The City of Baltimore was under cyber-attack last year, with hackers demanding $76,000 in ransom. Though the city chose not to pay the ransom, the attack still cost them nearly $18 million in damages, and then the city signed up for a $20 million cyber insurance policy. It’s very evident that cyber-attacks are not only costly in terms of time and money but also bring extensive legal liability
Source de l’article sur The Hacker News
A group of academics from Ruhr University Bochum and New York University Abu Dhabi have uncovered security flaws in 4G LTE and 5G networks that could potentially allow hackers to impersonate users on the network and even sign up for paid subscriptions on their behalf. The impersonation attack — named « IMPersonation Attacks in 4G NeTworks » (or IMP4GT) — exploits the mutual authentication
Source de l’article sur The Hacker News
Cybersecurity researchers have discovered a large-scale ongoing fraud scheme that lures unsuspecting Russian Internet users with promises of financial rewards to steal their payment card information. According to researchers at Group-IB, the multi-stage phishing attack exploited the credibility of Russian Internet portal Rambler to trick users into participating in a fictitious « Like of the
Source de l’article sur The Hacker News
A new report published by cybersecurity researchers has unveiled evidence of Iranian state-sponsored hackers targeting dozens of companies and organizations in Israel and around the world over the past three years. Dubbed « Fox Kitten, » the cyber-espionage campaign is said to have been directed at companies from the IT, telecommunication, oil and gas, aviation, government, and security sectors
Source de l’article sur The Hacker News
The United States Department of Justice today announced charges against 4 Chinese military hackers who were allegedly behind the Equifax data breach that exposed the personal and financial data of nearly 150 million Americans. In a joint press conference held today with the Attorney General William Barr and FBI Deputy Director David Bowdich, the DoJ officials labeled the state-sponsored
Source de l’article sur The Hacker News
Can you imagine launching a global bug bounty platform with almost 500,000 submissions and 13,000 researchers without consuming a cent from venture capitalists? If not, this success story is for you. The once skyrocketing bug bounty industry seems to be not in the best shape today. While prominent security researchers are talking about a growing multitude of hurdles they experience with the
Source de l’article sur The Hacker News
Cybersecurity researchers at Check Point today disclosed details of two recently patched potentially dangerous vulnerabilities in Microsoft Azure services that, if exploited, could have allowed hackers to target several businesses that run their web and mobile apps on Azure. Azure App Service is a fully-managed integrated service that enables users to create web and mobile apps for any
Source de l’article sur The Hacker News
If you have ever contacted Microsoft for support in the past 14 years, your technical query, along with some personally identifiable information might have been compromised. Microsoft today admitted a security incident that exposed nearly 250 million « Customer Service and Support » (CSS) records on the Internet due to a misconfigured server containing logs of conversations between its support
Source de l’article sur The Hacker News
Citrix has finally started rolling out security patches for a critical vulnerability in ADC and Gateway software that attackers started exploiting in the wild earlier this month after the company announced the existence of the issue without releasing any permanent fix. I wish I could say, « better late than never, » but since hackers don’t waste time or miss any opportunity to exploit
Source de l’article sur The Hacker News
Testing security controls is the only way to know if they are truly defending your organization. With many different testing frameworks and tools to choose from, you have lots of options. But what do you specifically want to know? And how are the findings relevant to the threat landscape you face at this moment? « Decide what you want to know and then choose the best tool for the job. »
Source de l’article sur The Hacker News
