News

  • Critical unfixed flaws affect ABB Safety PLC Gateways
    by Pierluigi Paganini on December 18, 2018 at 9:34 pm

    Researchers at Applied Risk discovered serious flaws in some PLC gateways manufactured by industrial tech company ABB. Security experts at Applied Risk are affected by potentially serious flaws and the bad news is that the vendor will not release firmware updates because the impacted products have reached the end of life. The security firm published a security advisory that […] The post Critical unfixed flaws affect ABB Safety PLC Gateways appeared first on Security Affairs. […]

  • Malware controlled through commands hidden in memes posted on Twitter
    by Pierluigi Paganini on December 18, 2018 at 4:21 pm

    New Malware Takes Commands From Memes Posted On Twitter Security researchers at Trend Micro have spotted a new strain of malware that retrieved commands from memes posted on a Twitter account controlled by the attackers. In this way, attackers make it hard to detect traffic associated with the malware that is this case appears as legitimate […] The post Malware controlled through commands hidden in memes posted on Twitter appeared first on Security Affairs. […]

  • Twitter bug may have been exploited by state-sponsored hackers
    by Ms. Smith on December 18, 2018 at 4:13 pm

    Twitter admitted to a bug in one of its support forum APIs that allowed cyber thugs to discover a Twitter user’s account phone number country code and if the account had been locked. It’s possible, Twitter said, that this might be tied to state-sponsored attacks. During our investigation, we noticed some unusual activity involving the affected customer support form API. Specifically, we observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia. While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors.To read this article in full, please click her […]

  • BrandPost: Securing the Industrial Internet of Things in OT Networks
    by Brand Post on December 18, 2018 at 2:15 pm

    In many organizations, traditional IT and critical Operational Technology (OT) networks are being merged to take advantage of the speed and efficiency of today’s digital marketplace. Typical OT networks are comprised of switches, monitors, sensors, valves, and manufacturing devices managed by an ICS system through remote terminal units (RTUs) and programmable logic controllers (PLCs) over a serial or IP connection. Since these systems manage sensitive and sometimes dangerous environments, they demand safe and continuous operation. To achieve that, they have traditionally tended to be air-gapped from the IT network to avoid the sorts of intermittent network or device crashes that IT systems can tolerate.To read this article in full, please click her […]

  • PewDiePie Hackers Deface Wall Street Journal
    on December 18, 2018 at 11:43 am

    Supporters continue with unconventional publicity campaign […]

  • Review: Continuous cybersecurity monitoring with CyCognito
    by John Breeden II on December 18, 2018 at 11:00 am

    Back in the early days of networking, a lot of effort went into hiring penetration testers who would come in and try to break security. They would then report on their findings, and, presumably, whatever flaws or vulnerabilities they discovered would get fixed before real attackers could come calling. Everybody did this, even the military, which dubbed its penetration testers “red teams.” An experienced red team could find all kinds of previously unknown threats.To read this article in full, please click here(Insider Story) […]

  • 13 data breach predictions for 2019
    by Michael Nadeau on December 18, 2018 at 11:00 am

    Data breaches are inevitable at any organization. But what form will those breaches take? How will the attackers gain access? What will they steal or damage? What motivates them to attempt the attacks? CSO has gathered predictions from industry experts about where, how and why cyber criminals will attempt to break into networks and steal data during the coming year.To read this article in full, please click here(Insider Story) […]

  • Twitter API Bug Exposes Users’ Country Codes
    on December 18, 2018 at 10:42 am

    Phone number info could allow governments to track dissidents […]

  • Met Slammed for Using Dodgy Facial Recognition Cameras
    on December 18, 2018 at 10:09 am

    Cameras are 100% inaccurate, claims rights grou […]

  • Twitter uncovered a possible nation-state attack
    by Pierluigi Paganini on December 18, 2018 at 10:08 am

    Twitter discovered a possible nation-state attack while it was investigating an information disclosure flaw affecting its platform. Experts at Twitter discovered a possible state-sponsored attack while they were investigating an information disclosure vulnerability affecting its support forms. The experts discovered that the attack was launched from IP addresses that may be linked to nation-state actors. The flaw affected […] The post Twitter uncovered a possible nation-state attack appeared first on Security Affairs. […]