Research presented at DEF CON shows that attackers can hijack Wi-Fi and Bluetooth-connected speakers to produce damaging sounds. Sound can be damaging to physical health — even lethal. And a hacker can generate sounds that can do damage through common Wi-Fi- and Bluetooth-connected devices, according to a research presentation at DEF CON 27. Matt Wixey,
The dependency trees of modern software-development make smaller open-source projects vulnerable to hackers sabotaging code. The open source software that the vast majority of organizations include in their critical applications is vulnerable to exploitation from threat actors taking part in its creation. That’s the message from security professionals who point to the nature of open
Cyber thieves aren’t bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered. The approach was simple, a combination email scam and social engineering phone call. All it took was a call to St. Ambrose Catholic Parish, claiming to be Marous Brothers Construction,
Companies promising the safe return of data sans ransom payment secretly pass Bitcoin to attackers and charge clients added fees. A new report sheds light on the practices of two US data recovery firms, Proven Data Recovery and MonsterCloud, both of which paid ransomware attackers and charged victims extra fees. ProPublica researchers were able to
Research shows time to discovery and containment of breaches slowly shrinking, but attackers don’t need a very big window to do a lot of damage.
It’s breach report season and one of the prevailing trends uncovered by security researchers is that organizations are ever-so-slowly improving the window between when a compromise occurs and when it
Financial services firms saw upticks in credential leaks and credit card compromise as cybercriminals go where the money is. More than one-quarter of all malware attacks target the financial services sector, which has seen dramatic spikes in credential theft, compromised credit cards, and malicious mobile apps as cybercriminals seek new ways to generate illicit profits.
The permissions iOS apps request from users can turn the devices into spy tools and provide a toehold into the enterprise network, according to new research. In many ways, the era of the smartphone is defined by apps, which do everything from sending messages to tracking our exercise. New research shows how Apple iOS apps come
More than 900 colleges and universities use Slate, owned by Technolutions, to collect and manage information on applicants. As if applying to college wasn’t nerve-wracking enough: Last week hackers broke into a system that houses prospective students’ application data, then promised students access to their files — for the price of a single Bitcoin. More
New data from CrowdStrike’s incident investigations in 2018 uncover just how quickly nation-state hackers from Russia, North Korea, China, and Iran pivot from patient zero in a target organization. It takes Russian nation-state hackers just shy of 19 minutes to spread beyond their initial victims in an organization’s network – yet another sign of how
A “very realistic-looking” login prompt is designed to capture users’ Facebook credentials, researchers report. A recently spotted phishing campaign is seemingly intended to steal victims’ Facebook login credentials with a fake pop-up prompt designed to look like a legitimate login portal. Researchers with Myki, a password management company, were alerted to the threat when users