“A malicious Home Depot advertising campaign is redirecting Google search visitors to tech support scams,” claims Bleeping Computer. Slashdot reader nickwinlund77 shares their report: BleepingComputer searched for ‘home depot’ and was shown the malicious advertisement on our first try. Even worse, the ad is the top spot in the research result, making it more likely to be clicked… [T]he ad clearly…
Tag: security professionals
Cellmate: Male Chastity Gadget Hack Could Lock Users In
A security flaw in a hi-tech chastity belt for men made it possible for hackers to remotely lock all the devices in use simultaneously. The BBC reports: Qiui’s Cellmate Chastity Cage is sold online for about $190 and is marketed as a way for owners to give a partner control over access to their body. Pen Test Partners believe about 40,000…
‘Google App Engine’ Abused to Create Unlimited Phishing Pages
Google’s cloud-based service platform for developing and hosting web apps “can be abused to deliver phishing and malware while remaining undetected by leading enterprise security products,” reports Bleeping Computer, citing a startling discovery by security researcher Marcel Afrahim: A Google App Engine subdomain does not only represent an app, it represents an app’s version, the service name, project ID, and region…
Foreign Hackers Cripple Texas County’s Email System, Raising Election Security Concerns
Last week, voters and election administrators who emailed Leanne Jackson, the clerk of rural Hamilton County in central Texas, received bureaucratic-looking replies. “Re: official precinct results,” one subject line read. The text supplied passwords for an attached file. But Jackson didn’t send the messages. From a report: Instead, they came from Sri Lankan and Congolese email addresses, and they cleverly hid…
The FBI Botches Its DNC Hack Warning In 2016 — But Says It Won’t Next Time
An anonymous reader quotes a report from Wired: On April 28, 2016, an IT tech staffer for the Democratic National Committee named Yared Tamene made a sickening discovery: A notorious Russian hacker group known as Fancy Bear had penetrated a DNC server “at the heart of the network,” as he would later tell the US Senate’s Select Committee on Intelligence. By…
DOD, FBI, DHS Release Info on Malware Used in Chinese Government-Led Hacking Campaigns
The U.S. government today publicly exposed malware used in Chinese government hacking efforts for more than a decade. From a report: The Chinese government has been using malware, referred to as Taidoor, to target government agencies, entities in the private sector, and think tanks since 2008, according to a joint announcement from the Department of Homeland Security’s Cybersecurity and Infrastructure Security…
Hackers Are Exploiting a 5-Alarm Bug In Networking Equipment
Andy Greenberg writes via Wired: Late last week, government agencies, including the United States Computer Emergency Readiness Team and Cyber Command, sounded the alarm about a particularly nasty vulnerability in a line of BIG-IP products sold by F5. The agencies recommended security professionals immediately implement a patch to protect the devices from hacking techniques that could fully take control of the…
Announcing the Cybersecurity Analyst Professional Certificate from IBM
By Betty Vandenbosch, Chief Content Officer at Coursera With businesses rapidly moving their operations to the cloud and consumers demanding better data protection, the cybersecurity industry is facing a significant talent shortage. In fact, 3.5 million IT security roles are likely to go unfilled by 2021. To address this talent shortage, we are excited to […]
The post Announcing the Cybersecurity Analyst…
Mystery Data Breach Dubbed ‘db8151dd’ Exposes Records of 22 Million People
An anonymous reader quotes a report from 9to5Mac: A massive data breach dubbed db8151dd has exposed the records of 22M people — including addresses, phone numbers, and social media links. But the source of the data is a mystery. I got an email alert this morning from the haveibeenpwned.com site telling me that my details were included. The exposed data appears…
Charges Dropped Against Pentesters Paid To Break Into Iowa Courthouse
Prosecutors have dropped criminal charges against two security professionals who were arrested and jailed last September for breaking into an Iowa courthouse as part of a contract with Iowa’s judicial arm. From a report: The dismissal, which was announced on Thursday, is a victory not only for Coalfire Labs, the security firm that employed the two penetration testers, but the security…