College students representing 15 universities compete at Deloitte University for a real-world challenge of cyber and business complexity. Four students from Carnegie Mellon University won the 2019 Deloitte Foundation Cyber Threat Competition. Team members Karttik Panda, Veera Nandiraju, Sanika Suwant and Nishith Yadav each received $2,000 in scholarship money. Carnegie Mellon University teams have competed since the competition began five ...

Sixth annual corporate preparedness study also reveals that businesses lack confidence in preventing an attack. Are companies ready for today’s sophisticated cybercriminals and impact of data breaches? Experian’s  annual corporate preparedness study, Is Your Company Ready for a Big Data Breach?, reveals that progress has been made, but companies need to do better. Conducted by the Ponemon Institute, the findings reveal ...

Researchers have uncovered a swathe of vulnerabilities which impact visitor management systems in which automation has replaced human assistants. Automation, artificial intelligence (AI), machine learning (ML), the Internet of Things (IoT), and mobility have begun to permeate every aspect of our daily lives. In the hospitality industry, these technologies have presented an opportunity to improve the security of visitors and ...

During the second half of 2018, attackers bulked up existing tactics, rapidly evolvied new performance enhancements, and applied smart business techniques to vastly accelerate attack growth rate, according to the latest Threat Landscape Report by Netscout. IoT’s countdown to attack Constant targets of DDoS malware, IoT devices come under attack within five minutes of being plugged in and targeted by specific exploits ...

Security researchers have discovered a new class of security vulnerabilities that impacts all major operating systems, including Microsoft Windows, Apple macOS, Linux, and FreeBSD, allowing attackers to bypass protection mechanisms introduced to defend against DMA attacks. Known for years, Direct memory access (DMA)-based attacks let an attacker compromise a targeted computer in a matter of seconds by plugging-in a malicious hot plug ...

Coinhive, a notorious in-browser cryptocurrency mining service popular among cybercriminals, has announced that it will discontinue its services on March 8, 2019.Regular readers of The Hacker News already know how Coinhive’s service helped cyber criminals earn hundreds of thousands of dollars by using computers of millions of people visiting hacked websites. For a brief recap: In recent years, cybercriminals leveraged every ...

California Attorney General Xavier Becerra and Assemblymember Marc Levine (D-San Rafael) unveiled AB 1130, legislation to strengthen California’s data breach notification law to protect consumers. The bill closes a loophole in the state’s existing data breach notification law by requiring businesses to notify consumers of compromised passport numbers and biometric information. “Knowledge is power, and all Californians deserve the power to take ...

Facebook has found itself involved in another controversy, this time a cybersecurity researcher has revealed Microsoft Edge allows Flash Player content to be played on Facebook without notifying the user. Google Project Zero’s Ivan Fratric came across what is essentially a secret whitelist and reported it on November 26, 2018 and waited the usual 90 days before making his discovery public. ...

Of the 2.7 million exposed call recordings, almost 57,000 call recordings have filenames containing the telephone numbers of those who called the helpline. Researchers noted that the unprotected server available at nas.applion.se might have been impacted by almost 23 vulnerabilities with CVEs assigned between 2013 and 2018. A storage server containing real-time call recordings made to the 1177 Swedish Healthcare ...

Russian threat actors are almost eight-times faster at taking advantage of a compromised system compared to other nation-state actors, a tribute to their operational tradecraft, according to Crowdstrike’s 2019 Global Threat report. An analysis of what Crowdstrike calls “breakout time” shows the Russians are quicker, by a factor of eight, at moving laterally through a system and accomplishing their primary objectives then ...