Privilege escalation on Unix machines via plugins for text editors

Several of the most popular extensible text editors for Unix environments could be misused by attackers to escalate privileges on targeted systems, SafeBreach researchers have found. They tested Sublime, Vim, Emacs, Gedit, Pico and its clone Nano on machines running Ubuntu, and have managed to exploit the process of loading plugins to achieve privilege escalation […]

The Ransomware Threat to ICS Security

Industrial control systems (referred to as ICS) have faced an ever-growing volume of threats over the past few years. From 2015 to 2016, IBM Managed Security Services reported a 110 percent increase in ICS cybersecurity attacks. The US accounted for most of these incidents, given it has the most Internet-connected ICS networks on the planet, […]

IBM unveils ‘world’s smallest computer’ with blockchain at Think 2018

From being around two storey’s high, computers have come a long way to fit in your backpack and even in your hand. There was a time when computers were thought to only the preserve of the military but now every Tom, Dick, and Harry owns one form or other computing devices. With the transistors used […]

The Case for Integrating Physical Security & Cybersecurity

Early last year in “Grizzly Steppe and Carbanak: The Dangers of Miscalculation in Cyberspace,” TruSTAR researchers outlined the overlap of tactics, techniques, and procedures (TTP) between Russian state organizations and criminal organizations like the Carbanak hacking group. They found that Carbanak and attacks attributed to Russian state security agencies were utilizing some the same infrastructure to […]

7 Spectre/Meltdown Symptoms That Might Be Under Your Radar

Spectre and Meltdown are awful. That much goes without saying. When a vulnerability in the heart of the CPU can bring your secure authentication efforts to naught, it’s a bad thing. But in addition to the obvious security threats, there could be significant impact on an organization’s budgets, schedules, vendor relationships, and product plans. And […]

Orbitz says hacker stole two years’ worth of customer data

Travel booking website Orbitz has been hacked, the company said. The site, now owned by Expedia, confirmed in a statement that it “identified and remediated a data security incident affecting a legacy travel booking platform.” According to the statement, the company found evidence in March that an attacker had access to the company’s legacy systems between […]

A look inside the big business of cybercrime

For three months, Armor’s Threat Resistance Unit (TRU) research team compiled and analyzed data from the black market to shed light on the type of activity threat actors are participating in and how underground forums operate in the burgeoning industry. Just as big businesses operate based on regulations, the laws of supply and demand, and even customer […]

Email fraud warning: Now hackers want your data as well as your money

Fraudsters are launching phishing campaigns that come in the shape of emails pretending to be from someone within the same organisation as the victim — and the crooks are increasingly targeting data rather than money. Email fraud, particularly business email compromise, hit the headlines when the FBI said this particular form of cybercriminal activity cost victims […]

GDPR is more important than ever: The Cambridge Analytica-Facebook meltdown

The Cambridge Analytica-Facebook fiasco started when Dr. Aleksandr Kogan developed a quiz app called “thisisyourdigitallife” and managed to obtain user data through that app by scraping data from the profiles of people who took the quiz as well as that of their friends—apparently allowed under Facebook’s policy for third-party apps at the time!! This is […]

FTC Probing Facebook for Use of Personal Data, Source Says

Having already lost nearly $50 billion in stock market losses, Facebook Inc. is now under investigation by a U.S. privacy watchdog over the use of personal data of 50 million users by a data analytics firm to help elect President Donald Trump. The U.S. Federal Trade Commission is probing whether Facebook violated terms of a […]