News

Emerging cyberattacks and threats

• August 17, 2018 17 Aug'18

  Intel disclosed Spectre-like L1TF vulnerabilities

  News roundup: Intel disclosed L1TF vulnerabilities with similarities to Spectre, but with a focus on data. Plus, the NIST Small Business Cybersecurity Act is now a law, and more.

• August 17, 2018 17 Aug'18

  ICS security fails the Black Hat test

  Industrial control systems hit the mainstream at Black Hat this year, with over two dozen program sessions tackling different angles of the subject. The takeaway: Vendors still aren't really trying.

• August 10, 2018 10 Aug'18

  2018 Pwnie Awards cast light and shade on infosec winners

  The Meltdown and Spectre research teams won big at the Pwnie Awards this year at Black Hat, while the late-entry Bitfi Wallet team overwhelmingly won for Lamest Vendor Response.

• August 10, 2018 10 Aug'18

  WhatsApp vulnerabilities let hackers alter messages

  News roundup: New WhatsApp vulnerabilities enabled hackers to alter messages sent in the app. Plus, the PGA was hit with a ransomware attack, and more.

• August 06, 2018 06 Aug'18

  Coinhive malware infects tens of thousands of MikroTik routers

  The cryptominer Coinhive malware has infected tens of thousands of MikroTik routers around the world, as malicious actors take advantage of poor patching habits by users.

• August 02, 2018 02 Aug'18

  Black Hat 2018 conference coverage

  The SearchSecurity team covers the latest threats and vulnerabilities featured at this year's Black Hat USA with news, interviews and more from Las Vegas.

• July 27, 2018 27 Jul'18

  LifeLock vulnerability exposed user email addresses to public

  News roundup: A LifeLock vulnerability exposed the email addresses of millions of customers. Plus, Amazon's Rekognition misidentified 28 members of Congress as criminals, and more.

• July 13, 2018 13 Jul'18

  Ticketmaster breach part of worldwide card-skimming campaign

  News roundup: The Ticketmaster breach was part of a massive digital credit card-skimming campaign. Plus, the U.K. fined Facebook over the Cambridge Analytica scandal, and more.

• July 11, 2018 11 Jul'18

  GandCrab ransomware adds NSA tools for faster spreading

  NSA exploit tools have already been used in high-profile malware. And now, GandCrab ransomware v4 has added the NSA's SMB exploit in order to spread faster.

• July 10, 2018 10 Jul'18

  Stolen digital certificates used in Plead malware spread

  Researchers found the spread of Plead malware was aided by the use of stolen digital certificates, making the software appear legitimate and hiding the true nature of the attacks.

• June 29, 2018 29 Jun'18

  McAfee details rise in blockchain threats, cryptocurrency attacks

  McAfee's new 'Blockchain Threat Report' charts a dramatic rise in cryptomining malware and details four major attack vectors for cryptocurrency-related threats.

• June 22, 2018 22 Jun'18

  China-based Thrip hacking group targets U.S. telecoms

  News roundup: China-based Thrip hacking group used legitimate tools to attack companies in the U.S. and Southeast Asia. Plus, election officials didn't know about hacks, and more.

• June 18, 2018 18 Jun'18

  PyRoMineIoT cryptojacker uses NSA exploit to spread

  The latest malware threat based on the EternalRomance NSA exploit is PyRoMineIoT, a cryptojacker infecting IoT devices. But experts said the NSA shouldn't be held responsible for the damages.

• May 31, 2018 31 May'18

  Risk & Repeat: Are ICS threats being overblown or ignored?

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss dangers to critical infrastructure in the wake of a new report on the threat actors behind the Trisis malware.

• May 31, 2018 31 May'18

  Dragos' Robert Lee discusses latest ICS threats, hacking back

  In part two of this interview from RSA Conference 2018, Dragos CEO Robert Lee discusses the latest threats to industrial control systems and how those threats can be exaggerated.