Larry Loeb
Content posted in July 2018
New Spectre-Like Vulnerability Allows for Remote Data Theft
Larry Loeb  
7/30/2018   5 comments
Researchers have found new Spectre-like vulnerability in x86 processors called NetSpectre, which allows attackers to steal data remotely.
Symantec: Leafminer Group Is a Dangerous Group of Amateurs
Larry Loeb  
7/27/2018   12 comments
While the Leafminer group has been causing significant problems in the Middle East for well over a year, Symantec notes that the group is doing so using rather amateurish techniques.
Bluetooth Vulnerability Opens Up Man-in-the-Middle Attacks
Larry Loeb  
7/25/2018   3 comments
With almost certainly hypothetical, this vulnerability in Bluetooth's protocol could result in a man-in-the-middle attack and allow the culprits to steal personal data off a device.
DNS Rebinding Attack Could Affect Half a Billion IoT Devices
Larry Loeb  
7/23/2018   4 comments
From smart speakers to printers to IP-connected video equipment, DNS rebinding attacks are targeting a number of IoT-based devices.
More Data Breaches in Store for US Retail Industry
Larry Loeb  
7/20/2018   13 comments
A report from Thales eSecurity and 451 Research finds that the security systems of US retailers are getting breached more often than their global counterparts. As a result, IT is rethinking its security spending.
Researchers Detail Spoofing Attack Against Vehicle GPS
Larry Loeb  
7/17/2018   3 comments
A new paper shows that with the right amount of hardware and know-how, an attacker can spoof a vehicle's GPS system and change the route.
Broadcom's Deal for CA Puts Big Iron in the Spotlight
Larry Loeb  
7/16/2018   Post a comment
With Broadcom buying CA for $18.9 billion, old-time big iron is suddenly cool again. Here's what it means for security and software development.
Bug Bounty Programs Paying Off for Enterprises
Larry Loeb  
7/13/2018   3 comments
The number of bug bounty programs continues to grow, and enterprise security is better for it. A new report urges more businesses to embrace and not squash these initiatives.
Magecart Group Seen as Hidden Hand Behind Ticketmaster Attack
Larry Loeb  
7/11/2018   4 comments
By targeting third-party vendors that Ticketmaster uses to help process payment, the Magecart group appears to be expanding the scope of its cybercrimes, according to RiskIQ.
Attackers Combining Smoke Loader & PROPagate in New Campaign
Larry Loeb  
7/9/2018   Post a comment
Cisco Talos researchers have found that attackers have started to combine Smoke Loader and the PROPagate injection in a new campaign delivered through phony Word documents.
Google, Firefox Pull Stylish After Report Shows How Data Is Collected
Larry Loeb  
7/6/2018   23 comments
A security researcher showed how the Stylish browser extension sent personal data and search results back to the parent company, and this forced Mozilla and Google to yank it off their stores.
Researchers Show How Attackers Can Crack LTE Data Link Layer
Larry Loeb  
7/4/2018   4 comments
In a paper, researchers show how an attacker with the right equipment can crack the data link layer of an LTE network. It's mostly theoretical, but it shows why upcoming 5G security standards need to be tougher.




Latest Articles
Cisco's research has proven that beyond meeting compliance requirements, good privacy is good for business and individuals.
Once again, a novel 'speculative execution side-channel' attack has been discovered by researchers.
Security researchers have found that the implementation in Remote Desktop Gateway of string segmentation lays it open to memory corruption vulnerabilities.
In Q4 of 2019, the average ransom payment increased by 104% to $84,116, finds Coveware report.
DHS-CISA has issued a security advisory about GE Carescape medical instrumentation that enumerates many vulnerabilities present in them.
Information Resources
upcoming Webinars
ARCHIVED
Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization
Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London
Podcasts
Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
Podcast archive
Flash Poll
Video
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2020 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with