Solar Panel Flaws Put Power Grids at Risk: Researcher
A researcher has identified many vulnerabilities in widely used solar power systems and he believes some of these flaws could allow hackers to cause large-scale outages, but the affected vendor says his claims are exaggerated. In a scenario he calls “Horus,” which stems from the name of the ancient Egyptian god, researcher Willem Westerhof describes…
PoS Malware Hits Avanti Payment Kiosks
Micro markets solutions provider Avanti Markets has informed customers that their personal, payment card and biometric data may have been stolen by cybercriminals who managed to infect some of its kiosks with malware. According to the company, which serves 1.6 million customers across 46 U.S. states, the malware was designed to harvest information such as…
Configuration Error Embarrasses UK’s Cyber Essentials
The UK government’s Cyber Essentials scheme has suffered an embarrassing incident; but one that can hardly be called a breach and certainly not a cyber-attack. A configuration error in the underlying software platform exposed the email addresses of consultancies registered with the scheme — nothing more. Cyber Essentials is a UK government-backed certification scheme designed…
Honda Halts Production at Japan Plant After Cyber Attacks
Honda said Wednesday it had temporarily halted production at a plant in Japan after it suffered a cyberattack from the same ransomware that struck hundreds of thousands of computers worldwide last month. The Japanese automaker said it had shut its plant in Sayama, near Tokyo, on Monday after discovering its computer system was infected with…
Know the Odds: The Cost of a Data Breach in 2017
We’ve all heard that when it comes to experiencing a data breach, the question is not if it will happen, but when. You may be wondering about the actual odds of it happening to your organization. Think about it this way: The chances of being struck by lightning this year are 1 in 960,000. When…
U.S. Warns of North Korea’s ‘Hidden Cobra’ Attacks
The United States Computer Emergency Readiness Team (US-CERT) released a technical alert on Tuesday on behalf of the DHS and the FBI to warn organizations of North Korea’s “Hidden Cobra” activities, particularly distributed denial-of-service (DDoS) attacks. The threat actor dubbed by the U.S. government “Hidden Cobra” is better known in the infosec community as Lazarus…
5 incident response practices that keep enterprises from adapting to new threats
Security analysts within enterprises are living a nightmare that never ends. 24 hours a day, their organizations are being attacked by outside (and sometimes inside) perpetrators – hackers, hacktivists, competitors, disgruntled employees, etc. Attacks range in scope and sophistication, but are always there, haunting the security teams tasked with guarding against them. To cope with…
Apple: CIA’s Mac, iPhone Vulnerabilities Already Patched
Apple’s initial analysis of the iPhone and Mac exploits disclosed by WikiLeaks on Thursday shows that the vulnerabilities they use have already been patched. The company told WikiLeaks to send the information it possesses through the regular submission process. WikiLeaks’ second “Vault 7” dump, dubbed by the organization “Dark Matter,” includes documents describing tools allegedly…
Bug Allowed Theft of Over $400,000 in Zcoins
An implementation bug has allowed someone to make a profit of more than $400,000 after creating roughly 370,000 units of the Zcoin cryptocurrency, users were told on Friday. Zcoin (XZC), worth approximately $2 per unit, is an implementation of the Zerocoin protocol, which aims to provide fully anonymous currency transactions. Zerocoin has also been used…
Yahoo Notifies Users of Sophisticated Breach Methods
Yahoo said Wednesday it was notifying some users that hackers may have been able to use a maneuver to break into their accounts without stealing passwords. The latest notifications were in response to the record breach disclosed late last year affecting an estimated one billion users — which involved forging of “cookies” or files used…