In-brief: Close to five billion “fuzzing” tests conducted during 2016 reveal protocols used by industrial control systems, vehicles and Internet of Things devices to be weaker, on average, with many crashing hundreds of times and revealing vulnerabilities that could be used by malicious actors. (Editor’s note: added comment by Chris Clark. Aug 9 2017 – PFR)
Hackers working on behalf of the government of Iran are using alluring social media profiles featuring a young, English photographer to entice and then compromise the systems of high value targets in the oil and gas industry, according to a report by Dell Secureworks. In a report released on Thursday, Secureworks’ Counter Threat Unit (CTU) said that it observed an extensive phishing campaign beginning in January and February 2017 that used a polished social media profile of a young, English woman using the name “Mia Ash” to conduct highly targeted spear-phishing and social engineering attacks against employees of Middle Eastern and North Africa firms in industries like telecommunications, government, defense, oil and financial services. The attacks are the work of an advanced persistent threat group dubbed COBALT GYPSY or “Oil Rig” that has been linked to other sophisticated attacks. The attacks, which spread across platforms including LinkedIn and Facebook, as […]
In-brief: Two, serious flaws in a common wireless router made by the firm TP-Link open the door to a hacker gaining control over the device, just the latest flaw revealed in broadband and wifi routers, the firm Senrio said Monday.
In-brief: Russia, China and North Korea are increasingly willing to use offensive cyber operations to weaken their enemies, including the United States, according to a report by the firm Flashpoint, which released its Business Risk Index report on Tuesday.
In-brief: data from the firm BitSight finds a link between outdated web browser and operating system software and headline-grabbing breaches. Are we surprised?
