Cybersecurity giant Symantec plays down unreported breach of test data

The American cybersecurity giant Symantec has downplayed a data breach that allowed a hacker to access passwords and a purported list of its clients, including large Australian companies and government agencies.   The list extracted in the February incident, seen by Guardian Australia, suggests that all major federal government departments were among the targets of …


Cyber-attacks ‘damage’ national infrastructure

A growing number of cyber-attacks on key installations have successfully put systems out of action over the past two years, a study has revealed. A survey of security professionals in six countries, including the UK, by the Ponemon Institute found 90% had been hit by at least one successful attack. Staff in the utilities, energy, …


The Cybersecurity 202: Arrest at Mar-a-Lago spotlights simple but pervasive threat of thumb drives

The arrest of a Chinese citizen carrying a malware-infected thumb drive at Mar-a-Lago is a reminder that digital threats don’t always arrive via email or complex hacks.   Sometimes they’re hand delivered.   When Yujing Zhang was arrested at President Trump’s Florida resort Saturday, she was carrying four cellphones, a laptop, an external hard drive …


UK watchdog slams Huawei over ‘serious’ cybersecurity vulnerabilities

A UK government cybersecurity watchdog has once again raised serious concerns about Huawei’s security practices, the Financial Times reports. The report comes from the Huawei Cyber Security Evaluation Centre (HCSEC) Oversight Board, an organisation set up by the UK’s National Cyber Security Centre to evaluate the security risks posed by using Huawei’s equipment in critical …


The Cybersecurity 202: Michael Cohen investigators relied on controversial cell-tracking device

FBI agents wanted to search Michael Cohen’s hotel room, but didn’t know which room he was in. So, they used a controversial device that captured his cellphone’s location.   The revelation — included in a trove of search warrant documents released Tuesday in the case of President Trump’s former personal lawyer — sheds some light …


Why The Citrix Breach Matters — And What To Do Next

Over the weekend, it has emerged that Citrix has been hit by hackers in attacks that potentially exposed large amounts of customer data.   On March 6, 2019, the FBI contacted Citrix with the news that international cyber criminals had likely gained access to the internal Citrix network. The firm says in a statement that …


How one teenager is making millions by hacking legally

his is 19-year-old Santiago Lopez from Argentina.   He’s the first millionaire bug-bounty hacker, which means he gets paid to find glitches in the software of some of the world’s biggest companies.   Mr Lopez made his money on the world’s biggest ethical hacking platform: HackerOne.   BBC News’ Joe Tidy has been to see …


Russian ex-cyber security chief gets 22-year sentence for treason

A court in Moscow on Tuesday sentenced a senior Russian cyber intelligence official and an executive at a cybersecurity firm to lengthy prison sentences on treason charges.   Moscow’s District Military Court, which has been hearing the top-secret case for nearly two years behind closed doors, sentenced Col. Sergei Mikhailov, former deputy head of the …


Remote Desktop clients analysed and found vulnerable

Microsoft shown to handle its own, complicated RDP well. Security researchers analysing Remote Desktop clients for the popular remote desktop protocol, used to connect to non-local Windows machines, have unearthed multiple vulnerabilities.   Check Point analysed the FreeRDP and rdesktop (the default client for the Kali Linux penetration testing distribution) remote access tools, along with …


The Cybersecurity 202: ‘We’re doubling down.’ DHS insists it’s not reducing election security efforts

The Homeland Security Department is actually surging its efforts to protect elections against foreign hackers during the two years leading up to the 2020 elections — not winding them down, the agency’s top cybersecurity official insists.   Chris Krebs, who leads DHS’s Cybersecurity and Infrastructure Security Agency, was punching back Thursday against a Daily Beast …


Houzz suffers major data breach

Home improvement site Houzz has announced that it suffered a data breach in which third-parties gained access to a file containing publicly visible user data as well private account information.   The company explained to users in an email that an unauthorized third-party obtained access to a file containing internal account information such as user …