Instagram’s new security tools are a welcome step, but not enough

Instagram users should soon have more secure options for protecting their accounts against Internet bad guys.  On Tuesday, the Facebook-owned social network said it is in the process of rolling out support for third-party authentication apps. Unfortunately, this welcome new security offering does nothing to block Instagram account takeovers when thieves manage to hijack a target’s mobile…

Air Canada data breach – 20,000 users of its mobile app affected

Air Canada data breach – The incident was confirmed by the company and may have affected  20,000 customers (1%) of its 1.7 million mobile app users. The data breach of the day is the one suffered by Air Canada that may have affected  20,000 customers (1%) of its 1.7 million mobile app users. The news…

Vulnerability threatens Capsule Technologies medical gateway device

The Misfortune Cookie flaw is threatening medical equipment that connects bedside devices to the hospital’s network infrastructure. In December 2104, researchers at Check Point Software Technologies discovered the Misfortune Cookie vulnerability, a flaw that was affecting millions of devices running an embedded web server called RomPager, the vulnerability could be exploited by an attacker to run a man-in-the-middle attack on traffic going to…

Security of smart utilities leaves a lot to be desired

The modernization of utility infrastructures is enabling increased efficiencies and reliability through digitization, connectivity, and IT-based approaches. Smart cyber assets are transforming both power and water grids, allowing operators to deploy and leverage a new generation of functionality and customer services. However, smart utilities are also highly vulnerable to cyberthreats, and security is, therefore, a…

Dark Tequila Banking Malware Uncovered After 5 Years of Activity

Security researchers at Kaspersky Labs have uncovered a new, complex malware campaign that has been targeting customers of several Mexican banking institutions since at least 2013. Dubbed Dark Tequila, the campaign delivers an advanced keylogger malware that managed to stay under the radar for five years due to its highly targeted nature and a few evasion…

Microsoft says Russian hackers continue targeting 2018 midterm elections

Microsoft has spotted a new hacking campaign targeting 2018 midterm elections, the experts attributed the attacks to Russia-linked APT28 group. Microsoft has spotted a new hacking campaign targeting 2018 midterm elections. The tech giant attributed to Russia-linked APT28 a series of cyber attacks aimed at Members of United States’ Senate, conservative organizations and think tanks. The Russian…

When it’s hotel staff, not the hackers, invading folks’ privacy

Comment The hacking world’s summer camp has ended. The last of the Black Hat USA, BSides Las Vegas, and DEF CON attendees and organizers have now left Sin City after a week of lectures, networking, and partying. What unfolded over those seven or so days will have knock-on effects for years to come – not just…

Unusual Malspam campaign targets banks with Microsoft Publisher files

Researchers from Trustwave have uncovered a malspam campaign targeting banks with the FlawedAmmyy RAT. The peculiarity of this malspam campaign is the unusual use of a Microsoft Office Publisher file to infect victims’ systems. Experts noticed an anomalous spike in the number of emails with a Microsoft Office Publisher file (a .pub attachment) and the subject line, “Payment Advice,” that was sent to domains belonging to…

DNS Hijacking targets Brazilian financial institutions

Crooks are targeting DLink DSL modem routers in Brazil to redirect users to fake bank websites by carrying out DNS hijacking. Crooks are targeting DLink DSL modem routers in Brazil to redirect users to fake bank websites by changing the DNS settings. With this trick, cybercriminals steal login credentials for bank accounts, Radware researchers reported. The attackers…