Menu 
  • Wordpress-start-image

WordPress vulnerability leaves millions of servers open to hacks

WordPress Plugins or themes that leverages the genericons package is vulnerable to a DOM-based Cross-Site Scripting (XSS) vulnerability due to an insecure file included with genericons.

JetPack plugin and the TwentyFifteen theme (installed by default) are found to be vulnerable. The exact count is difficult to grasp, but both the plugin and theme are default installs in millions of WordPress installs.

The main issue here is the genericons package, so any plugin that makes use of this package is potentially vulnerable if it includes the example.html file that comes with the package.

By |May 7th, 2015|Cyber News|0 Comments
Read More
  • padlock

Cyber attacks will cause real world harm in next seven years

New technologies such as Google Glass and IPv6 will lead to new, deadly forms of cyber attack if current manufacturing security practices continue, according to experts from Europol, Trend Micro and The International Cyber Security Protection Alliance (ICSPA).

The experts made the warning in a recently published Scenarios for the Future of Cyber Crime white paper. The paper explored what threats the experts expect to emerge in the next six and a half years and is the result of collaborative research between law enforcement, academia, governments and industry.

Trend Micro’s vice president of security research Rik Ferguson highlighted innovations moving us towards […]

By |September 26th, 2013|Cyber News|1 Comment
Read More
  • cyber-attacks

Cyber attacks to escalate over next decade

Medical implants, cars and critical infrastructure such as gas pipelines could be at risk from cyber attacks by the end of the decade.

Explosive growth in the number of devices connected to the internet will open up new threats to people and infrastructure, a study backed by police and businesses claims.

The study, carried out by Europol’s European Cybercrime Centre, along with the International Cyber Security Protection Alliance (ICSPA) – a body which brings together law enforcement organisations and technology companies – predicts a huge growth in virtual reality technologies.

People will use augmented reality spectacles or contact lenses to download information as […]

By |September 26th, 2013|Cyber News|0 Comments
Read More
  • hackersanon

Kaspersky Lab Uncovers New Cyber Hit-n-Run Operation Called ‘Icefog’

Cybersecurity firm Kaspersky Lab said Thursday that it’s discovered a group of “cyber-mercenaries” called “Icefog”. Target: government and military institutions.

Most of the victims have been in South Korea and Japan. But the Icefog campaign is coming to an American company near you, Kaspersky Lab security analysts said during the 4th Annual Billington Cybersecurity Summit in Washington DC today.

Icefog is an advanced persistent threat, or APT in cyber security parlance. Only, they’re different than the usual APT. These skilled high tech adversaries tend to gun for high-profile victims and stealthily infiltrate computer systems to snoop or steal valuable […]

By |September 26th, 2013|Cyber News|0 Comments
Read More
  • hacker

Should Madware Be Considered An Internet Security Threat?

A recent technology discussed in the realm of internet security is madware (mobile adware).  The primary question is whether or not it is a legitimate threat to security or simply a terrible inconvenience.  Adware on mobile devices is more noticeable than adware on traditional computers because the viewing screens are significantly smaller.  While the same number of ads may be displayed, it is more overwhelming on  smaller mobile screens.

Madware is a Growing Problem

There is no denying that the amount of advertising seen on mobile devices has skyrocketed over the past several years.  One recent study noted the number of apps […]

By |September 10th, 2013|Cyber News|0 Comments
Read More
  • cyberwarfare

Snowden Leak Reveals NSA conducted 231 Offensive Cyber Operations in 2011

US intelligence carried out 231 offensive cyber-ops in 2011, nearly three-quarters of them against key targets such as Iran, Russia, China and N. Korea, as well as nuclear proliferation, a classified report obtained by The Washington Post says.

The “most challenging targets” also include suspected terrorists “in Afghanistan, Pakistan, Yemen, Iraq, Somalia, and other extremist safe havens,” according to one list of priorities. US budget documents describe the attacks as “active defense.”

Some cyber-operations reportedly feature what one budget document calls “field operations” organized “to physically place hardware implants or software modifications” with the help of CIA operatives or clandestine military forces.

An […]

By |August 31st, 2013|Cyber News|0 Comments
Read More
  • Edward Snowden

REPORT: ‘Brilliant’ Snowden Digitally Impersonated NSA Officials

Edward Snowden successfully assumed the electronic identities of top NSA officials to access some of the secret National Security Agency documents he leaked, Richard Esposito, Matthew Cole and Robert Windrem of NBC News report.

“Every day, they are learning how brilliant was,” a former U.S. official with knowledge of the case told NBC. “This is why you don’t hire brilliant people for jobs like this. You hire smart people. Brilliant people get you in trouble.”

The 30-year-old’s role as a “system administrator” meant that he was able to access NSAnet, the agency’s intranet, using those user profiles and without leaving any […]

By |August 30th, 2013|Cyber News|0 Comments
Read More
  • security

Banks and Utilities Possible Targets from Wave of Syrian Cyber Attacks

The U.S. is planning for a possible wave of computer attacks against companies by hackers connected to Syria or Iran in retaliation for any military strike against the government of Bashar al-Assad, according to a person familiar with the planning.

The National Security Agency has tapped hackers’ computers in the Middle East to assess their ability to disrupt power grids, financial systems or other critical infrastructure, according to another person familiar with those operations.

The preparations, part of wide-ranging plans by the Pentagon, took on added urgency after this week’s attack on the New York Times’ website by the Syrian Electronic Army, […]

By |August 29th, 2013|Cyber News|0 Comments
Read More
  • cyberwarfare

Syrian Electronic Army claim ‘take over’ of Twitter and New York Times in Cyber Attacks

Hacker group the Syrian Electronic Army “took over” the domain name of Twitter yesterday as it unleashed a series of cyber attacks on news organisations.

The group, which supports the regime of President Assad, also claimed successful attacks on the New York Times and Huffington Post on Tuesday.

Last night, Twitter’s status blog confirmed that its “DNS (domain name system) provider experienced an issue in which it appears DNS records for various organisations were modified, including one of Twitter’s domains used for image serving”.

The SEA’s own Twitter feed warned of the attacks by posting a message saying “Media is going down”.

According to […]

By |August 28th, 2013|Cyber News|0 Comments
Read More
  • cyber-attacks

Warning of Major Cyber Event by Outgoing US Homeland Security Secretary Janet Napolitano

Outgoing United States Homeland Security Secretary Janet Napolitano today warned of a “major cyber event” in the future that would have a “serious” impact on American society.

In what she described as “a kind of open letter to my successor,” Napolitano warned of terrorist threats, major weather events as a result of climate change and the need to strengthen united states border security.

“Our country will, for example, at some point, face a major cyber event that will have a serious effect on our lives, our economy, and the everyday functioning of our society,” she said.

Napolitano, who resigned in July and will […]

By |August 27th, 2013|Cyber News|0 Comments
Read More