Attacks News, Articles and Updates

Attackers exploit old WordPress to inject code enabling site redirection

Attackers exploited an old WordPress vulnerability to infect more than one thousand websites with malware capable of injecting malvertising and even creating a rogue admin user with full access privileges, according to researchers.

#OpIsrael attacks feared in response to US moving embassy to Jerusalem

Anti-Israeli factions of the Anonymous collective opposed to US Foreign policy declared that they would be launching attacks against all websites deemed to be Israeli- or US-government affiliated in their latest #OpIsrael campaign.

Two keyless entry door locks vulnerable to unauthenticated requests

A vulnerability found in two keyless entry door locks enables local attackers to lock and unlock doors as well as create their own RFID badges by sending unauthenticated requests to affected devices.

BrickerBot creators announce retirement from active operations

The individual, or people, behind the BrickerBot malware attacks have decided to hang up their mouse and keyboard after claiming to have locked more than 10 million supposedly unsecure Internet of Things devices.

Android Flaw could enable hackers to modify code without signature change

A serious vulnerability in Android could put millions of devices at risk from attackers modifying code in applications without affecting their signatures.

Pro-ISIS hackers threaten to launch cyber-attack today

Pro-ISIS hackers have reportedly posted a video threatening to launch a global cyber-attack on government, military, and corporate websites today, Thursday, Dec. 8 - with the US as its first target.

'Tis the Season ....for online fraud?

If you can't rely on sophisticated sandboxes to protect the enterprise environment anymore, what's left? One tactic that provides a lot of promise is Web isolation, a scheme that renders content in an isolated environment.

Mobile malware a universal threat around the globe: Check Point

When it comes to avoiding mobile malware no company anywhere on the planet is immune as research shows most companies experienced at least one mobile attack in the last year.

Hiding in plain sight - attacks via trusted entry routes such as updates

Sophisticated attackers will subvert trusted suppliers of executable code such as software updates, consequently, Martin Lee says that a sophisticated response is required.

Connected devices can get pwned by attackers every 2 minutes

IoT device pwned by credential attackers once every 120 seconds in SANS research using real connected device rather than honeypot.

Organisations must wake up and ensure they actively manage cyber-security

Recent cyber-attacks reveal how vulnerable organisations are and that those who actively manage security have limited damage and recovered fastest says Matthias Maier

'ShadowPad' attack sabotaged NetSarang software with backdoor

Attackers secretly modified at least five software packages distributed by network connectivity and server management solutions provider NetSarang in order to infect its business users with modular backdoor spyware.

DDoS attacks on the rise - touching 500gbps

DDoS attacks are on the increase and getting bigger and more widespread, according to research released by Arbor Networks.

How can security vendors reduce their own attack surface?

Following the news that Trend Micro's Password Manager would allow hackers to execute malicious code we ask, how secure are security applications?

If ISIS managed to hack UK infrastructure, what could they actually do?

Chancellor George Osborne has warned that ISIS is directing its cyber-security hacking power at key UK infrastructure facilities.

Mumsnet hit again, this time by stronger series of attacks

Mumsnet has been targeted once again in a fresh sequence attacks.

GitHub attack - evidence points to China

China is being accused of pulling unwitting users into DDos attacks on the GitHub website to hit anti-censorship activists.

Zero-day opens Cisco phones to eavesdropping

VOIP flaws offer a route into your data, with CISCO latest compromise recorded.

Wi-Fi car updates pose security risk

Ford's announcement of software updates to its cars via WiFi highlights security concerns about Smart Car software.

Eurovision voting app hit by suspected cyber-attack

Swedish television, SVT, is believed to have suffered a DDoS attack on its voting system during the final qualification round for Eurovision Song Contest 2015 in Vienna.

Target breach costs £124 million - so far

The costs of the Target breach dwarf the costs of increased security or insurance.

Turning the tide on APTs and nation state attackers

Deal with APT intruders logically, not emotionally, and get the upper-hand - even if that means leaving them on the network says Mike Auty,

Cyber-security: changing the economics!

The economics of cyber-crime make your network an attractive target. Change the economic incentive and you'll reduce the threat says Guarav Banga.

Sophisticated hack causes massive damage to steelworks

Dr Richard Piggin, in a blog published this week, notes how concerns about the vulnerability of control systems have been vindicated following the issuing of details about an attack on a German steelworks.

Constant attack a growing reality

Persistant attacks have become a state of permanent attack for some organisations according to a new report.

Sony Pictures allegedly launched DDoS-type attacks

GOP hackers demand Sony Kim Jong-un film is halted; websites containing stolen data attacked

Google: Phishing is 'astonishingly' successful

Phishing emails - which often seem blatantly fake to security professionals - are far more successful and professionally exploited than previously thought, according to new Google research.