Security News

He probably would have got away with it, too, if it weren't for you meddling kids Interpol's Biometric Hub - a recently activated tool that uses French identity and biometrics vendor Idemia's technology to match people's biometric data against the multinational policing org's global fingerprint and facial recognition databases. Interpol introduced the Biometric Hub - aka BioHub - in October, and it is now available to law enforcement in all 196 member countries.

Red Piranha has released the latest Crystal Eye consolidated security platform officially in global collaboration with Intel on the 12th of October and more details on the Network Builders Panel with Intel later that month. The release of Crystal Eye 5.0 OS is timed with the new range of products launched in collaboration with Intel, aimed at the private data centre for managed services providers to provide Security as a Service and the Telco space for advanced, high-throughput security detection, designed for use across Smart Cities.

The Forum of Incident Response and Security Teams (FIRST) has officially announced CVSS v4.0, the next generation of the Common Vulnerability Scoring System standard, more than eight years after...

Security researchers hacked the Samsung Galaxy S23 twice during the first day of the consumer-focused Pwn2Own 2023 hacking contest in Toronto, Canada. Pentest Limited was the first to demo a zero-day on Samsung's flagship Galaxy S23 device by exploiting improper input validation weakness to gain code execution, earning $50,000 and 5 Master of Pwn points.

Cisco has released the first fixes for the IOS XE zero-day exploited by attackers to ultimately deliver a malicious implant. The fixes were made available on Sunday, but a curious thing happened the day before: several cybersecurity companies and organizations have noticed a drastic reduction in the number of internet-facing Cisco devices that saddled with the implant.

The ongoing face-off between Washington and Beijing over technology and security issues has taken a new twist, with China accusing the US of hacking into the servers of Huawei in 2009 and conducting other cyber-attacks to steal critical data. China's Ministry of State Security made the allegations in a posting on WeChat, claiming that in 2009 US intelligence services "Began to invade servers at Huawei headquarters and continued to monitor them."

The Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by specially crafted FBI software. The Qakbot administrators use a system of tiered servers to control the Qakbot malware installed on infected computers.

Google has announced the first open-source quantum resilient FIDO2 security key implementation, which uses a unique ECC/Dilithium hybrid signature schema co-created with ETH Zurich. FIDO2 is the second major version of the Fast IDentity Online authentication standard, and FIDO2 keys are used for passwordless authentication and as a multi-factor authentication element.

Google on Tuesday announced the first quantum resilient FIDO2 security key implementation as part of its OpenSK security keys initiative. "This open-source hardware optimized implementation uses a novel ECC/Dilithium hybrid signature schema that benefits from the security of ECC against standard attacks and Dilithium's resilience against quantum attacks," Elie Bursztein and Fabian Kaczmarczyck said.

The future of telecommunication was also a hot topic at the premier VON: Evolution Africa event, the first to take place in Africa in its 26-year history. Cybertech Africa in Rwanda included an exciting exhibition of innovative cyber companies and startups, with three of those startups selected to pitch their ideas to the audience, and more hoping for the chance to present.