Category Archives: week in review

Here’s an overview of some of last week’s most interesting news and articles: Black Hat USA 2016 Want to learn the news from Black Hat USA 2016? Get is all from our dedicated coverage page. QRLJacking: A new attack vector for hijacking online accounts We all know that scanning random QR codes is a risky proposition, but a newly detailed social engineering attack vector dubbed QRLJacking adds another risk layer to their use. 36000 SAP … More → Continue reading Week in review: Black Hat USA 2016 coverage, QRLJacking, exposed SAP systems→

Here’s an overview of some of last week’s most interesting news, reviews and articles: Industry collaborates on automotive cybersecurity best practices More than 50 automotive cybersecurity experts from around the world have participated in the development of these best practices to advance automotive cybersecurity capabilities. The effort began in early 2016 when the 15 automaker members of the Auto-ISAC formed a working group to examine all cybersecurity aspects of the motor vehicle ecosystem. SpyNote Android … More → Continue reading Week in review: Snooping Tor nodes, Wi-Fi keyboards open to keystroke sniffing→

Here’s an overview of some of last week’s most interesting news and articles: Preparing for new EU cybersecurity rules and regulations The Network and Information Security (NIS) Directive spells the end of more than three years of political bickering and requires critical national infrastructure operators, such as banks, healthcare, transportation, energy and digital service providers, to ramp up their security measures and report major data breaches. Three topics everyone will be talking about at Black … More → Continue reading Week in review: Pokémon GO, flawed code hooking engines, Ubuntu Forums hacked again→

Here’s an overview of some of last week’s most interesting news and articles: Researchers create effective anti-ransomware solution Are you willing to sacrifice a dozen or so of your files in order to save the rest from the grasping hands of modern crypto-ransomware? Keys to successful security vendor collaboration There are some important considerations for vendors looking to collaborate, which also reflect some of the characteristics of collaboration that end users should be looking for … More → Continue reading Week in review: Anti-ransomware, Pokémon GO dangers, and a new anonymity system→

Here’s an overview of some of last week’s most interesting news, reviews and articles: TP-LINK loses control of two device configuration domains Security researcher Amitay Dan warns that tplinklogin.net, a domain through which TP-LINK router owners can configure their devices, is no longer owned by the company, and that this fact could be misused by malware peddlers. Review: Linux Server Security Linux Server Security is a short book that will come handy and should be … More → Continue reading Week in review: Mac malware boom, TP-LINK loses control of configuration domains→

Here’s an overview of some of last week’s most interesting news and articles: Exfiltrating data from air-gapped computers by modulating fan speed For the last few years, researchers from Ben-Gurion University of the Negev have been testing up new ways to exfiltrate data from air-gapped computers: via mobile phones, using radio frequencies (“AirHopper”); using heat (“BitWhisper”), using rogue software (“GSMem”) that modulates and transmits electromagnetic signals at cellular frequencies. The latest version of the data-exfiltration … More → Continue reading Week in review: Hackers targeting healthcare, new issue of (IN)SECURE,→

Here’s an overview of some of last week’s most interesting news and articles: Ransomware targets Android smart TVs If you own a Sharp and Philips smart TV running the Android TV OS, you should know that it could be hit by FLocker, a device-locking ransomware that targets both Android-powered mobile devices and smart TVs. 50% of ads on free livestreaming websites are malicious Many users of free livestreaming websites may be aware that the video … More → Continue reading Week in review: Smart TV ransomware, DNC hack, and DAO under attack→

Here’s an overview of some of last week’s most interesting news and articles: Researchers hack the Mitsubishi Outlander SUV, shut off alarm remotely Mitsubishi Outlander, a popular hybrid SUV sold around the world, can be easily broken into by attackers exploiting security weaknesses in the setup that allows the car to be remotely controlled via an app. University pays $20,000 in ransomware attack The ransomware plague has hit the University of Calgary, and the academic … More → Continue reading Week in review: Mitsubishi Outlander hack, Mozilla funds open source code audits→

Here’s an overview of some of last week’s most interesting news, reviews and articles: ICS-focused IRONGATE malware has some interesting tricks up its sleeve FireEye researchers discovered a malware family that’s obviously meant to target ICS systems, but found no evidence that it was ever used in the wild. What 17 years as an infosec trainer have taught me July 2016 shall see Saumil Shah complete 17 years in the infosec training circuit. It has … More → Continue reading Week in review: Windows 0day for sale, and lessons learned from 17 years as an infosec trainer→

Here’s an overview of some of last week’s most interesting news and articles: Faulty TLS implementation opens VISA sites, users to attack A group of researchers has discovered 184 HTTPS servers that are wide open to attackers looking to inject seemingly valid content into encrypted sessions. Some of these servers belong to the credit card company VISA, the Polish banking association ZBP, and the German stock exchange. Review: ProtonMail ProtonMail is an email service developed … More → Continue reading Week in review: API security, keyloggers disguised as USB device chargers, online tracking→