Hacking

Security experts hack unsuspecting family’s Amazon Echo

Online security experts vpnMentor have investigated the accessibility of Amazon Echo by hacking into one unsuspecting family’s device, highlighting how easily it could be tampered with.

What is Wireshark? What this essential troubleshooting tool does and how to use it

Wireshark is a must-have (and free) network protocol analyzer for any security professional or systems administrator. It's like Jaws, only for packets.

What is Magecart and was it behind the Ticketmaster and BA hacks?

The phenomenally damaging cyberattack on British Airways last week saw the haemorrhaging of information from over 385,000 transactions, credit card and personal details included.

Wanted: Data breach risk ratings, because not all breaches are equal

We need a system for data breaches that rates the real risk associated with the compromised data.

Don't abandon that domain name

Penny-wise, pound-foolish: Letting old domain names expire might save a few bucks a year, but lets attackers register your old domain and pretend to be you.

The curious case of the Superdrug 'hack'

Earlier this week high street retailer Superdrug was contacted by a lone hacker claiming that they had stolen the personal information of up to 20,000 customers and demanded a ransom in exchange for the information. This included customers' names, addresses, and other personal details, but no payment or card information.

Widespread vulnerabilities in mobile point-of-sale readers

Security researchers uncovered widespread vulnerabilities in mobile point-of-sale readers offered by Square, SumUp, PayPal and iZettle.

Pune-based Cosmos Bank loses Rs 94 crore to hackers

A malware attack helped hackers clone thousands of debit cards and siphon off over ₹94 crore from Cosmos Bank over a period of two days.

Why you should consider crowdsourcing IT security services

Whether you need a pentesting team, a bug bounty program, or a vulnerability disclosure plan, several crowdsourcing platforms can take the risk and pain from the process.

Do you need a vulnerability disclosure program? The feds say yes

The FTC and DOJ are pushing companies to provide a means for good-faith security researchers to report bugs and put effective processes in place to act on those reports.

What are deepfakes? How and why they work

Once the bailiwick of Hollywood special effects studios with multi-million-dollar budgets, now anyone can download deepfake software and use machine learning to make believable fake videos. This makes a lot of people nervous.

Does your organisation need a CISO?

How rising data security fears have boosted the role of the Chief Information Security Officer