Consumer technology news from the future
Security vulnerabilities stories
These search results are from across the Techday network of sites
GitHub's Bug Bounty program gets bigger
GitHub’s Bug Bounty program is now five years old and to mark the occasion it has revamped the program’s scope, rewards, and new legal rules.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Swiss Post asks public to hack its e-voting system
Switzerland’s postal service Swiss Post is inviting keen-eyed security experts and white hats to hack its e-voting system.
Security flaw in Xiaomi electric scooters could have deadly consequences
An attacker could target a rider, and then cause the scooter to suddenly brake or accelerate.
Bug makes Android phones hackable via PNG image files
This means any application handling PNG files that have been carefully crafted by an attacker can end up running the attacker’s code.
APRA Prudential Standard CPS 234: How to communicate with the board
The Australian Prudential Regulation Authority’s standard, CPS 234, is aimed at minimising the threat of cyber attacks for APRA-regulated entities.
Cyber threat spotlight: Kiwis report more, lose less in Q2
CERT NZ’s April-June 2018 Quarterly Report suggests that cyber threats – and the amount of people who are reporting them – are once again on the rise, and fewer people are losing money.
2018 proves to be a mixed bag of severe cyber threats, report finds
There are more than 100,000 known vulnerabilities that are open to exploitation from attackers.
Quick thinking remedies vulnerability in Schneider Electric ICS controller
Radiflow discovered that a serious vulnerability in the devices put the safety and availability of ICS networks in jeopardy.
MikroTik routers in NZ may be at risk of cryptomining - Symantec
These routers are used by many organisations and businesses, including internet service providers.
Flaw discovered in Intel chips, allows attackers to steal cloud data
Foreshadow is the third major flaw found in Intel chips this year after Spectre and Meltdown.
Exclusive interview: Major MFA vulnerability discovered in Microsoft’s ADFS
This exploit gives an actor an incredible advantage to expand compromises significantly.
At-work collaboration apps most vulnerable to cyber attacks
According to a survey of 500 decision makers across several industries, 80% believe that cloud collaboration tools are vulnerable to cyber attacks.
Google Chrome launches new feature to block Spectre attacks
The next update to Google Chrome will bring new protections against web browser attacks such as Spectre.
GitHub rolls out security alerts feature for Python
“Over the coming weeks, we will be adding more historical Python vulnerabilities to our database. "
Use of banking trojans up 50%, cryptomining still dominant malware – report
Check Point’s latest Global Threat Index reveals that Trojan malware families enter Top 10 Most Wanted Ranking; Cryptomining remains top of the list.
BMW awards Chinese security team's work in exposing connected vehicle vulnerabilities
When Chinese security researchers found vulnerabilities in BMW’s connected vehicles, BMW didn’t just fix the vulnerabilities, it awarded the team.
Singapore IMDA launches GoSecure cybersecurity programme for Singapore ICT firms
According to IMDA, the programme will benefit 200 Singapore-based ICT companies over the two-year period.
Report: Open source software plagued with vulnerabilities
78% of 1100 examined codebases contained at least one open source vulnerability, with an average of 64 vulnerabilities per codebase.
OWASP vulnerabilities plague mobile apps: Data leakage a major concern
Across two million applications analysed by Pradeo’s security engine, almost one third of applications contained an OWASP vulnerability.
Singapore organizations caught in 'patching paradox'
Singapore organizations say they don’t have the resources to keep up with the volume of patches required to remediate software flaws.
Electronic lock vulnerabilities can lead attackers directly to your hotel room
Next time you stay at a hotel as part of a business or personal trip, you may want to ask if the hotel’s locking systems are up-to-date.
CERT NZ issues security alert about Smart Install-enabled Cisco devices
CERT NZ has issued a bulletin about a cyber attack campaign that is targeting Cisco devices that have enabled Smart Install (SMI).
Illumio & Qualys combine forces to offer vulnerability threat mapping
Illumio and Qualys are joining forces to combine threat data and application dependency mapping to show potential cyber attack paths in real time.