News

Safari Full of Security Bugs, According to Google Test

Safari Full of Security Bugs, According to Google Test

Google’s Project Zero team recently used a new security testing toolkit on 5 browsers and found Safari had the most number of flaws. Using Domato, a “fuzzer” that inputs random data into a software application to test for abnormalities, Google engineer Ivan Fratric found that Safari had the worst results out of the 5 browsers that included Chrome, Firefox, Internet Explorer, and Edge. Safari was found to have a total of 17 security bugs after being subjected to 100 million fuzz tests. The team then contacted each browser vendor and gave them a bug report and a copy of the […]

DICT secretary Rodolfo Salalima Submits Resignation

DICT secretary Rodolfo Salalima Submits Resignation

Malacanang has confirmed earlier this week that the Philippines’ Department of Information and Communications Technology (DICT) Rodolfo Salalima has already submitted his resignation to President Rodrigo Duterte. Salalima said that he is stepping down due to “personal and work-related reasons”, but the Office of the Executive Secretary has not yet issued a statement as to whether the President has already accepted the resignation. However, the President himself had already revealed in a press conference in Marawi City that he is in the process of looking for a replacement for the Secretary. Salima was appointed in 2016 and oversaw a number […]

Uber Licensed to Operate in London Only Until Next Week

Uber Licensed to Operate in London Only Until Next Week

London’s transport regulator had removed Uber’s license to operate, saying that the company was unfit to hold a private vehicle hire license because of its conduct that can potentially impact public safety and security. The ride-sharing giant, which has around 40,000 drivers in England’s capital, will not be able to renew its license that expires on September 30, but Regulator Transport for London (TfL) will permit it to operate until the appeals process is done. TfL specifically pointed out Uber’s software called Greyball, which is used for doing driver background checks and reporting of criminal offences, can be used for […]

ISPs May be Involved in Latest FinFisher Malware Campaign

ISPs May be Involved in Latest FinFisher Malware Campaign

Cybersecurity company ESET recently revealed that a new campaign spreading the malware FinFisher has hit up to seven countries, and ISPs in two of them may have had involvement, along with their governments. Also known as FinSpy, the malware is often used by attackers to eavesdrop on communications and access files without being detected. ESET analyst Filip Kafka says that ISPs may have acted as a man-in-the-middle by redirecting users to legitimate apps trojanized with FinFisher. ESET adds that the geographical dispersion of the latest malware variants show that the attacks are happening at a level that suggest ISP involvement. […]

New Android App Can Detect Credit Card Skimmers

New Android App Can Detect Credit Card Skimmers

A new app that can detect credit card skimmers on ATM machines can now be downloaded from the Google Play Store. The Skimmer Scanner, created by Nick Poole, had already been installed 13,500 since Thursday. The app works by detecting Bluetooth modules used in most modern skimmers, which are often set to broadcast its ID. Nathan Seidle of SparkFun said that nowadays, criminals with little knowledge can easily build such cheap skimming devices. The low prices of these devices often make them unsecure, and Seidle adds that setting the ID to constantly broadcast was an obvious design flaw. Poole says […]

China Introduces Blockchain Research Lab in the Wake of ICO Ban

China Introduces Blockchain Research Lab in the Wake of ICO Ban

The Ministry of Industry and Information Technology of China has introduced the Trusted Blockchain Open Lab intended to nurture advancements in the blockchain field. The initiative comes after a recent ban on fundraisings based on Initial Coin Offerings (ICOs) by the People’s Bank of China (PBoC) and announcements from the government ceasing domestic cryptocurrency trade. A research institution from inside the ministry, China Academy of Information and Communications Technology (CAICT), operates the lab. The China Economic Review cited that the CAICT is working on a platform where blockchain companies and industry experts can collaborate in exploring various ways to use […]

Breach Victims Directed to Fake Site by Equifax

Breach Victims Directed to Fake Site by Equifax

After the recent Equifax breach, staff from the credit reporting company had reportedly been advising victims on social media platform, Twitter, to an incorrect web address; securityequifax2017.com, instead of equifaxsecurity2017.com. The website was created by Equifax to support victims of the security breach that compromised the data of around 143 users in the US alone. There is an estimated 100,000 affected citizens in Canada and about 400,000 in the United Kingdom. securityequifax2017.com is a bogus support site created by security researcher Nick Sweeting to demonstrate how easy it is for hackers to pose as legit domains. Sweeting believes that the […]

US Allies Pressure Spy Agency to Lay Low

US Allies Pressure Spy Agency to Lay Low

The United States’ National Security Agency (NSA), has been pressured by a global team of expert cryptographers to back down two of the data encryption techniques it has been pushing for implementation as industry standards around the world. According to Reuters, the correspondence from industry specialists from countries that included Israel, Germany, and Japan, expressed concern that the NSA was pushing for the new encryption tools primarily because it had the ability to go around it, and not because of its benefits. Simon and Speck, the two NSA data encryption techniques, had been discussed in a number of closed-door meetings […]

Large Tech Companies Targeted in CCleaner Malware Attack

Large Tech Companies Targeted in CCleaner Malware Attack

The recent attack on CCleaner is suspected to have been the work of a cyber-espionage group based in China that focuses on a list of large tech companies from the west. Evidence pointed to hacker group Axiom, who has also been called DeputyDog, Hidden Lynx, Tailgater Team, APT17, AuroraPanda, Group 72, or Voho – depending on the security firm. Kaspersky Lab’s Director of the Global Research and Analysis Team, Costin Raiu first identified the relationship between the injected malware in the infected CCleaner app and Axiom. Floxif, the malware embedded in the 32-bit versions of CCleaner 5.33.6162 and CCleaner Cloud […]

Hackers May Use Stolen SEC Data for Inside Trading

Hackers May Use Stolen SEC Data for Inside Trading

The government body regulating the financial sector for the United States, Securities and Exchange Commission (SEC), revealed its systems have been attacked last May. Jay Clayton, SEC Chairman, reported that hackers had breached the agency’s Electronic Data Gathering, Analysis, and Retrieval (EDGAR), which is a database that holds past financial data, future announcements, and company filings. Clayton mentioned that the hackers took advantage of a vulnerability in a test filing component of EDGAR. This enabled the attackers to access to private filings and yet-to-be released news that may affect the market. CEO of web security company High-Tech Bridge, Ilia Kolochenko, […]