0-day flaw in macOS High Sierra lets hackers dump all passwords from keychain
by Filip TRUTA, from HotForSecurity , on 14.08.2018
Apple prides itself on the airtight security offered by its family of products, including the Mac operating system, macOS. But while considerably less targeted by hackers, macOS is still vulnerable to attacks – especially when a bad actor comes at it with an exploit that takes advantage of a zero-day vulnerability. Ex-NSA hacker Patrick Wardle [and#8230;] read more
CISOs: EDR Suites, the Best Security Approach against Advanced Attacks
by Razvan Muresan, from Business Insights , on 14.08.2018
Most CISOs surveyed by Bitdefender trust next generation security, including endpoint detection and response (EDR) capabilities, as the best security approach against advanced attacks. Security audits, and traditional security - endpoint protection platforms - come second and third, mentioned by more than a third of respondents, according to a Bitdefendersurvey of 1,000+ CISOs from large companies in the US and Europe. read more
DeepLocker: new breed of malware that uses AI to fly under the radar
by Filip TRUTA, from HotForSecurity , on 13.08.2018
IBM researchers are seeking to raise awareness that AI-powered threats are coming our way soon. To that end, theyand#8217;ve created an all-new breed of malware to provide insights into how to reduce risks and deploy adequate countermeasures. DeepLocker was showcased at Black Hat USA 2018, the hacker conference that provides security consulting, training, and briefings [and#8230;] read more
Tibetan activists, diaspora hit by resurfacing malware in cyberespionage operation
by Luana PASCU, from HotForSecurity , on 13.08.2018
The Tibetan diaspora has once again fallen victim to a sophisticated malware campaign similar to one detected in 2016, reports Citizen Lab after receiving the infected files from one of the targets – a Tibetan NGO. It appears the campaign was activated between January and March 2018 and bears a lot of similarity with another [and#8230;] read more
Hackers can install malware on pacemakers to shock patients, researchers show
by Luana PASCU, from IoT Security Insights , on 13.08.2018
A number of critical pacemaker vulnerabilities could enable hackers to easily install malicious code on the already implanted device and manipulate it, from a remote location, to give shocks to patients, as demonstrated by two researchers at the Black Hat 2018 event last week. Billy Rios of Whitescope and Jonathan Butts of QED Secure Solutions ... The post Hackers can install malware on pacemakers to shock patients, researchers show appeared first on Bitdefender. read more
When It Comes to Data Breaches, Healthcare Businesses Stand to Lose Most
by Filip Truta, from Business Insights , on 13.08.2018
For the eighth year in a row, healthcare organizations incurred the highest costs from data breaches, costing them an average $408 per lost or stolen record. Costs associated with data breaches in healthcare are nearly three times higher compared to other industries. read more
Simple Steps to Protect the IoT on Your Home Network
by Ionut ILASCU, from IoT Security Insights , on 13.08.2018
Many smart devices on a home network are sitting ducks for hackers. This is unlikely to change in a market segment that values a working product above a secure product. Even so, you can take some actions to make it a higher-hanging fruit that would discourage most attackers. Your defense strategy should start before you ... The post Simple Steps to Protect the IoT on Your Home Network appeared first on Bitdefender. read more
Hackers phish Butlin’s holiday camp chain, access customers’ personal data
by Graham CLULEY, from HotForSecurity , on 10.08.2018
Fabled British holiday camp chain Butlinand#8217;s has admitted that it has suffered a data breach that may have exposed details of 34,000 guests. Personal information contained within the records accessed by hackers includes names, booking reference numbers, arrival dates, home addresses, email addresses, and telephone numbers. According to be a BBC News report, the attack [and#8230;] read more
UK government worried Huawei software could facilitate cyberespionage
by Luana PASCU, from HotForSecurity , on 10.08.2018
Huawei Technologies, the Chinese ICT infrastructure and smart device manufacturer, is now on UK’s security blacklist following technical “shortcomings” in the software used, writes Reuters. UK officials are concerned telecom companies and their networks could be seriously compromised due to outdated software in Huawei devices. As mentioned by three anonymous sources for Reuters, the software [and#8230;] read more
Professional Golfers’ Association hit by ransomware days before championship
by Filip TRUTA, from HotForSecurity , on 10.08.2018
Mere days before the Professional Golfers’ Association Championship at the Bellerive Country Club this week, hackers took control of the PGA’s servers and encrypted promotional materials to be used in the competition. “Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorythm [sic],” read the [and#8230;] read more
