Security researchers now have an excuse to play video games: Nintendo just launched its very own bug bounty program for 3DS handheld consoles. Here are the details.
Tagged With security
Popular video sharing platform DailyMotion has been hacked and millions of usernames, email addresses and hashed passwords of users have been stolen. Around 87 million DailyMotion accounts have been affected and around 85 million of them were linked to unique email addresses. Here's what you need to know.
Cryptography is a massive subject, but one that's becoming increasingly important for the average web developer. While you probably don't need to know the intricate details of ciphers or Transport Layer Security (TLS), it can't hurt to be a least somewhat educated. Enter "Crypto 101" — an online, "pre-release" book that will guide you through both the basic and advanced concepts of cryptography.
Over one million Google accounts have been breached after a malware called Gooligan started spreading like wildfire through third-party Android app stores. Compromised accounts are then used to post fake ratings for malicious apps and to download adware onto infected devices. Even enterprise accounts have been affected. Here's how you can check if your Google account has been compromised.
While big organisations may be used to being targeted by various forms of online attacks, an increasing number of small businesses are falling victim to cybercriminals, according to a security expert from Cisco. He also shared some advice on how small businesses can better protect themselves online.
Earlier this week, a set of vulnerabilities were released that can crash or cause other issues with certain versions of the Network Time Protocol (NTP) daemon, used to synchronise clocks on a variety of computers, with a single malformed packet. This bug affects only affects some Windows systems but other vulnerabilities have also been found that impact some Linux machines along with a number of embedded devices. While these security flaws can't crash servers or computers, it can have severe and unexpected flow-on effects. If you want to find out if your systems are affected and how to apply fixes before different vendors bring out their own patches, read on.
Last week, we reported that the master decryption keys for the Crysis ransomware have been made public. Now security vendor ESET has come out with a free tool to help Crysis ransomware victims recover their files by decrypting them. Here are the details.
A type of denial-of-service (DoS) attack that targets firewalls from a number of vendors including Cisco, Palo Alto and SonicWall was found to have resurfaced earlier this month. Unlike other DoS attacks that rely on pounding machine or network resource with large amounts of traffic, BlackNurse doesn't require much bandwidth at all. Researchers have shown that BlackNurse will work with less than 20Mbps of traffic and is effective even against large enterprise firewalls. For IT administrators who want to test for and mitigate against this kind of attack on their organisation, here are the the instructions.
"Hacking" carries a lot of negativity around it, but not all hacking is used for evil. Learning about it arms you with the necessary knowledge to deal with it, so ethical hacking lets you be the good guy. If you want to learn more about ethical hacking, check out this exploration into the world of penetration testing.
If you have an Apple iPhone or iPad running iOS 8, 9, 10 and above, there is a way to gain access to the photos and contacts on your device without unlocking it with a passcode or fingerprint ID. The security flaw makes use of Siri voice commands. It's a bit finicky, but you don't have to be a genius-level hacker to exploit the vulnerability. Here are the details.
Australian businesses are a popular target for cybercriminals. When a cyberattack hits, it can be costly for businesses to deal with. BAE Systems has now put a number on just how much it can cost. According to a study by the security vendor, the average cost of a cyberattack for an Australian business is over $622,000. Here are the details of the research.
A new type of Ransomware called Ransoc that appeared earlier this month doesn't lock a victim's files and demand money to have them decrypted. Instead, it scans an infected computer for evidence of child pornography or illegal media downloads through Torrents and attempts to blackmail the user if it does find questionable material. That's not the only thing Ransoc does differently compared to other ransomware families. Here's what you need to know.
Back in May, the developers of a prevalent family of ransomware dubbed TeslaCrypt released its master decryption keys to the public, reducing its threat levels. This made way for newer flavours of ransomware to take over. One of these was the Crysis ransomware, which had recently been found to be targeting Australian and New Zealand businesses.
But Crysis has suffered the same fate as TeslaCrypt; its master decryption keys have been released unexpectedly. Here's what you need to know.
You know a security risk is serious when Mark Zuckerberg starts paying attention. While putting tape over your webcam is one surefire way of making sure no one's watching you on your webcam, you don't have to rely on such primitive methods. There are a couple of apps that can do the job for you.
We often hear the term "engineer" tossed around in job titles for those in the IT space. But drilling down into the subcategory of security, what is the difference between a cybersecurity engineer and a cybersecurity professional? It might sound like the same thing to you but one security pundit insists that there are differences that could affect the employability of workers in this industry.
It came to light this week that NVIDIA has started sending information about your machine back to HQ via its graphics drivers. While this is kind-of true, it's not the full story, as Steve Burke of Gamers Nexus recently discovered.