Techerati

Proofpoint observes novel technique that uses custom web fonts to help phishing pages evade detection Cybersecurity researchers at Proofpoint have discovered a new phishing technique that allows cybercriminals to hide phishing pages via custom web font files. The researchers found the new technique after observing strange encoding in a credential harvesting scheme impersonating a major retail... Read More

December 2018 McAfee Labs threat report shows sharp increase in malware targeting IoT devices, which can then be used for cryptomining exploits IoT malware threats have increased from just over 5,000 in Q4 2016 to over 45,000 incidents detected in Q3 2018. IoT threats may target any kind of connected hardware including routers, smart devices,... Read More

Hackers break into Gmail and Yahoo accounts of journalists and activists “at scale”, even those with two-factor authentication (2FA) enabled Multiple credentials phishing campaigns targeting human rights activists and journalists across the Middle East and North Africa have been disclosed by Amnesty International. Credentials phishing deploys imitations of websites, wherein a login prompt lures a... Read More

Security controls and processes for ballistic missile defense system (BMDS) not consistently implemented leaving technical information exposed, according to a security audit released by the US Department of Defense Inspector General (DOD IG) A US DOD cybersecurity audit of US missile defence systems has revealed officials are failing to implement basic cybersecurity controls such as... Read More

New research from RedSeal reveals UK industry needs greater support from the government against mounting cyber threats  Fears over the UK’s withdrawal from the European Union might have dominated the business press in 2018, but new research from security vendor RedSeal has outlined the equally real, present (and arguably larger), danger posed by cyberattackers to... Read More

Company no longer using Huawei equipment in existing 3G and 4G networks, removing hardware from “core” of 5G service BT has confirmed reports in the Financial Times that it is stripping Huawei equipment from existing EE 3G and 4G core mobile operations and future 5G core operations. Speaking to The Register, the UK telco dismissed... Read More

First major security flaw in popular cloud container orchestrator Kubernetes discovered – and it may be impossible to tell if you have been compromised Find any firm at the forefront of digital transformation and there’s one thing you can bet on: it’s leveraging Kubernetes to deploy sophisticated applications that push the boundaries of modern-day application... Read More

The FBI has identified two of the perpetrators responsible for long-running cybercrime that crippled hospitals, government agencies and institutions in US and Canada According to the FBI, Iranian residents Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri were two of the culprits behind the notorious ransomware attacks that infected more than 230 entities and caused... Read More

As the threat to critical national infrastructure rises, a parliamentary committee has warned the UK is ‘wholly’ unprepared to stop a devastating cyberattack Much has been made of Russia’s aggressive cyber-offensive in recent years, and while the UK has made threats of its own, the joint committee on national security strategy says the country needs to... Read More

Proofpoint observes novel technique that uses custom web fonts to help phishing pages evade detection Cybersecurity researchers at Proofpoint have discovered a new phishing technique that allows cybercriminals to hide phishing pages via custom web font files. The researchers found the new technique after observing strange encoding in a credential harvesting scheme impersonating a major retail... Read More

December 2018 McAfee Labs threat report shows sharp increase in malware targeting IoT devices, which can then be used for cryptomining exploits IoT malware threats have increased from just over 5,000 in Q4 2016 to over 45,000 incidents detected in Q3 2018. IoT threats may target any kind of connected hardware including routers, smart devices,... Read More

Hackers break into Gmail and Yahoo accounts of journalists and activists “at scale”, even those with two-factor authentication (2FA) enabled Multiple credentials phishing campaigns targeting human rights activists and journalists across the Middle East and North Africa have been disclosed by Amnesty International. Credentials phishing deploys imitations of websites, wherein a login prompt lures a... Read More

Security controls and processes for ballistic missile defense system (BMDS) not consistently implemented leaving technical information exposed, according to a security audit released by the US Department of Defense Inspector General (DOD IG) A US DOD cybersecurity audit of US missile defence systems has revealed officials are failing to implement basic cybersecurity controls such as... Read More

New research from RedSeal reveals UK industry needs greater support from the government against mounting cyber threats  Fears over the UK’s withdrawal from the European Union might have dominated the business press in 2018, but new research from security vendor RedSeal has outlined the equally real, present (and arguably larger), danger posed by cyberattackers to... Read More

Company no longer using Huawei equipment in existing 3G and 4G networks, removing hardware from “core” of 5G service BT has confirmed reports in the Financial Times that it is stripping Huawei equipment from existing EE 3G and 4G core mobile operations and future 5G core operations. Speaking to The Register, the UK telco dismissed... Read More

First major security flaw in popular cloud container orchestrator Kubernetes discovered – and it may be impossible to tell if you have been compromised Find any firm at the forefront of digital transformation and there’s one thing you can bet on: it’s leveraging Kubernetes to deploy sophisticated applications that push the boundaries of modern-day application... Read More

The FBI has identified two of the perpetrators responsible for long-running cybercrime that crippled hospitals, government agencies and institutions in US and Canada According to the FBI, Iranian residents Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri were two of the culprits behind the notorious ransomware attacks that infected more than 230 entities and caused... Read More

As the threat to critical national infrastructure rises, a parliamentary committee has warned the UK is ‘wholly’ unprepared to stop a devastating cyberattack Much has been made of Russia’s aggressive cyber-offensive in recent years, and while the UK has made threats of its own, the joint committee on national security strategy says the country needs to... Read More