Robert Lemos

At the Black Hat 2016 security conference in early August, Apple offered select researchers up to $200,000, to find previously unknown ways to compromise the company’s iOS operating system or iCloud service. Less than a week later, third-party security firm Exodus Intelligence upped the ante, offering $500,000 for remote exploitation on iOS—10 times more than […]

While Moore’s Law has a limit, the steady march of increasingly sophisticated chip designs that incorporate an ever increasing number of transistors on a chip has made designing device controllers and processors more complex. As a result, errors can creep into designs, but even more alarming, according to computer scientists, is that it’s possible that […]

Smaller ransomware incidents account for more attacks, outpacing large compromises involving hundreds of systems—a trend that bodes well for businesses but less well for some security firms—according to threat-protection and response firm FireEye. On Aug. 4, FireEye announced that the company’s earnings fell short of analysts’ forecasts and, among other factors, blamed criminals’ move to […]

Nigerian cyber-criminals hacked into the email of an Indian chemical company, hijacking a deal between the company and its U.S. customer and stealing the entire $400,000 payment, according to researchers with security firm SecureWorks. Details of the attack—of a type known as business email compromise (BEC)—is part of the intelligence gleaned by researchers from a […]

The modern automobile has all the computer technology of your typical small business. Cars typically have 70 to 100 electronic control units, or ECUs, and 10 million to 150 million lines of code running on their various systems. The entertainment consoles in the dashboard often allow USB and Bluetooth connectivity, which has provided researchers with […]

Wireless keyboards from eight manufacturers do not encrypt their communications, allowing attackers to easily snoop passwords, credit-card numbers and other valuable information, according to a report published July 26 by security firm Bastille Networks. The attack, which Bastille called KeySniffer, only affects keyboards whose manufacturers used non-standard communications technology to create the wireless pair between […]

In May, tucked away in its quarterly filing to the Securities and Exchange Commission, retail giant Target updated its running total of the cost of its 2013 holiday season breach. The damages so far: $291 million. Those losses eventually may reach $370 million, according to the company’s estimates. While the retail giant may have outdone […]

Most crypto-ransomware gangs are willing to negotiate with customers, but support for non-technical users varies tremendously, security firm F-Secure found during an investigation of such cyber-criminal groups. The firm’s security team worked with a non-technical employee, who acted as the victim, to contact ransomware groups and find out how supportive they were of their victims. […]

When ransomware hit the Horry County School District in South Carolina in February, the IT staff’s first warning of the disaster came from teachers who could no longer access their files. Days later, Hollywood Presbyterian Medical Center staff “noticed issues accessing the hospital’s computer network”—the organization’s only warning that it too had become a victim. […]

For the fourth year in a row, researchers have discovered and reported more than 150 vulnerabilities in industrial control systems (ICSes), demonstrating that the critical systems continue to attract attention, according to an analysis conducted by Kaspersky Lab. In 2015, researchers found and reported 189 vulnerabilities, a slight increase from the 181 vulnerabilities found in […]