Sat.Aug 10, 2019

article thumbnail

City of Naples, Florida, lost $700K after a cyberattack

Security Affairs

Another city in the United States was hit by a cyber attack, according to officials in the city of Naples (Florida) they lost $700,000 in a recent attack. According to officials in the city of Naples, Florida, a cyberattack caused an economic loss of $700,000. This is the last incident in order of time that involved several cities in the United States.

article thumbnail

Hackers Could Decrypt Your GSM Phone Calls

WIRED Threat Level

Researchers have discovered a flaw in the GSM standard used by AT&T and T-Mobile that would allow hackers to listen in.

Security 102
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Android Apps containing Clicker Trojan installed on over 100M devices

Security Affairs

Experts at Dr Web discovered that a set of Android Apps with over 100 million installations that contains a clicker Trojan tracked as Android. Click. 312. origin. Malware researchers at antivirus firm Dr Web discovered more than 33 Android Apps in the Google Play Store with over 100 million installations that contain a clicker Tojan tracked as Android.

article thumbnail

A Remote-Start App Exposed Thousands of Cars to Hackers

WIRED Threat Level

The bugs could have let an industrious hacker locate cars, unlock them, and start them up from anywhere with an internet connection.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

10-year-old vulnerability in Avaya VoIP Phones finally fixed

Security Affairs

Security researchers at McAfee have discovered that a vulnerability patched ten years ago is still affecting several Avaya phones. Security experts at McAfee discovered that a stack-based buffer overflow flaw in the Dynamic Host Configuration Protocol (DHCP) client discovered and fixed ten years ago is still affecting several Avaya phones. The vulnerability, tracked as CVE-2009-0692 , could be exploited by an attacker to crash the ISC DHCP client and execute arbitrary code with the permissions o

IoT 85

More Trending

article thumbnail

DEF CON 2019: MacOS Gets a Malware Beatdown in Attack Demo

Threatpost

Patrick Wardle proves that signature-based anti-malware protection on Macs is woefully inadequate when fending off modern attacks.

article thumbnail

Weekly Update 151

Troy Hunt

Well that's Vegas done. 8 days of absolutely non-stop events that's now pretty much robbed me of my voice but hey, I got a flying cow! Scott and I both spent BSides, Black Hat and DEF CON doing "hallway con" or in other words, wandering around just meeting people. The personal engagement you get from these ad hoc meetups really can't be beat and I appreciate everyone who took the time to come over and say hi.

article thumbnail

DEF CON 2019: New Class of SQLite Exploits Open Door to iPhone Hack

Threatpost

Researchers exploit a SQLite memory corruption issue outside of a browser.

article thumbnail

Big Tech Needs to Use Hazardous Materials Warnings

WIRED Threat Level

Opinion: Tech users don’t have time to read novel-length terms of service. Give them a danger icon that tells them their personal risk.

Risk 57
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Driver Disaster: Over 40 Signed Drivers Can’t Pass Security Muster

Threatpost

Dozens of insecure drivers from 20 vendors illustrate widespread weaknesses when it comes to kernel protection.

article thumbnail

Guardian technology podcast: 'World leaders should listen!'

The Guardian Data Protection

Presenter Jordan Erica Webber and producer Danielle Stephens explain how our podcast Chips With Everything comes together Danielle Chips With Everything was the idea of the former producer Matt Shaw, who wanted to change the format of the original Tech Weekly podcast so it was more about digital culture and how technology influences society, or vice versa.

IT 40
article thumbnail

Varenyky Spambot Trojan targets French users in alleged sextortion campaign

Security Affairs

A new Spambot Trojan, tracked as Varenyky was spotted white targeting users as part of a new alleged sextortion campaign. The malware records the victim’s screen when they are visiting adult-related sites. Varenyky was discovered by researchers at ESET in May and reported by Any. run in June. Interesting sample! It doesn't run with en-US locale but starts an activity with fr-FR on x64.