The vulnerabilities, which resided in associated smartphone apps, were both easy to find and easy to fix. Two smart alarm systems for cars have plugged critical security holes that put three million vehicles globally at risk of being hijacked, research by Pen Test Partners reveals. If exploited, the vulnerabilities would have enabled anyone to turn the alarm … More Flaws in smart car alarms exposed 3 million cars to hijack
Every year on March 8, we celebrate International Women’s Day to honor the social, economic, cultural and political achievements of women. But we also acknowledge that there is still a long way to go before we’ve truly reached gender parity. This day gives us the opportunity to reflect on how we can achieve that balance. … More International Women’s Day 2019: How can we be better allies?
Some tips that businesses can do to get better at it without breaking the bank. Here at RSA Small and Medium Businesses (SMBs) are squarely faced with the daunting task of securing the explosion of IoT devices, now ever-present in the business environment. In the past, IoT in a business setting could largely be ignored, but that’s no … More RSA – IoT security meets SMB
The latest report from the Anti-Phishing Working Group offers a mixed bag of findings about the phishing landscape in 2018. The Anti-Phishing Working Group (APWG) has released its latest Phishing Activity Trends Report, which shows that the number of fraudulent websites designed to steal people’s sensitive data fell as 2018 went on. The drop – from … More Payment processors remain phishers’ favorites
A ‘white hat’ from Argentina has come a long way since winning his first reward of US$50 in 2016. A little over a year ago, we looked at how well bug hunting can pay. The tale of an Argentinian teenager now shows that sleuthing for security holes in code can be a lucrative pursuit. Santiago Lopez, … More Teen earns US$1 million in bug bounties
The service became notorious for its use by ne’er-do-wells looking to make a quick buck by hijacking the processing power of victim machines to generate virtual money. Coinhive, a cryptocurrency mining service that rose to infamy after it began to be co-opted for cryptojacking campaigns in 2017, is shutting down. In a short blog post on Tuesday, the … More Coinhive cryptocurrency miner to call it a day next week
The organization was the victim of a water-hole attack, likely attributable to the APT LuckyMouse group. The International Civil Aviation Organization (ICAO) was a victim of a large-scale cyberattack back in 2016. Indeed, in November of that year, a cyber-intelligence analyst at Lockheed Martin contacted the international organization after finding that cybercriminals took control of … More ICAO victim of a major cyberattack in 2016