrency exchange Coinrail's website (pictured) remains...
Continue reading
0 Comments

US Imposes More Russian Sanctions for Cyberattacks

US Imposes More Russian Sanctions for Cyberattacks
Cyberwarfare / Nation-state attacks , Fraud Management & Cybercrime Five Organizations, Three Individuals Cited for Assisting With 'Destabilizing Cyber Activities'( @nickster2407 ) • June 11, 2018     The U.S....
Continue reading
0 Comments

74 Arrests in Business Email Compromise Takedown

74 Arrests in Business Email Compromise Takedown
Business Email Compromise (BEC) , Fraud Management & Cybercrime 'Operation Wire Wire' a Six-Month, Worldwide Law Enforcement Operation( ismg_editor ) ,( @nickster2407 ) • June 11, 2018     A...
Continue reading
0 Comments

VMware Patches Code Execution Flaw in AirWatch Agent

VMware has addressed a critical remote code execution vulnerability in the AirWatch Agent applications for Android and Windows Mobile. The VMware Workspace ONE platform, which is powered by AirWatch unified...
Continue reading
0 Comments

74 Arrested in International Operation Targeting BEC Scams

A total of 74 individuals have been arrested as part of an international law enforcement operation targeting business email compromise (BEC) scams, U.S. authorities announced on Monday. Forty-two people have...
Continue reading
0 Comments