News

  • UK Government Brexit App Riddled with Security Issues
    on November 15, 2019 at 9:45 am

    EU citizens at risk from shoddy Home Office coding […]

  • A new sophisticated JavaScript Skimmer dubbed Pipka used in the wild
    by Pierluigi Paganini on November 15, 2019 at 8:17 am

    Visa Payment Fraud Disruption warns of a new JavaScript skimmer dubbed Pipka used to siphon payment data from e-commerce merchant websites. Visa Payment Fraud Disruption warns of a new JavaScript skimmer dubbed Pipka that was used by crooks to steal payment data from e-commerce merchant websites. Experts discovered the Pipka while investigating an e-commerce website […] The post A new sophisticated JavaScript Skimmer dubbed Pipka used in the wild appeared first on Security Affairs. […]

  • Web payment card skimmers add anti-forensics capabilities
    by Lucian Constantin on November 14, 2019 at 9:21 pm

    Researchers have detected compromises on ecommerce sites with a new JavaScript-based payment card skimmer that uses anti-forensics techniques, including the ability to remove itself from the web page’s code after execution. Dubbed Pipka, the malicious script was found by researchers from Visa’s Payment Fraud Disruption (PFD) team on the site of a North American merchant that had been previously infected with a different skimmer called Inter. Further investigation uncovered another 16 online merchant sites infected with Pipka.[ Get inside the mind of a hacker, learn their motives and their malware. | Sign up for CSO newsletters! ]To read this article in full, please click her […]

  • Experts found privilege escalation issue in Symantec Endpoint Protection
    by Pierluigi Paganini on November 14, 2019 at 8:33 pm

    Symantec addressed a local privilege escalation flaw that affects all Symantec Endpoint Protection client versions prior to 14.2 RU2. Symantec addressed a local privilege escalation flaw, tracked as CVE-2019-12758, that affects all Symantec Endpoint Protection client versions prior to 14.2 RU2. The vulnerability could be exploited by attackers to escalate privileges on target devices and carry out malicious actions, including the […] The post Experts found privilege escalation issue in Symantec Endpoint Protection appeared first on Security Affairs. […]

  • Capture the Flag Competition Aims to Trace Missing Persons
    on November 14, 2019 at 6:58 pm

    Cyber professionals challenged to find new leads in missing persons cases […]

  • Boom in Lookalike Retail Domains
    on November 14, 2019 at 6:40 pm

    Growth of lookalike domains has more than doubled since 2018 […]

  • Apple Employee Texts Himself Customer's Nude
    on November 14, 2019 at 4:36 pm

    Woman issues warning after intimate photo stolen by Apple store employ […]

  • Flaws in Qualcomm chips allows stealing private from devices
    by Pierluigi Paganini on November 14, 2019 at 2:40 pm

    Security vulnerabilities in Qualcomm allow attackers to steal private data from hundreds of million millions of devices, especially Android smartphones. Security experts from Check Point have discovered security flaws in Qualcomm that could be exploited attackers to steal private data from the so-called TrustZone. The TrustZone is a security extension integrated by ARM into the […] The post Flaws in Qualcomm chips allows stealing private from devices appeared first on Security Affairs. […]

  • U.S. Vets Targeted by Foreign Actors Aiming to Sway Elections, Experts Tell Congress
    by Patrick Tucker, Defense One on November 14, 2019 at 2:39 pm

    Actors from Russia, Ukraine, Bulgaria, Macedonia, and elsewhere gain access to online forums by impersonating vets they find onlin […]

  • The CSO guide to top security conferences, 2019
    by CSO staff on November 14, 2019 at 1:04 pm

    There is nothing like attending a face-to-face event for career networking and knowledge gathering, and we don’t have to tell you how helpful it can be to get a hands-on demo of a new tool or to have your questions answered by experts.Fortunately, plenty of great conferences are coming up in the months ahead.If keeping abreast of security trends and evolving threats is critical to your job — and we know it is — then attending some top-notch security conferences is on your must-do list for 2019 and 2020.From major events to those that are more narrowly focused, this list from the editors of CSO, will help you find the security conferences that matter the most to you.To read this article in full, please click her […]