Government of the Republic of Trinidad and Tobago                                                                                                                                        


News

Attackers Circumvent Two Factor Authentication Protections to Hack Reddit

3rd August 2018

Online community site Reddit announced Wednesday that it was breached in June 2018. In a refreshingly candid advisory, it provides a basic explanation of how the incident occurred, details on the extent of the breach, details on its own response, and advice to potential victims. The extent of the breach was limited. It was discovered […]

Read More

Phishing Campaign Targets Four Hundred Industrial Organizations

3rd August 2018

A new wave of spear-phishing emails masquerading as legitimate procurement and accounting letters have hit over 400 industrial organizations, according to Kaspersky Lab. Data collected by Kaspersky showed that the malware associated with the campaign attacked nearly 800 company PCs across various industries. The attacks, which are ongoing, attempt to steal money and confidential data […]

Read More

New macOS Malware Targets Crypto-Currency Users

3rd July 2018

A new piece of macOS malware has been observed being distributed via crypto-currency related Slack or Discord chat groups, security researchers warn. First detailed late last month, the malware is being distributed by malicious actors who impersonate admins or key people. The actors share small snippets of code with the members of said chat groups, […]

Read More

Mozilla Announces Root Store Policy Update

3rd July 2018

Mozilla announced on Monday that its Root Store Policy for Certificate Authorities (CAs) has been updated to version 2.6. The Root Store Policy governs CAs trusted by Firefox, Thunderbird and other Mozilla-related software. The latest version of the policy, discussed by the Mozilla community over a period of several months, went into effect on July […]

Read More

Facebook App Exposed Data of 120 Million Users

3rd July 2018

A recently addressed privacy bug on Nametests.com resulted in the data of over 120 million users who took personality quizzes on Facebook to be publicly exposed. Patched as part of Facebook’s Data Abuse Bounty Program, the vulnerability resided in Nametests.com serving users’ data to any third-party that requested it, something that shouldn’t normally happen. Facebook […]

Read More

Crestron Patches Command Injection Flaw in DGE-100 Controller

12th June 2018

Crestron recently addressed a command injection vulnerability in the console service preinstalled on the Digital Graphics Engine 100 (DGE-100) and other hardware controllers made by the company. Tracked as CVE-2018-5553, the vulnerability has a base CVSSv3 score of 9.8 and is considered Critical severity. Discovered by Rapid7, the security bug is the result of lack […]

Read More

New ‘PyRoMineIoT’ Malware Spreads via NSA-Linked Exploit

12th June 2018

A recently discovered piece of crypto-currency miner malware isn’t only abusing a National Security Agency-linked remote code execution exploit to spread, but also abuses infected machines to scan for vulnerable Internet of Things (IoT) devices. Dubbed PyRoMineIoT, the malware is similar to the PyRoMine crypto-currency miner that was detailed in late April. Both mine for […]

Read More

Code Signing Flaw Affects all Mac OS Versions Since 2005

12th June 2018

Okta Rex (Research and Exploitation) researcher Josh Pitts has discovered a method of exploiting the code signing mechanism in MacOS. If exploited, the flaw could allow malicious untrusted code to masquerade as legitimate trusted code and bypass checks by other security software. Code signing attacks are not new. However, writes Pitts in public disclosure published […]

Read More

Is Cryptojacking Replacing Ransomware as the Next Big Threat?

29th May 2018

Monitoring cyberthreats over time reveals interesting insights into the strategies used by cybercriminals and the evolution of the attack vectors they target. While the threat landscape continues to be quite diversified, trends do seem to run in predictable cycles. For example, over the last year or so ransomware has risen to become one of the […]

Read More

Major Canadian Banks Investigating Data Breach Claims

29th May 2018

Two major Canadian banks informed customers on Monday that they launched an investigation after hackers claimed to have obtained personal and account information as a result of a data breach. The targeted organizations are the Bank of Montreal (BMO) and Simplii Financial, the direct banking brand of the Canadian Imperial Bank of Commerce (CIBC). Both […]

Read More

Page 5 of 10« First...3456710...Last »