Rene Millman

Tomato router flaw makes 000's of IoT devices vulnerable to Muhstik botnet

Tomato router flaw makes 000's of IoT devices vulnerable to Muhstik botnet

The Muhstik botnet harvests vulnerable Tomato routers and researchers report that Muhstik mainly launches cryptocurrency mining and DDoS attacks in IoT bots to earn profit.

Sim swap attacks making two-factor authentication via smartphones obsolete

Sim swap attacks making two-factor authentication via smartphones obsolete

Two-factor authentication is easily thwarted by social engineering hence Sim swap attacks risk making 2FA via smartphones obsolete, according to security researchers.

Emotet back from Christmas break to wreak havoc on networks

Emotet back from Christmas break to wreak havoc on networks

Massive campaign by APT group targets pharma companies in the US, Mexico, Germany, Japan and Australia amongst other regions and sectors

Healthcare under attack: 2/3 of orgs hit last year, insiders an issue, training lacking

Healthcare under attack: 2/3 of orgs hit last year, insiders an issue, training lacking

67% of healthcare organisations suffered a cyber-security incident in the last 12 months, 39% down to staff, investment too low, too few training programmes to ensure staff use systems correctly.

SC Media UK salary survey 2020: Awareness-trainers among big winners

SC Media UK salary survey 2020: Awareness-trainers among big winners

Salaries are changing in the cyber-security industry, but are women closing the gender gap, and what skills are most in demand? Which roles have peaked and which are rising?

Bug alert: Organisations told to deploy mitigations against Citrix Netscaler remote code execution flaw

Bug alert: Organisations told to deploy mitigations against Citrix Netscaler remote code execution flaw

Organisations have been warned that they need to deploy workarounds for the Citrix ADC (NetScaler) CVE-2019-19781 vulnerability as working exploits have become available.

Trickbot gang uses fileless backdoor on high-value targets

Trickbot gang uses fileless backdoor on high-value targets

A Russian cyber-crime gang has developed a new hacking tool called PowerTrick in a bid to move around target networks undetected

Magecart customers pay twice due to hacking of website code

Magecart customers pay twice due to hacking of website code

Hackers access website source code to inject malicious JavaScript, then payment details submitted get sent to two addresses - the retailer and the crooks.

Flaws found in Cisco's networking equipment operating system; Patch issued

Flaws found in Cisco's networking equipment operating system; Patch issued

Cisco released updates to its networking equipment operating system NX-OS after security researchers found three critical authentication bypass vulnerabilities

Hacker sentenced for blackmailing Apple with iPhone account reset

Hacker sentenced for blackmailing Apple with iPhone account reset

Hacker from North London gets 300 hours of unpaid work and six-month electronic curfew for trying to blackmail Apple in 2017 by threatening to reset 319 million iCloud accounts