Elfin Hacking Group Targets Multiple U.S. and Saudi Arabian Firms

Posted on March 30th, 2019 by Responsible Cyber

An Iran-linked cyber-espionage group that has been found targeting critical infrastructure, energy and military sectors in Saudi Arabia and the United States two years ago continues targeting organizations in the two nations, Symantec reported on Wednesday.Widely known as APT33, which Symantec calls Elfin, the cyber-espionage group has been active since as early as late 2015 […]

Read More

NSA-Inspired Vulnerability Found in Huawei Laptops

Posted on March 30th, 2019 by Responsible Cyber

This is an interesting story of a serious vulnerability in a Huawei driver that Microsoft found. The vulnerability is similar in style to the NSA’s DOUBLEPULSAR that was leaked by the Shadow Brokers — believed to be the Russian government — and it’s obvious that this attack copied that technique. What is less clear is […]

Read More

Three in Five Politicians’ Websites Don’t Use HTTPS

Posted on March 14th, 2019 by Responsible Cyber

Comparitech assessed the websites of more than 7,500 politicians in 37 countries and found 60.8% did not use valid SSL certificates. Security and politics have become so intertwined since the 2016 presidential election that research group Comparitech decided it was time to look into the security of politicians’ websites. What they found is alarming: Three […]

Read More

Human Negligence to Blame for the Majority of Insider Threats

Posted on February 22nd, 2019 by Responsible Cyber

In 98% of the assessments conducted for its research, Dtex found employees exposed proprietary company information on the Web – a 20% jump from 2018. Nearly two-thirds (64%) of insider threats are caused by users who introduce risk due to careless behavior or human error, according to new research from Dtex. This compares to 13% […]

Read More

Attackers place cryptojacking apps in the Microsoft App Store

Posted on February 20th, 2019 by Responsible Cyber

In January, security researchers from Symantec found cryptomining applications in the Microsoft App Store, but they were published in the store between April and December 2018. It’s not clear how many users downloaded or installed the apps, but they had almost 1,900 user ratings. The rogue applications posed as browsers, search engines, YouTube video downloaders, […]

Read More

What’s behind this 1,000-character phishing URL?

Posted on February 14th, 2019 by Responsible Cyber

by Danny Bradbury Phishing sites are common, but this week the internet found a strange strain that’s a little rarer: a phishing site with a URL almost a thousand characters long. Experts have a good theory about why a scammer would go to all that trouble. Bleeping Computer learned of a strange phishing campaign which […]

Read More

Hacking Construction Cranes – Schneier on Security

Posted on February 1st, 2019 by Responsible Cyber

Hacking Construction CranesConstruction cranes are vulnerable to hacking: In our research and vulnerability discoveries, we found that weaknesses in the controllers can be (easily) taken advantage of to move full-sized machines such as cranes used in construction sites and factories. In the different attack classes that we’ve outlined, we were able to perform the attacks […]

Read More

Turn Off FaceTime in Apple iOS Now, Experts Warn

Posted on January 30th, 2019 by Responsible Cyber

Newly found bug reportedly allows callers to spy on you – even if you don’t pick up. [This is a developing story — more updates to come] Security experts are warning Apple iOS users to immediately disable FaceTime on their devices after word began to spread today about a newly discovered bug that allows anyone […]

Read More

FaceTime Bug an AppSec Fail

Posted on January 30th, 2019 by Responsible Cyber

Apple has shut off Group FaceTime while it prepares a fix for a newly found security flaw found by a 14-year-old gamer. The glaring security flaw in FaceTime that has rocked the Apple community since it went viral late yesterday was actually was first found on January 19 by a 14-year-old who stumbled upon it while […]

Read More