News
  • ACM HSCC 2022 -- Last Call for Papers (deadline 29 October)
    <p>ACM HSCC 2022 Call for Papers</p> <p>25th ACM International Conference on Hybrid Systems:&nbsp;</p> <p>Computation and Control (HSCC 2022)</p> <p>&nbsp;</p> <p>Part of CPS-IoT…
  • Facebook outage caused by own engineers
    This week’s massive Facebook outage that was felt across all it’s platforms including Instagram and WhatsApp and lasted over six hours was likely caused by a faulty configuration change on the backbone routers that coordinate network traffic between data…
  • Google identifies Threat Actors using new tricks with Code Signing
    Google’s Threat Analysis Group found that threat actors have recently used a new trick of code signing to avoid detection on Windows systems and have notified Microsoft of their findings. OpenSUpdater operations had used legitimate code-signing…
  • Microsoft offers passwordless sign-ons
    In an effort to strengthen security for Microsoft users, the company is now rolling out a way to access Microsoft accounts such as Microsoft 365, Teams, Outlook, OneDrive, and Family Safety without passwords. The feature is available after linking users…
  • Easy-to-use GENESIS marketplace for cyber criminals on the rise
    Cyber criminals are flocking to the GENESIS marketplace, a one-stop shop for login credentials, cookies, device fingerprints, website vulnerabilities and other sensitive data on Hackers’ wish list. The invite-only market has become an important tool for…
  • Online scam targets gift cards and loyalty cards
    Online scam targets gift cards and loyalty cards Over 100,000 inboxes are the target of an under the radar approach to extracting small amounts of funds from giftcards, credits, and other valuables that show up in people’s inboxes. This cybercrime…
  • Major companies meet with President Biden and promise billions in spending on cybersecurity
    At a productive White House meeting on August 25th, Microsoft, Google, Amazon, Apple, IBM and others committed to significant efforts in the cybersecurity area. Google plans to invest more than 10 billion to strengthen cybersecurity and train 100,000…
  • Tuya's IOT products may be a high security risk
    Cyber experts warn that Chinese tech giant Tuya’s IOT products may be a high security risk. Tuya makes products that have been incorporated into many of today's, smart devices including smart TVs, smart home security camera, home thermostats and…
  • White Hacker rewarded with $500K bug bounty for returning millions in hacked cryptocurrency
    White Hacker returns millions in cryptocurrency hacked from Poly Network last week. The company has decided to offer the hacker a $500K bug bounty. The white hat hacker had stated that he/she had initiated the hack for fun—and was motivated to…
  • Three random words beat out jumble of letters and numbers for secure passwords
    The UK National Security Centre recommends using three random words as passwords because they are easy to remember and are often stronger that the combinations of letters and numbers that people are led to create. Their research found that hacking…
  • Fraudulent phone call centers trick users into downloading ransomware
    Microsoft alerts that the BazaCall attack starts with malicious emails that tricks the users into calling the fake call center. Claiming that a demo service is ending and the user will be charged for a premium service.
  • Cyber Security booklet for Middle and High School students
    The National Cryptologic Foundation Cyber Center for Education and Innovation has just released a great booklet, Outsmart Cyberthreats, on cyber security for Middle and High School students. The scenarios show students how to protect themselves and…
  • Facebooks takes down over 200 Iranian Hacker Accounts used to target US Military Personnel
    Facebooks takes down over 200 Iranian Hacker Accounts used to target US Military Personnel This week Facebook disabled a sophisticated online cyber espionage campaign by Iranian threat actor AKA Tortoiseshell which was targeting about 200 military…
  • Kaseya victim of sophisticated ransomware attack
    Kaseya which provides solutions to managed service providers (MSP) was the victim of a ransomware attack on July 2. There were up to 1500 small to medium-sized companies that may have had their systems compromised through their MSP.Kayseya provides…
  • PrintNightmare impacts all Windows versions
    The PrintNightmare vulnerability is part of the Windows Print Spooler and allows remote code execution. This enables hackers to gain system privileges on a device to install programs, view, change, and delete data and create accounts with full user…
  • Firmware Security Issues put 30 Million Dell Devices at Risk
    30 million Dell devices are at risk from firmware security issues. Researchers from Eclypsium report that 128 recent models including desktops, laptops, and tablets are exposed. The problems show up in a Dell feature called BIOSConnect which allows…