Cyber Attacks

Cyber Attacks | News, how-tos, features, reviews, and videos

jet aircraft is maneuvering for landing 149957988
CSO slideshow - Insider Security Breaches - Flag of China, binary code

online shopping cart magecart hackers shopping online

Magecart web skimming group targets public hotspots and mobile users

IBM researchers discover new Magecart scripts suggest planned advertisement injection through Wi-Fi and supply chain attacks.

DDOS attack

Misconfigured WS-Discovery in devices enable massive DDoS amplification

Researchers were able to achieve amplification rates of up to 15,300%. Some mitigations are possible.

Botnet Trouble / Botnet army

Secrets of latest Smominru botnet variant revealed in new attack

Researchers gained access to a Smominru command-and-control server to get details on compromised devices and scope of the attack.

compromised data / security breach / vulnerability

New Spectre-like CPU vulnerability bypasses existing defenses

The SWAPGS vulnerability can allow attackers to access contents of kernel memory addresses. Microsoft and Intel have coordinated on a mitigation.

CSO  >  ransomware / security threat

To pay or not pay a hacker’s ransomware demand? It comes down to cyber hygiene

A recent call for city leaders to stop paying ransomware demands underscores the need for municipalities to step up their cyber practices and have a good backup process in place.

Telecom tower

Telcos around the world hit by long-term intelligence gathering cyberattack

Operation Soft Cell saw telcos around the world lose over 100GB of call record data, but it could have been much worse. Attackers could have shut down cell networks if they wanted.

rambleed ram memory card hardware hack breach binary by 13threephotography getty

OpenSSH to protect keys in memory against side-channel attacks

The new OpenSSH patch makes it harder to execute attacks such as Spectre, Meltdown, Rowhammer and Rambleed.

russian hacking us election  putin voting fraud hacked

2016 election hacking in Florida: Russian emails, hidden tracks

The Mueller Report says the Russians planted malware on at least one Florida county system, and Florida's governor announces that two counties were hacked in 2016. Experts believe the problem could be bigger.

Intel CPU  >  security

The second Meltdown: New Intel CPU attacks leak secrets

Intel has done some mitigations for these vulnerabilities that can leak secrets from virtual machines, secure enclaves and kernel memory. Here's how the attacks work.

adding processor to circuit board computer hardware

New Intel firmware boot verification bypass enables low-level backdoors

By replacing a PC's SPI flash chip with one that contains rogue code, an attacker can can gain full, persistent access.

hack hacker cyber thief theft stolen

APT group Elfin switches from data destruction to data stealing via WinRAR vulnerability

Iran-linked hacker group switches techniques from Shamoon wiper attacks to WinRAR exploits.

Slack logo/wordmark [2019]

Hackers use Slack to hide malware communications

A watering hole attack used Slack for its command-and-control communications to avoid network and endpoint detection.

man in the middle phone on a string communicaiton

What is a man-in-the-middle attack? How MitM attacks work and how to prevent them

A man-in-the-middle (MitM) attack is when an attacker intercepts communications between two parties either to secretly eavesdrop or modify traffic traveling between the two. Detecting MitM attacks is difficult, but they are...

group of hackers in digital environment

Cylance researchers discover powerful new nation-state APT

A new APT, dubbed White Company, is flexing its muscle on the world stage, and it has security researchers worried.

security threats and vulnerabilities

Why I don’t believe Bloomberg’s Chinese spy chip report

China can and has stolen the information it wants from US companies without using secretly embedded hardware, so why would it jeopardize its massive semiconductor industry?

Computerworld - Mingis on Tech - video podcast teaser [3x2/1800x1200]

Mingis on Tech: Lessons from RSA 2018

This year's RSA security conference focused on a variety of cybersecurity topics – everything from blockchain to the looming GDPR rules. CSO's Steve Ragan was there and offers insights on what mattered most at the show.

data breach security threat lock crime spyware

Microsoft sets novel antivirus prerequisite before offering Windows emergency updates

Windows users are being warned they must have up-to-date antivirus software on their PCs to get updates aimed at fending off attacks that take advantage of the Meltdown and Spectre flaws.

meltdown spectre

Browser makers build bulwarks to stump Spectre attacks

Most major browser makers responded to concerns about the Meltdown and Spectre vulnerabilities by updating their wares to try and fend off any web-based attacks.

Load More