More than three-fourths of mobile banking vulnerabilities can be exploited without physical access to the phone. A new report from Positive Technologies has a number of sobering facts: 100 percent of mobile banking apps contain code vulnerabilities due to a lack of code obfuscation. NONE of the mobile banking apps tested had an acceptable level […]
Continue reading → [DISPLAY_ACURAX_ICONS]If that headline doesn’t scare you, it should. Ripple20 is a family of 19 vulnerabilities that are part of a library that is used in medical devices, home automation devices, oil & gas controls, networking devices and other industrial control devices. The bugs are in a library that was developed in the 1990s and is […]
Continue reading → [DISPLAY_ACURAX_ICONS]The Vault 7 leak, in which Wikileaks posted information about a large number of CIA hacking tools was possibly the worst national security compromise the Agency has ever seen. Not only did it reveal our techniques for hacking foreign systems but the hackers repurposed those tools and hacked American and other friendly companies and governments. […]
Continue reading → [DISPLAY_ACURAX_ICONS]A survey of small and medium size businesses asked executives about their Recovery Time Objectives or RTOs. A company’s RTO represents the amount of time a system, such as a web site, can be down after an incident. The incident could be a software error, hardware failure, ransomware attack or many other things. Here are […]
Continue reading → [DISPLAY_ACURAX_ICONS]As IoT devices proliferate, a lot of them don’t get updated. Ever. Some IoT devices automatically update themselves, but a lot of them do not have the smarts to do that. Hopefully all of them talk to their controller over HTTTPS – encrypted traffic. But there is a problem with that. HTTPS certificates expire and […]
Continue reading → [DISPLAY_ACURAX_ICONS]As the Maze ransomware group continues to hit new targets like banks and defense contractors, among many others, those companies, in many cases, decide to restore their systems from backups and not pay the ransom. So Maze decided to nuance their crime and steal (or exfiltrate) the data before encrypting it. That way, if the […]
Continue reading → [DISPLAY_ACURAX_ICONS]