Peloton API Bug: Expert Commentary

Peloton bug has permitted an unauthenticated user access to view sensitive information for all users and snoop on live class statistics and its attendees, despite having a private mode. 

Experts Comments on Anti Ransomware Day – 12th May

WannaCry, notorious as the largest ransomware epidemic in history, reached its peak on May 12, 2017. To raise awareness of this ongoing threat, INTERPOL dubbed the 12th of May Anti-Ransomware Day and urged organisations to back up their data and adopt relevant security protections. Failing to take all possible steps to secure a business against a ransomware attack can be […]

CISA/NCSC Issue Joint Alert to Patch, Re Russian Foreign Svc Cyber Ops

The joint alert last week issued by CISA, the FBI, the NSA, and UK’s National Cyber Security Centre (NCSC) asks organizations to aggressively patch certain known vulnerabilities in response to updated Tactics, Techniques, and Procedures (TTP’s) used by Russian Foreign Intelligence Service (SVR) Cyber Operations group, known as APT29, Cozy Bear, etc. The alert follows the recent public […]

Security Expert Re: Qualcomm Vulnerability Affects 40% Of Mobile Phones

Forming Managed Security Services Alliance

Researchers identified a high severity security vulnerability found in Qualcomm’s Mobile Station Modem (MSM) chips, (including the latest 5G-capable versions), that could enable attackers to access mobile phone users’ text messages, call history, and listen in on their conversations.

Hackers Target AI To Increase Energy Consumption And Slow Systems

hackers

BACKGROUND: A new type of attack could increase the energy consumption of AI systems, according to research undertaken at Cornell University. Similarly to DDoS (distributed denial-of-service) attacks on the internet seeking to clog up a network and make it unusable, the new attack forces a deep neural network to tie up more computational resources than […]

A Student Pirating Software Led To A Full-blown Ryuk Ransomware Attack

BACKGROUND: A student’s attempt to pirate an expensive data visualization software led to a full-blown Ryuk ransomware attack at a European biomolecular research institute. After the research institute suffered the attack, Sophos’ Rapid Response team responded and neutralized the cyberattack. This attack lost the institute a week’s worth of research data and a week-long network outage as […]