Viry a Červi

The program focuses on potential abuse methods across Google's product-specific channels like Google+, Youtube, Gmail and Blogger.

Misconfigured DIY smart-home hubs for home automation could allow attackers to track owners’ movements, see if smart doors and windows are opened or closed, and even open garage doors.

Advanced behavior malware threats are targeting telecom services - at a higher level than the global average, researchers found.

The method could be used to deduce the age, sex, likes or the location history of a user – essentially, the attacker can play “20 questions” to profile the victim.

The Australian government wants to force companies to help it get at suspected criminals’ data. If they can’t, it would jail people for up to a decade if they refuse to unlock their phones.

For 2 years, welfare investigators used a huge database of automated license plate reader images to sniff out fraud, without audit or policy.

The family of "Dread Pirate Roberts" got him an account and is typing in, word for word, his tweets, including his hope for Trump's clemency.

What's worse than fake news? Fake science - published in legitimate looking journals.

Each year, Kaspersky Lab’s Security Services department carries out dozens of cybersecurity assessment projects for companies worldwide. In this publication, we present a general summary and statistics for the cybersecurity assessments we have conducted of corporate information systems throughout 2017.

We have analyzed several dozen projects for companies from various sectors, including government bodies, financial organizations, telecommunications and IT companies, as well as manufacturing and energy companies. The results and statistics on detected vulnerabilities are provided separately for each type of service provided: external penetration testing, internal penetration testing, web application security assessment.

The distribution of analyzed companies by industry, 2017

The overall level of protection against external attackers was assessed as low or extremely low for 43% of all analyzed companies. The level of protection against internal attackers was identified as low or extremely low for 93% of all analyzed companies.

This publication includes statistics on the most common vulnerabilities and security flaws that Kaspersky Lab’s experts have detected and that can potentially be used by threat actors for unauthorized penetration into company infrastructures.

 “Security assessment of corporate information systems in 2017” full report (PDF)

Web Security says there's nothing nefarious to its URL collection

A security plug-in for the Firefox browser is under fire after users discovered it was collecting and uploading their online activity.…

10 users controlling the bulk of cryptocoin generator funds

Mining internet currency on websites with Coinhive scripts is a lucrative endeavor, but only for a handful of people.…

The tricky Cortana flaw, CVE-2018-8253, was addressed by Microsoft during Patch Tuesday.

In testing, an Internet of Things (IoT) botnet of large, power-consuming appliances was used to carry out coordinated attacks on the energy grid.

Report points finger at North Korea for cyber-heist

Cosmos Bank in India says that hackers made off with $13.4m in stolen funds over the weekend.…

Ancient issue causing new ones

Security gaps have been identified in widely used implementations of the IPsec protocol, which is used in the set up of Virtual Private Networks (VPNs).…

Michael Terpin not happy about funds-draining SIM swap fraud

A bitcoin investor is suing AT&T for $240m after it allegedly ported his phone number to a hacker, allowing the criminal to steal $24m in cryptocurrency.…

Shock! It appears Google can track the location of anyone using some of its apps on Android or iPhone even when they’ve told it not to.

Last month the crooks were throwing old passwords into their scams to make you sit up and take notice. Now it's phone numbers.

Researchers say the "PhishPoint" tactic has already impacted 10 percent of Office 365 users globally.

In addition to traditional phishing, fraudulent cryptocurrency offers pose a rising trend.