Article Trunk



Posts Tagged ‘computer security’

Hundreds of Orpak gas station systems can be easily hacked, thanks to hardcoded passwords

Homeland Security’s cybersecurity agency says a popular gas station software contains several security vulnerabilities that require “low skill” to exploit. The advisory, posted by the Cybersecurity and Infrastructure Security Agency (CISA), gave the Orpak SiteOmat software a rare vulnerability severity rating of 9.8 out of 10. Orpak’s SiteOmat systems monitor the amount of fuel stored ...

Job recruitment site Ladders exposed 13 million user profiles

Ladders, one of the most popular job recruitment sites in the U.S. specializing in high-end jobs, has exposed more than 13.7 million user records, following a security lapse. The New York-based company left an Amazon -hosted Elasticsearch database exposed without a password, allowing anyone to access the data. Sanyam Jain, a security researcher and a ...

Why your CSO, not your CMO, should pitch your security startup

Whenever a security startup lands on my desk, I have one question: Who’s the chief security officer (CSO) and when can I get time with them? Having a chief security officer is as relevant today as a chief marketing officer (CMO) or chief re boss. Just as you need to make sure your offering looks ...

A new cryptocurrency mining malware uses leaked NSA exploits to spread across enterprise networks

Two years after highly classified exploits built by the National Security Agency were stolen and published, hackers are still using the tools for nefarious reasons. Security researchers at Symantec say they’ve seen a recent spike in a new malware, dubbed Beapy, which uses the leaked hacking tools to spread like wildfire across corporate networks to ...

The UK’s latest list of most hacked passwords is as bad as you’d think

Names, soccer players, musicians and fictional characters make up some of the worst passwords of the year, according to the U.K. government’s National Cyber Security Center. But nothing beats “123456” as the worst password of all. It’s no shock to any seasoned security pro. For years, the six-digit password has been donned the worst password ...

Chipotle customers are saying their accounts have been hacked

A stream of Chipotle customers have said their accounts have been hacked and are reporting fraudulent orders charged to their credit cards — sometimes totaling hundreds of dollars. Customers have posted on several Reddit threads complaining of account breaches and many more have tweeted at @ChipotleTweets to alert the fast food giant of the problem. ...

Scranos, a new rootkit malware, steals passwords and pushes YouTube clicks

Security researchers have discovered an unusual new malware that steals user passwords and account payment methods stored in a victim’s browser — and also silently pushes up YouTube subscribers and revenue. The malware, Scranos, infects with rootkit capabilities, burying deep into vulnerable Windows computers to gain persistent access — even after the computer restarts. Scranos ...

Google turns your Android phone into a security key

Your Android phone could soon replace your hardware security key to provide two-factor authentication access to your accounts. As the company announced at its Cloud Next conference today, it has developed a Bluetooth-based protocol that will be able to talk to its Chrome browser and provide a standards-based second factor for access to its services, ...

A powerful malware that tried to blow up a Saudi plant strikes again

A highly capable malware reportedly used in a failed plot to blow up a Saudi petrochemical plant has now been linked to a second compromised facility. FireEye researchers say the unnamed “critical infrastructure” facility was the latest victim of the powerful Triton malware, the umbrella term for a series of malicious custom components used to ...

No one, not even the Secret Service, should randomly plug in a strange USB stick

If you’ve been on Twitter today, you’ve probably seen one story making the rounds. So the Secret Service stuck Zhang's thumbdrive into their computer. https://t.co/0T6LAfOtEl pic.twitter.com/RSfUgw4I4n — Chris Wysopal (@WeldPond) April 8, 2019 The case follows a Chinese national, Yujing Zhang, who is accused of trying to sneak into President Trump’s private Florida resort Mar-a-Largo ...