Let’s Encrypt Vuln Allowed Hackers To Hijack Certificates

Privileged Accounts Are Easy

Let’s Encrypt has had to disable a vulnerability that allowed hackers to get certificates – the digital identities that every website relies on for authenticity – for domains they don’t own. Certificates can be a powerful weapon in the wrong hands – and while Let’s Encrypt has provided a short-term fix, it’s only expected to […]

CISOs’ No. 1 Concern In 2018: The Talent Gap

A recent Ponemon Institute survey found out that the ‘lack of competent in-house staff’ outranks all other forms of cybersecurity worry, including data breaches to ransomware attacks. Edgard Capdevielle, CEO at Nozomi Networks commented below. Edgard Capdevielle, CEO at Nozomi Networks: “Finding talented cybersecurity staff will continue to be a serious dilemma for organizations in 2018 especially […]

Vulnerabilities Found In SCADA Mobile Applications

Security researchers have reported 147 vulnerabilities in 34 mobile applications used in conjunction with Supervisory Control and Data Acquisition (SCADA) systems. These vulnerabilities could enable a hacker to compromise industrial network infrastructure by allowing them to disrupt an industrial process or cause a SCADA operator to unintentionally perform a harmful action on the system. IT security experts commented below. John […]

Popular Messaging App, Telegram, Mirrored To Create Fake Apps That Serve Malware

Security firm, Symantec, has discovered a counterfeit version of the encrypted messaging app Telegram, with malware built on the open source code. The fake app, Teligram, which was freely available on the Google Play Store, features similar branding and app store listings to trick users to install malware on their device and hijack their data. John Kozyrakis, Applied Research Lead […]

IOActive And Embedi Uncover Major Security Vulnerabilities In ICS Mobile Applications

OpenSSL Flaw

Mobile app flaws could compromise industrial network infrastructure Seattle, Wash. –IOActive, Inc., the worldwide leader in research-driven security services, and Embedi, a cybersecurity startup company focused on immunizing IoT/embedded/smart end-point devices against 0- and 1-day attacks, today released a white paper outlining 147 cybersecurity vulnerabilities found in 34 mobile applications used in tandem with Supervisory Control and Data […]