A fictitious industrial company with phony employees personas, website, and PLCs sitting on a simulated factory network fooled malicious hackers - and raised alarms for at least one white-hat researcher who stumbled upon it. S4x20 CONFERENCE - Miami - For seven months, researchers at Trend Micro ran a legitimate-looking phony industrial prototyping company with an advanced interactive honeypot network to attract would-be attackers. The goal was to...
Read More
Endpoint detection and response (EDR) is a category of security tools that monitor end-user hardware devices across a network for a range of suspicious activities and behaviour, reacting automatically to block perceived threats and saving forensics data for further investigation. An EDR platform combines deep visibility into everything that's happening on an endpoint device — processes, changes to DLLs and registry settings, file and network activity...
Read More
Facebook today revealed yet another security incident admitting that roughly 100 app developers may have improperly accessed its users' data in certain Facebook groups, including their names and profile pictures. In a blog post published Tuesday, Facebook said the app developers that unauthorizedly access this information were primarily social media management and video streaming apps that let group admins manage their groups more effectively and help...
Read More
Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which attackers are actively exploiting in the wild...
Read More
Australian organisations are struggling to defend against cyber threats according to a recent study. A total of 209 Australian CISOs responded to the annual Cisco Asia Pacific CISO Benchmark Study on the cyber security landscape with 65 per cent saying they are suffering from cyber security fatigue or are receiving so many daily threats they have given up proactively defending against them. Australian organisations are receiving a...
Read More
If you're running any PHP based website on NGINX server and have PHP-FPM feature enabled for better performance, then beware of a newly disclosed vulnerability that could allow unauthorised attackers to hack your website server remotely. The vulnerability, tracked as CVE-2019-11043, affects websites with certain configurations of PHP-FPM that is reportedly not uncommon in the wild and could be exploited easily as a proof-of-concept (PoC) exploit...
Read More