Dark Side Quantum Computing

New Foreshadow Vulnerabilities Defeat Memory Defenses on Intel CPUs

Security researchers have uncovered a new way to exploit the speculative execution feature of Intel CPUs to bypass memory security barriers and leak protected information. The vulnerability, known as Foreshadow or L1 Terminal Fault (L1TF), has three variants. The original variant was discovered by a team of researchers from KU ... Read More
Security Boulevard
Man-in-the-Disk Attack Lets Hackers Bypass Android App Sandbox Security

Man-in-the-Disk Attack Lets Hackers Bypass Android App Sandbox Security

Researchers have devised a new attack technique that takes advantage of how apps use the external storage of Android devices to store files to bypass security restrictions. Under the Android security model each application runs inside a sandbox, which means other applications can’t access to its internal files and secrets. However, ... Read More
Security Boulevard
Industrial Control Gateways

Industrial Control Gateways: It’s Like Exploiting in the 1990s

Industrial control gateways play a critical role in industrial infrastructure, linking systems and sensors that communicate using protocols such as Modbus or serial to IP networks for easier remote management and monitoring. However, many such devices have critical vulnerabilities that stem from well-known insecure programming practices that could have been ... Read More
Security Boulevard
Asian Dark Web Communities Thrive on Cultural Differences

Asian Dark Web Communities Thrive on Cultural Differences

A new report sheds light on the little-understood dark web markets in Asia, showing how they’re driven by cultural differences and local government policies. Researchers from IntSights Cyber Intelligence have investigated dark web cybercrime websites in Japan, China, South Korea, Indonesia and Vietnam to see how they differ from their ... Read More
Security Boulevard
New WPA2 Attack Can Compromise Wireless Networks

New WPA2 Attack Can Compromise Wireless Networks

Researchers have found a new and easier way of attacking wireless networks protected by the WPA2 security standard that could work against certain routers with roaming enabled. The new technique was discovered by Jens Steube, the lead developer of the Hashcat password-cracking tool, while he was investigating the new WPA3 ... Read More
Security Boulevard
Stealing Infrastructure Cryptomining Attacks

170K+ MikroTik Routers Inject Cryptomining Script

A hacker has managed to compromise more than 170,000 routers made by MikroTik and uses them to inject browser-based cryptomining scripts into legitimate websites visited by users. According to Simon Kenin, a researcher a Trustwave who spotted and investigated the attack, the hacker is breaking into routers by exploiting a ... Read More
Security Boulevard
Iran-Linked RASPITE Group Targets U.S. Electric Utilities

Iran-Linked RASPITE Group Targets U.S. Electric Utilities

A known threat group believed to be based in Iran is trying to gain access to computer infrastructure belonging to U.S. electric utility organizations. The group, which researchers from industrial control systems (ICS) security firm Dragos track as RASPITE, has been operating since 2017 and has previously targeted organizations from ... Read More
Security Boulevard
Supreme Court Ruling Changes

U.S. Charges 3 Members of the Notorious FIN7 Cybercriminal Group

The U.S. Department of Justice announced charges against three leading members of a cybercriminal group called FIN7 that hacked into more than 100 U.S. businesses. The three men are Ukrainian nationals and are already in custody. FIN7, also known as Carbanak, is a group that has been operating since 2015 ... Read More
Security Boulevard
Highly Targeted Ransomware SamSam Earned Its Creator $6 Million

Highly Targeted Ransomware SamSam Earned Its Creator $6 Million

A ransomware threat called SamSam that’s known for crippling IT systems in hospitals, schools and government organizations has made many more victims than previously believed. Security researchers from Sophos worked with cryptocurrency tracking firm Neutrino to follow ransom payments associated with SamSam and found that they totaled nearly $6 million, ... Read More
Security Boulevard
Safeguard Email Compromised Attacks

Researchers Uncover Massive Malvertising Operation

While analyzing recent drive-by download attacks, security researchers have uncovered a large malvertising operation that infiltrated the legitimate online ad ecosystem and abuses more than 10,000 compromised websites. Malicious advertising, or malvertising, is the practice of displaying rogue ads on legitimate websites without their owners’ consent or knowledge. This has ... Read More
Security Boulevard
Loading...