Government of the Republic of Trinidad and Tobago                                                                                                                                        


News

Vulnerability in Skype for Android Exposes User Data

4th January 2019

A vulnerability in Skype for Android allows an unauthenticated attacker to view photos and contacts, and even open links in the browser, a security researcher has discovered. Found by Florian Kunushevci, a 19-year-old researcher from Kosovo, the vulnerability requires for the attacker to have physical access to the target device. Next, they would need to […]

Read More

Ransomware Attack Against Hosting Provider Confirms MSPs Are Prime Targets

4th January 2019

Dataresolution.net, a cloud hosting provider headquartered in San Juan Capistrano, CA and with data centers in Los Angeles CA, Reston VA, London UK, Hamilton Bermuda, and Canada, was infected with ransomware on Christmas Eve, 2018. It appears that the firm declined to pay any ransom, and is reconstituting the files manually and from backups. According […]

Read More

Serious DoS Flaw Impacts Several Yokogawa Products

4th January 2019

A serious denial-of-service (DoS) vulnerability impacts several industrial automation products from Japanese electrical engineering and software company Yokogawa Electric. The flaw exists in the Open Communication Driver for Vnet/IP, a real-time plant network system for process automation. The problematic driver is present in several Yokogawa products, including CENTUM CS 3000 and CENTUM VP distributed control […]

Read More

Fake iOS Fitness Apps Steal Money

5th December 2018

A series of iOS applications posing as fitness-tracking tools have been stealing users’ money by abusing the Touch ID feature, ESET has discovered. The trick used by the fake fitness apps is fairly simple: they ask the user to scan their fingerprint, supposedly for fitness-tracking purposes, but instead use this to activate a dodgy payment […]

Read More

Malware Dropper Supports a Dozen Decoy Document Formats

5th December 2018

A recently discovered malware dropper has the ability to use nearly a dozen decoy document file formats to drop various payloads, Palo Alto Networks security researchers warn. Dubbed CARROTBAT, the customized dropper is being used to deliver lures primarily pertaining to the Korean region, revolving around subjects such as crypto-currencies, crypto-currency exchanges, and political events. […]

Read More

Symantec Unveils USB Scanning Station for ICS, IoT Environments

5th December 2018

Symantec on Wednesday unveiled a new product designed to protect critical infrastructure organizations, including industrial and Internet of Things (IoT) environments, against USB-borne threats. Industrial Control System Protection (ICSP) Neural is a network-integrated USB scanning station that should make it easier for organizations to ensure that the USB drives used to transfer data between devices […]

Read More

Shellbot Botnet Targets Linux, Android Devices

5th November 2018

An IRC bot built using Pearl is targeting Internet of Things (IoT) devices and Linux servers, but can also affect Windows systems and Android devices, Trend Micro warns. Dubbed Shellbot, the malware is being distributed by a threat group called Outlaw, which recently compromised FTP servers of a Japanese art institution and a Bangladeshi government […]

Read More

Symantec Acquires Appthority, Javelin Networks

5th November 2018

Symantec on Monday announced the acquisition of mobile application security firm Appthority and Active Directory protection company Javelin Networks. With the acquisition of Appthority, Symantec wants to provide customers the technology needed to analyze mobile applications for malicious capabilities and unwanted behavior, including vulnerabilities, exposure of sensitive data, and privacy risks. According to Symantec, the […]

Read More

New Side-Channel Vulnerability Leaks Sensitive Data From Intel Chips

5th November 2018

A newly revealed side-channel attack can leak encrypted data from Intel microprocessors that use a Simultaneous Multithreading (SMT) architecture. Dubbed PortSmash and tracked as CVE-2018-5407, the vulnerability affects all CPUs that rely on SMT, including Intel’s Hyper-Threading architectures. By exploiting the vulnerability, an attacker could extract sensitive data such as encryption keys from a computer’s […]

Read More

Zero Day in jQuery Plugin Impacts Thousands of Applications

22nd October 2018

Thousands of projects are possibly impacted by a jQuery File Upload plugin vulnerability that has been actively exploited in the wild, a security researcher has discovered. Tracked as CVE-2018-9206, the security bug impacts older versions of the plugin as well, going all the way back to 2010, Akamai researcher Larry Cashdollar found out. At the […]

Read More

Page 1 of 812345...Last »