Flaws in Logitech's Harmony Hub devices allowed hackers to gain root access

Flaws in Logitech's Harmony Hub devices allowed hackers to gain root access

Last year, Logitech announced that the security certificate of its Harmony Link IoT device, which allowed users to control their home cinema setup using a universal remote control, was to expire on 16 March 2018.
By Jay Jay May 10 2018, 11:19AM
Poor password hygiene still rules

Poor password hygiene still rules

New research has revealed that even though people are now more aware of security best practices than in the past, their password management has remained largely unchanged.
By Jay Jay May 3 2018, 12:58PM
Two-thirds of online banking systems in 2017 contained high-risk vulnerabilities

Two-thirds of online banking systems in 2017 contained high-risk vulnerabilities

75 percent of online banking systems contained cross-site scripting flaws, 69 percent lacked protection from data interception, 63 percent had insufficient authorisation, 50 percent were vulnerable to sensitive data disclosure.
By Jay Jay Apr 26 2018, 12:25PM
LinkedIn Autofill flaw lets hackers harvest website visitors' personal info

LinkedIn Autofill flaw lets hackers harvest website visitors' personal info

If the visitor clicks anywhere on the page, then according to Cable, "LinkedIn interprets this as the AutoFill button being pressed, and sends the information via postMessage to the malicious site".
By Jay Jay Apr 24 2018, 11:49AM
OceanLotus hacker group launches malicious MacOS backdoor

OceanLotus hacker group launches malicious MacOS backdoor

Researchers at Trend Micro have discovered how the hacker group OceanLotus, which is also known in cyber-security as APT 32, APT-C-00, SeaLotus, and Cobalt Kitty, is using a new backdoor to target MacOS computers.
By Jay Jay Apr 6 2018, 12:16PM
Malware attacks leveraging MS Word documents grew by 33% in Q4

Malware attacks leveraging MS Word documents grew by 33% in Q4

Amidst a major rise in zero-day malware attacks in Q4 2017, researchers have observed how hackers are increasingly using Microsoft Office documents as carriers to deliver malicious payloads in enterprise systems.
By Jay Jay Apr 3 2018, 12:14PM
Phishing or Ransomware? Experts dispute which is biggest cyber-threat

Phishing or Ransomware? Experts dispute which is biggest cyber-threat

Cyber-security executives and business decision makers question whether phishing emails or ransomware attacks are the most potent threats faced, but are businesses equipped to implement all-round risk mitigation strategies?
By Jay Jay Mar 26 2018, 11:46AM
Critical flaws in 4G LTE protocols leaving mobile devices vulnerable

Critical flaws in 4G LTE protocols leaving mobile devices vulnerable

Unpatched security vulnerabilities in the 4G LTE protocol allow anyone to connect to a network.ing channel.
By Jay Jay Mar 12 2018, 12:12PM
Oculus' failure to renew expired certificate bricks Oculus Rift headsets

Oculus' failure to renew expired certificate bricks Oculus Rift headsets

Users of Oculus Rift VR headsets were left fuming for almost a day after the firm failed to notice that one of its certificates had expired, thereby cutting off all Rift headsets from the Runtime Service.
By Jay Jay Mar 12 2018, 12:12PM
Google gets sued for denying "right to be forgotten" request

Google gets sued for denying "right to be forgotten" request

A businessman, whose "right to be forgotten" request was denied by Google to "defend the public's right to access lawful information", has filed a lawsuit in the high court in a bid to make Google remove references to his criminal past.
By Jay Jay Mar 6 2018, 11:34AM
Apple's closely-guarded iBoot source code made public on GitHub

Apple's closely-guarded iBoot source code made public on GitHub

Apple's proprietary iBoot source code which loads iOS when iPhones are powered on, leaked on GitHub, exposing the code to cyber-criminals looking to jailbreak iPhones or to exploit vulnerabilities in the booting process.
By Jay Jay Feb 12 2018, 9:19AM