News

  • Trojanized Tor Browser targets shoppers of Darknet black marketplaces
    by Pierluigi Paganini on October 18, 2019 at 2:40 pm

    A tainted version of the Tor Browser is targeting dark web market shoppers to steal their cryptocurrency and gather information on their browsing activity. A Trojanized version of the Tor Browser is targeting shoppers of black marketplaces in the dark web, threat actors aim to steal their cryptocurrency and gather information on their browsing activity. […] The post Trojanized Tor Browser targets shoppers of Darknet black marketplaces appeared first on Security Affairs. […]

  • China-linked cyberspies Turbine PANDA targeted aerospace firms for years
    by Pierluigi Paganini on October 18, 2019 at 12:34 pm

    Security firm revealed that China-linked APT group Turbine Panda conducted cyber-espionage operations aimed at various aerospace firms for years. Security researchers at Crowdstrike conducted long-running cyber-espionage operations aimed at various aerospace firms. According to the experts the cyber espionage operations begun in January 2010, after the state-owned enterprise Commercial Aircraft Corporation of China (COMAC) selected […] The post China-linked cyberspies Turbine PANDA targeted aerospace firms for years appeared first on Security Affairs. […]

  • Pitney Bowes revealed that its systems were infected with Ryuk Ransomware
    by Pierluigi Paganini on October 18, 2019 at 10:23 am

    The global shipping and mailing services company Pitney Bowes revealed that the recent partial outage was caused by the Ryuk ransomware. The global shipping and mailing services company Pitney Bowes recently suffered a partial outage of its service caused by a ransomware attack. Pitney Bowes is a global technology company that provides commerce solutions in the […] The post Pitney Bowes revealed that its systems were infected with Ryuk Ransomware appeared first on Security Affairs. […]

  • UK Government Announces Major New Cybersecurity Partnerships
    on October 18, 2019 at 9:26 am

    Projects with Arm, Toshiba and others on the way […]

  • New US Privacy Bill Would Intro Jail Time for CEOs
    on October 18, 2019 at 9:05 am

    Ron Wyden wants companies to mind their own business […]

  • Researcher released PoC exploit code for CVE-2019-2215 Android zero-day flaw
    by Pierluigi Paganini on October 18, 2019 at 8:56 am

    A researcher has published a proof-of-concept (PoC) exploit code for the CVE-2019-2215 zero-day flaw in Android recently addressed by Google Earlier October, Google Project Zero researchers Maddie Stone publicly disclosed a zero-day vulnerability, tracked as CVE-2019-2215, in Android. According to the expert, the bug was allegedly being used or sold by the controversial surveillance firm NSO […] The post Researcher released PoC exploit code for CVE-2019-2215 Android zero-day flaw appeared first on Security Affairs. […]

  • DNC Russian Hacking Group Makes a Comeback
    on October 18, 2019 at 8:33 am

    ESET reveals Operation Ghost […]

  • When and how to write a GDPR DPIA
    by Dan Swinhoe on October 17, 2019 at 10:00 pm

    The EU’s General Data Protection Regulation (GDPR) legislation isn’t meant to be a mere compliance checklist. Unlike some other data-related regulations, there isn’t a simple list of processes and technologies you can install to be compliant. And just because you were compliant on May 25, 2018, doesn’t mean you are still compliant now.To read this article in full, please click here(Insider Story) […]

  • Cryptocurrency miners infected more than 50% of the European airport workstations
    by Pierluigi Paganini on October 17, 2019 at 7:38 pm

    Researchers at Cyberbit spotted a crypto mining campaign that infected more than 50% of the European airport workstations.  Security experts at Cyberbit have uncovered a crypto mining campaign that infected more than 50% of the European airport workstations.  European airport systems were infected with a Monero cryptocurrency miner that was linked to the Anti-CoinMiner campaign discovered this […] The post Cryptocurrency miners infected more than 50% of the European airport workstations appeared first on Security Affairs. […]

  • IDG Contributor Network: 4 key vendor contracting pitfalls
    by Michael R. Overly on October 17, 2019 at 6:45 pm

    When it comes to information security, all too often when entering into contracts with vendors and suppliers, the entire focus is on “show us your audit reports and security policy.” Don’t get me wrong, that information is clearly of great importance to assessing the overall security posture of the vendor. The problem is that the content of those reports and policy are of little value without real vendor responsibility if the vendor fails to comply with them, suffers a breach, mishandles its systems and data, etc.There are four key pitfalls in vendor contracting. Unless those pitfalls are avoided, a vendor can have the absolute best security documents in the industry and still present material risk to its customers. The pitfalls identified below represent lessons learned in hundreds of transactions. In addition, they are the types of items regulators routinely identify as problematic in vendor contracts. For these reasons, when negotiating vendor agreements, don’t fall victim to these pitfalls.To read this article in full, please click her […]