Latest Chrome update plugs a zero‑day hole
It now turns out that the vulnerability in the browser was being exploited in tandem with a zero-day in Windows
Latest Articles
RSA – IoT security meets SMB
Some things that businesses can do to get better at it without breaking the bank
Payment processors remain phishers’ favorites
The latest report from the Anti-Phishing Working Group offers a mixed bag of findings about the phishing landscape in 2018
Teen earns US$1 million in bug bounties
A ‘white hat’ from Argentina has come a long way since winning his first reward of US$50 in 2016
Week in security with Tony Anscombe
Coinhive cryptocurrency miner to call it a day. Google aims for password-free app and site logins on Android. Plus escalating DNS attacks have domain name steward worried.
DJ Marshmello concert on Fortnite: An iconic event that also attracted scammers
The first virtual concert to take place inside a video game attracted interest not only from players but also from scammers, who tried to take advantage of the huge event by tricking users into buying tickets even though the concert was free
ICAO victim of a major cyberattack in 2016
The organization was the victim of a watering hole attack, likely attributable to the APT LuckyMouse group
Coinhive cryptocurrency miner to call it a day next week
The service became notorious for its use by ne’er-do-wells looking to make a quick buck by hijacking the processing power of victim machines to generate virtual money
‘Highly critical’ bug exposes unpatched Drupal sites to attacks
Worse, attackers have already been spotted targeting the flaw to deliver cryptocurrency miners and other payloads
How to spot if your password was stolen in a security breach
Following the revelation that a list containing millions of stolen usernames and passwords had appeared online, we tell you a few different ways to find out if your credentials were stolen in that—or any other—security breach
Google aims for password‑free app and site logins on Android
With FIDO2 certification for Android, Google is setting the stage for password-less app and website sign-ins on a billion devices
Escalating DNS attacks have domain name steward worried
The keeper of the internet’s ‘phone book’ is urging a speedy adoption of security-enhancing DNS specifications
Cyber‑extortionists take aim at lucrative targets
A new report shines some light on multiple aspects of the growing threat of cyber-extortion
Week in security with Tony Anscombe
Head of the AI/ML Team at ESET, Juraj Jánošík, looks at machine learning and cybersecurity and considers whether it is a step toward a safer world or a step closer to the brink of chaos
ML‑era in cybersecurity: A step toward a safer world or the brink of chaos?
As the use of this technology grows so does the risk that attackers may hijack it
How costly are sweetheart swindles?
And that’s on top of the heartache experienced by the tens of thousands of people who fall for romance scams each year
Siegeware: When criminals take over your smart building
Siegeware is what you get when cybercriminals mix the concept of ransomware with building automation systems: abuse of equipment control software to threaten access to physical facilities
Switzerland offers cash for finding security holes in its e‑voting system
Anybody with hacking prowess can take a crack at reading votes or even rigging the vote count itself
Criminal hacking hits Managed Service Providers: Reasons and responses
Recent news articles show that MSPs are now being targeted by criminals, and for a variety of nefarious reasons. Why is this happening, and what should MSPs do about it?
Google – “Here’s how we cracked down on bad apps last year”
Apps downloaded from Google Play were eight times less likely to compromise a device than apps from other sources