Government of the Republic of Trinidad and Tobago                                                                                                                                        


News

Cybercriminals Have Been Experimenting With a Blockchain Domain Name System (DNS)

3rd September 2018

The takedowns of AlphaBay and Hansa in 2017 by law enforcement gave rise to much speculation about the future of dark web marketplaces. As I’ve discussed before, an environment of fear and mistrust are driving the cybercriminal community to incorporate alternative technologies to improve security and remain below the radar as they conduct illicit business […]

Read More

CEIDPageLock Rootkit Hijacks Web Browsers

3rd September 2018

A new rootkit that has been distributed via the RIG exploit kit over the past few weeks can manipulate web browsers and also contains sophisticated defense mechanisms, Check Point says. Dubbed CEIDPageLock, the malware was initially discovered a few months ago, when it was attempting to modify the homepage of a victim’s browser. The rootkit […]

Read More

Advanced Android Spyware Remained Hidden for Two Years

3rd September 2018

A newly detailed Android spyware that has an incredibly wide-ranging protocol has been active since May 2016, Kaspersky Lab warns. Dubbed BusyGasper, the malware includes device sensors listeners (such as motion detectors), can exfiltrate data from messaging applications (WhatsApp, Viber, Facebook), includes keylogging capabilities, and supports 100 commands. Featuring a multicomponent architecture, the malware can […]

Read More

The Disconnect Between Understanding Email Threats and Preventing Them

3rd August 2018

Email continues to be the starting point for the majority of all security breaches. The 2018 Verizon Data Breaches Investigation Report (DBIR) says that email is the attack vector in 96% of breaches. But a new study suggests that despite these figures, companies are not allocating sufficient resources to reduce email risk. The study was […]

Read More

Attackers Circumvent Two Factor Authentication Protections to Hack Reddit

3rd August 2018

Online community site Reddit announced Wednesday that it was breached in June 2018. In a refreshingly candid advisory, it provides a basic explanation of how the incident occurred, details on the extent of the breach, details on its own response, and advice to potential victims. The extent of the breach was limited. It was discovered […]

Read More

Phishing Campaign Targets Four Hundred Industrial Organizations

3rd August 2018

A new wave of spear-phishing emails masquerading as legitimate procurement and accounting letters have hit over 400 industrial organizations, according to Kaspersky Lab. Data collected by Kaspersky showed that the malware associated with the campaign attacked nearly 800 company PCs across various industries. The attacks, which are ongoing, attempt to steal money and confidential data […]

Read More

New macOS Malware Targets Crypto-Currency Users

3rd July 2018

A new piece of macOS malware has been observed being distributed via crypto-currency related Slack or Discord chat groups, security researchers warn. First detailed late last month, the malware is being distributed by malicious actors who impersonate admins or key people. The actors share small snippets of code with the members of said chat groups, […]

Read More

Mozilla Announces Root Store Policy Update

3rd July 2018

Mozilla announced on Monday that its Root Store Policy for Certificate Authorities (CAs) has been updated to version 2.6. The Root Store Policy governs CAs trusted by Firefox, Thunderbird and other Mozilla-related software. The latest version of the policy, discussed by the Mozilla community over a period of several months, went into effect on July […]

Read More

Facebook App Exposed Data of 120 Million Users

3rd July 2018

A recently addressed privacy bug on Nametests.com resulted in the data of over 120 million users who took personality quizzes on Facebook to be publicly exposed. Patched as part of Facebook’s Data Abuse Bounty Program, the vulnerability resided in Nametests.com serving users’ data to any third-party that requested it, something that shouldn’t normally happen. Facebook […]

Read More

Crestron Patches Command Injection Flaw in DGE-100 Controller

12th June 2018

Crestron recently addressed a command injection vulnerability in the console service preinstalled on the Digital Graphics Engine 100 (DGE-100) and other hardware controllers made by the company. Tracked as CVE-2018-5553, the vulnerability has a base CVSSv3 score of 9.8 and is considered Critical severity. Discovered by Rapid7, the security bug is the result of lack […]

Read More

Page 4 of 9« First...23456...Last »