Security News

  • The Next Web
  • The Hackers News
  • Naked Security
  • HelpNet Security
  • NIST
  • Security Week
  • Threat Post
  • Security Week
  • Security Affairs
  • IT World Canada
  • Error
  • Tech Channel


As the European Parliament’s ‘Mr Privacy,’ Jan Philipp Albrecht, said: “It is a bad sign that Mark Z [...]

Deep-pocketed Korean conglomerate Samsung today announced it will open a massive AI research center, [...]

With security threats a daily concern for anyone on the web, it’s probably no surprise that the no. [...]

Anonymous cryptocurrency Verge can’t seem to catch a break. It appears that hackers have again explo [...]

Yesterday, Sony announced a 10-inch digital paper tablet, snappily named the DPT-CP1. This is a bit [...]

Following the Cambridge Analytica affair and the massive leak of 87 million people’s data revealed e [...]

HackerRank today published its 2018 Tech Recruiting Report. The paper examines trends and perspectiv [...]

Yubico, the maker of the popular YubiKey hardware two-factor authentication (2FA) token, has announc [...]

It isn’t just the initial coin offerings (ICOs) that are running rampant, it seems cryptocurrency fo [...]

Cost per click is sabotaging you when it comes to ad campaign management. You could spend days sifti [...]

New Spectre (Variant 4) CPU Flaw Discovered—Intel, ARM, AMD AffectedSecurity researchers from Microsoft and Google have discovered a fourth variant of the data-leaking [...]

DNS-Hijacking Malware Targeting iOS, Android and Desktop Users WorldwideWidespread routers' DNS hijacking malware that recently found targeting Android devices has now [...]

Nethammer—Exploiting DRAM Rowhammer Bug Through Network RequestsLast week, we reported about the first network-based remote Rowhammer attack, dubbed Throwhammer, wh [...]

Another severe flaw in Signal desktop app lets hackers steal your chats in plaintextFor the second time in less than a week, users of the popular end-to-end encrypted Signal messaging [...]

Red Hat Linux DHCP Client Found Vulnerable to Command Injection AttacksA Google security researcher has discovered a critical remote command injection vulnerability in the [...]

Hackers Reveal How Code Injection Attack Works in Signal Messaging AppAfter the revelation of the eFail attack details, it's time to reveal how the recently reported [...]

Adobe Releases Critical Security Updates for Acrobat, Reader and Photoshop CCAdobe has just released new versions of its Acrobat DC, Reader and Photoshop CC for Windows and macO [...]

Here's How eFail Attack Works Against PGP and S/MIME Encrypted EmailsWith a heavy heart, security researchers have early released the details of a set of vulnerabilities [...]

Simple bug could lead to RCE flaw on apps built with Electron FrameworkA critical remote code execution vulnerability has been discovered in the popular Electron web appli [...]

Critical Flaws in PGP and S/MIME Tools Can Reveal Encrypted Emails in PlaintextNote—the technical details of the vulnerabilities introduced in this article has now been released, [...]

Severe Bug Discovered in Signal Messaging App for Windows and LinuxSecurity researchers have discovered a severe vulnerability in the popular end-to-end encrypted Sign [...]

Google Makes it Mandatory for OEMs to Roll Out Android Security Updates RegularlySecurity of Android devices has been a nightmare since its inception, and the biggest reason being i [...]

7 Chrome Extensions Spreading Through Facebook Caught Stealing PasswordsLuring users on social media to visit lookalike version of popular websites that pop-up a legitimate [...]

New Rowhammer Attack Can Hijack Computers Remotely Over the NetworkExploitation of Rowhammer attack just got easier. Dubbed ‘Throwhammer,’ the newly discovered techniq [...]

5 Powerful Botnets Found Exploiting Unpatched GPON Router FlawsWell, that did not take long. Within just 10 days of the disclosure of two critical vulnerabilities [...]

Self-destructing messages received on 'Signal for Mac' can be recovered laterIt turns out that macOS client for the popular end-to-end encrypted messaging app Signal fails to pr [...]

Microsoft Adds Support for JavaScript in Excel—What Could Possibly Go Wrong?Shortly after Microsoft announced support for custom JavaScript functions in Excel, someone demonstr [...]

Microsoft Patches Two Zero-Day Flaws Under Active AttackIt's time to gear up for the latest May 2018 Patch Tuesday. Microsoft has today released securi [...]

Hackers Found Using A New Way to Bypass Microsoft Office 365 Safe LinksSecurity researchers revealed a way around that some hacking groups have been found using in the wil [...]

A Simple Tool Released to Protect Dasan GPON Routers from Remote HackingSince hackers have started exploiting two recently disclosed unpatched critical vulnerabilities foun [...]

Two Romanian Hackers Extradited to the U.S. Over $18 Million Vishing ScamTwo Romanian hackers have been extradited to the United States to face 31 criminal charges including [...]

Twitter is Testing End-to-End Encrypted Direct MessagesTwitter has been adopting new trends at a snail's pace. But it’s better to be late than never. [...]

First-Ever Ransomware Found Using ‘Process Doppelgänging’ Attack to Evade DetectionSecurity researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new [...]

Android P to Block Apps From Monitoring Device Network ActivityDo you know that any app you have installed on your Android phone can monitor the network activities [...]

8 New Spectre-Class Vulnerabilities (Spectre-NG) Found in Intel CPUsA team of security researchers has reportedly discovered a total of eight new "Spectre-class [...]

TeenSafe phone monitoring app leaks teens’ iCloud logins in plaintextThe "secure" monitoring app is used by over a million parents. [...]

Please vote for Naked Security at the European Blogger Awards 2018!We've been nominated in 8 categories at the European Blogger Awards 2018... but we need your he [...]

DrayTek router user? Patch now to keep the crooks out…DrayTek has announced a security hole in its Vigor range of routers. [...]

Mugshots.com’s alleged owners arrested for extortionMugshots.com publishes people's mugshots and extorts a removal fee. [...]

Guilty! Anti-anti-virus crook convicted, could spend decades in jailScan4you crook is looking at a maximum penalty of 35 years [...]

Facebook conspiracy theories after Android app tries to “get root”Facebook's Android app suddenly started making a bid for superuser access. Conspiracy theories [...]

Real-time cellphone location data leaked for all major US carriersFrom the carriers to LocationSmart to 3Cinteractive to Securus: there appears to be a chain pockmark [...]

Chrome drops ‘secure’ label for HTTPS websitesWhen it comes to browser security, how important are the address bar icons and labels that tell user [...]

Monday review – the hot 20 stories of the weekFrom Nest turning up the heat on password reuse and the Red Hat vulnerability to the Chili's Po [...]

Senate votes to restore net neutrality… but don’t get your hopes upIt's people-pleasing, but it's probably just symbolic. [...]

A new flaw that can allow an attacker to obtain access to sensitive information on affected systems [...]

Coronet researchers identified Las Vegas, Memphis and Charlotte as America’s most cyber insecure cit [...]

A mature anti-phishing program keeps organizations safer, claims Cofense, and offers as proof the de [...]

Recent cybersecurity events involving the use of ransomware (WannaCry and similar variants) represen [...]

The number of open source components in the codebase of proprietary applications keeps rising and wi [...]

Nine of the 10 captured organized criminal email groups operate out of Nigeria, they all leverage a [...]

Android users eager to play the increasingly popular Fortnite survival game on their mobile devices [...]

Google expects HTTPS to become the default, and is preparing users for it by slowly moving Chrome to [...]

Threat intelligence is mainstreaming into a de-facto everyday tool of cyber-defense. But all that in [...]

The General Data Protection Regulation (GDPR) compliance deadline looms four days away, but only 29 [...]

This publication approves the XTS-AES mode of the AES algorithm for data on storage devices. [...]

Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cyc [...]

Researchers at the Black Hat security conference on Thursday showed an iPhone security flaw which ex [...]

The Mozilla Firefox browser experiences it`s first ever Zeroday exploit. (Fixed) [...]

FoxNews is reporting that a Hacker is attempting extort $10 million from the State of Virginia [...]

So many people have asked for our help with infected computers that we put together this review of f [...]

Conflicker updates its self to include a keylogger and tools to find passwords and finanacial data. [...]

The "Conflicker" worm is set to trigger on April 1st. We provide the basic links you need [...]

NOD32 virus version 3918 is quarantining important Windows files [...]

Perfect Operational Security (OPSEC) Needs to Start From Day One read more [...]

CISO Survey Shows the Importance of Threat Hunting in the Finance Sector read more [...]

Two unpatched vulnerabilities in Dasan’s Gigabit-capable Passive Optical Network (GPON) routers are [...]

FireEye on Monday announced the availability of a platform to allow organizations and pentesters che [...]

VMware informed customers on Monday that updates for its Fusion and Workstation products patch impor [...]

Intel, AMD, ARM, IBM, Microsoft and other major tech companies on Monday released updates, mitigatio [...]

Dell Patches Local Privilege Escalation in SupportAssist Dell recently addressed a local privilege e [...]

Attackers have been targeting a zero-day vulnerability in routers made by DrayTek to change their DN [...]

Recent attacks orchestrated by a hacking group referred to as “Sun Team” have targeted North Korean [...]

Several vulnerabilities, including ones rated critical and high severity, have been patched in indus [...]

While the upcoming GDPR compliance deadline will mark an unprecedented milestone in security, it sho [...]

An 18-year-old researcher has earned more than $36,000 from Google after finding a critical remote c [...]

Aachen, Germany-based firm Utimaco will acquire the Atalla hardware security module (HSM) and enterp [...]

The Drupal websites hacked by cybercriminals using the vulnerabilities known as Drupalgeddon2 and Dr [...]

Updates announced on Friday by the Internet Systems Consortium (ISC) for BIND, the most widely used [...]

A dataset allegedly containing 200 million unique sets of personally identifiable information (PII) [...]

Finland-based cybersecurity firm F-Secure on Thursday announced the launch of a new endpoint detecti [...]

A misconfigured server operated by CalAmp, a company offering the backend for a broad range of well- [...]

Google is putting yet another nail in the HTTP coffin: starting with Chrome 70, pages that are not s [...]

Intel on Monday acknowledged that its processors are vulnerable to another Spectre-like speculative [...]

A botnet called Brain Food is pushing diet pills via infected WordPress and Joomla websites. [...]

Records for a mobile app that parents can use to monitor what their kids are doing online has been e [...]

Analysis shows that the malware, previously a banking trojan focused on Android devices, has rapidly [...]

The code is integrated with at least three exploits that target unpatched IoT devices, including clo [...]

The U.S. Senate gave the nod to restoring the 2015 Open Internet Order, putting net neutrality on th [...]

A type of card-not-present fraud is spreading throughout the Latin American underground, uniting gro [...]

Threatpost editors Tom Spring, Tara Seals and Lindsey O'Donnell discuss the week’s information [...]

A recently discovered malware steals cache data and messaging sessions from the desktop version of e [...]

Researchers created a proof-of-concept attack that allows remote attackers to access protected APIs [...]

Perfect Operational Security (OPSEC) Needs to Start From Day One read more [...]

CISO Survey Shows the Importance of Threat Hunting in the Finance Sector read more [...]

Two unpatched vulnerabilities in Dasan’s Gigabit-capable Passive Optical Network (GPON) routers are [...]

FireEye on Monday announced the availability of a platform to allow organizations and pentesters che [...]

VMware informed customers on Monday that updates for its Fusion and Workstation products patch impor [...]

Intel, AMD, ARM, IBM, Microsoft and other major tech companies on Monday released updates, mitigatio [...]

Dell Patches Local Privilege Escalation in SupportAssist Dell recently addressed a local privilege e [...]

Attackers have been targeting a zero-day vulnerability in routers made by DrayTek to change their DN [...]

Recent attacks orchestrated by a hacking group referred to as “Sun Team” have targeted North Korean [...]

Several vulnerabilities, including ones rated critical and high severity, have been patched in indus [...]

While the upcoming GDPR compliance deadline will mark an unprecedented milestone in security, it sho [...]

An 18-year-old researcher has earned more than $36,000 from Google after finding a critical remote c [...]

Aachen, Germany-based firm Utimaco will acquire the Atalla hardware security module (HSM) and enterp [...]

The Drupal websites hacked by cybercriminals using the vulnerabilities known as Drupalgeddon2 and Dr [...]

Updates announced on Friday by the Internet Systems Consortium (ISC) for BIND, the most widely used [...]

A dataset allegedly containing 200 million unique sets of personally identifiable information (PII) [...]

Finland-based cybersecurity firm F-Secure on Thursday announced the launch of a new endpoint detecti [...]

A misconfigured server operated by CalAmp, a company offering the backend for a broad range of well- [...]

Google is putting yet another nail in the HTTP coffin: starting with Chrome 70, pages that are not s [...]

A North Korea-linked APT group tracked as Sun Team has targeted North Korean deflectors with a malic [...]

Yesterday AMD, ARM, IBM, Intel, Microsoft and other major tech firms released updates, mitigations a [...]

Security experts from Qihoo 360 Netlab discovered the operators behind the TheMoon botnet are now le [...]

Roaming Mantis malware initially targeting Android devices, now has broadened both its geographic ra [...]

Google awarded the 18-year-old student Ezequiel Pereira a total of $36,337 for the discovery of a cr [...]

Crooks are exploiting known vulnerabilities in the popular Drupal CMS such as Drupalgeddon2 and Drup [...]

On Friday, the Internet Systems Consortium (ISC) announced security updates for BIND DNS software th [...]

Crook faces up to 35 years in prison for operating the popular Scan4You counter anti-virus (CAV) web [...]

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Securit [...]

Security researchers discovered that a misconfigured server operated by the CalAmp company could all [...]

Obliging search engines to decide if content should be de-indexed is akin to lying to those doing In [...]

With the continuing focus on digital transformation in the workplace, why is there still so much pap [...]

More than 85 per cent of companies in a recent survey say it will take them at least three months to [...]

PayPal has plans to acquire iZettle for $2.2 billion, EnStream, a joint venture between Rogers, Telu [...]

Deploying an ERP system to help run your business can bring you to the next level as an organization [...]

Today's podcast covers a new version of the Mirai botnet, a caution on linking to MyEtherWallet [...]

Change in business in 2018 is not only unavoidable, it’s normal. As the pivot point in most organiza [...]

Similar to the Alert Ready system that was tested across Canada earlier this month, Parliament HIll [...]

ITWC associate editor Eric Emin Wood chats with several winners at the 2018 CATA Innovation and Lead [...]

Net Neutrality tries to stay alive in the U.S., YouTube looks to take on Spotify, and bosses get fed [...]

In Today's podcast two zero-day exploits are found wrapped together, phishers exploit phony HTT [...]

At RightsCon Toronto the head of Citizen Lab calls for university cyber researchers to form a " [...]

We got our hands on a HomePod to see how it holds up in Canada. [...]

It’s been said that making money from something that’s given away for free is next to impossible, bu [...]

The gender gap within the technology sector is no secret, but the number of events focused on women [...]

As the frequency and sophistication of cyber threats intensify, organizations around the world have [...]

Welcome to the May issue of CanadianCIO. This month we’ve organized this special hub to showcase our [...]

Good thing that some top minds are talking AI ethics, because Google Duplex just beat the Turing tes [...]

As AI becomes more accessible and its impact on society grows, Canada's public policy leaders a [...]

Microsoft has plans to release a low-cost Surface device, Lyft joins Uber on sexual assault claims, [...]

A debate over encryption workarounds pitches a government point man and an American encryption exper [...]

Statement calls on governments and the private sector to avoid releasing intelligent systems that di [...]

A Toronto-based smart home startup and a web marking firm share examples of how they're using m [...]

Artificial intelligence is no longer the stuff of science fiction. Glenn Gore, the chief architect o [...]

RSS Error: A feed could not be found at http://www.fireeye.com/blog/feed. A feed with an invalid mime type may fall victim to this error, or SimplePie was unable to auto-discover it.. Use force_feed() if you are certain this URL is a real feed.

5/17/18 GandCrab Hides on Legitimate Websites [...]

4/26/18 Book Review: The Car Hackers Handbook by Craig Smith [...]

4/19/18: Organizations Unprepared for GenV Attacks [...]