Code trove wasn’t to blame: Uber didn’t have multifactor authentication on repos that included AWS credentials Uber’s confessed that it didn’t use multifactor authentication on its GitHub account, an omission ultimately led to the data breach it revealed in 2017 after keeping it secret for more than a year, after […]
0
1
US authorities have made arrests of several suspects they believe are behind the first ATM jackpotting incidents in the US. Law enforcement officials arrested four suspects last October and November, and apprehended another two at the end of last month, January 2018. Investigators believe these six men have infected ATMs […]
0
1
Researchers at Radware have discovered a new botnet that uses vulnerabilities linked with the Satori botnet and is leveraging the Grand Theft Auto videogame community to infect IoT devices. Satori is a derivative of Mirai, the notorious botnet that in 2016 infamously managed to take down Dyn, a DNS hosting […]
0
1
US authorities have charged two men with bank fraud after they allegedly used malware to jackpot ATMs and empty the machines of cash. Last week it emerged that the US Secret Service has been warning banks and ATM manufacturers that jackpotting has finally hit American shores. The scam usually sees […]
0
1
The FBI has issued an alert that scammers are now sending out phishing emails that purport to come from the agency’s Internet Crime Complaint Center (IC3). Having received “numerous victim complaints”, the FBI’s authority on internet scams has identified four different versions of the scam. In one of the variations, […]
0
1
Other problems for the Amazon Key technology, a hacker posted a video on Twitter to show how to access a locked door after a delivery worker’s one-time code has been used. Earlier in November, Amazon announced for its Prime members the Amazon Key, a program that would allow a delivery person […]
0
1
Researcher at Fidelis Cybersecurity devised a new technique that abuses X.509 Digital Certificates to establish a covert data exchange channel Last year, during the Bsides conference in July 2017, the security researcher at Fidelis Cybersecurity Jason Reaves demonstrated how to covertly exchange data using X.509 digital certificates, now the same expert published the […]
0
1
A vulnerability in the Grammarly Chrome and Firefox extensions allowed websites to read users’ authentication tokes and use to them to log in to the users’ Grammarly accounts and access all the (potentially sensitive) information held in them. About the vulnerability The vulnerability was discovered by Google project Zero researcher […]
0
1
The WannaCry and NotPetya outbreaks were by far among the most significant digital attack campaigns that took place in 2017. Together, the crypto-ransomware and wiper malware affected hundreds of thousands of computers all over the world. They achieved this reach by abusing EternalBlue. Allegedly developed by the U.S. National Security […]
0
1
A study of 2,700 IT professionals across the globe has revealed that 54% of organizations suffered a ransomware attack in the last year, and most organizations were hit more than twice, with the average number of ransomware per attacks being two. On average, every ransomware attack costs companies $133,000, but […]
0
1
