InfoSec Compliance & AI Governance For over 20 years, DISC InfoSec has been a trusted voice for cybersecurity professionals—sharing practical insights, compliance strategies, and AI governance guidance to help you stay informed, connected, and secure in a rapidly evolving landscape.
Feb 17 2019
A researcher has discovered a serious vulnerability in Xiaomi electric scooters. Exploiting the flaw could allow remote attacks on it causing sudden breaks.
Source: Vulnerability In Xiaomi Electric Scooters Could Allow Remote Attacks
Feb 15 2019
Protecting your online privacy is important. There has been a lot of discussion in recent years about how to stay safe online, and an increasing number of people are turning to Virtual Private Netw…
Source: 3 data leaks that could be undermining your online privacy
DISC InfoSec 🔒 securing the business 🔒 Data Security
Feb 14 2019
A new Emotet Trojan variant has been observed in the wild with the added ability to hide from anti-malware software by embedding malicious macros used to drop the main payload inside XML files disguised as Word documents.
Source: Emotet Uses Camouflaged Malicious Macros to Avoid Antivirus Detection
Feb 12 2019
DDoS attacks may not be the quickest route to profitability for bad actors, but given the importance of this attack technique to nation-state cyberwar adversaries, we can expect continued innovation on the part of the hackers. Enterprises cannot afford to relax their efforts to combat such attacks.
Source: Are Hackers Winning The Denial Of Service Wars?
Feb 11 2019
Dubsmash, Armor Games, 500px, Whitepages, ShareThis, and more said to be up for grabs for $$$s in BTC
Feb 05 2019
Combine with the ISO 9001:2015 QMS Documentation Toolkit and/or the ISO 14001:2015 EMS Documentation Toolkit to create an ISO 27001- compliant integrated management system (IMS).
Feb 04 2019
SpeakUp backdoor trojan can run on six different Linux distributions, and even on macOS.
Source: Security researchers discover new Linux backdoor named SpeakUp | ZDNet
Feb 04 2019
Metro Bank has become the first major bank to disclose SS7 attacks against its customers, but experts believe it isn’t an isolated case.
Source: Metro Bank is the first bank that disclosed SS7 attacks
Feb 03 2019
Personal data is a precious commodity but sometimes we can share too much? Rob thinks we need to develop our human firewall in an age where some much of our lives is online. Rob May is chairman of IoD Surrey, an award-winning entrepreneur and Managing Director of ramsac limited.
Rob makes complex subjects straightforward by using real life examples, humor and pragmatism. He is passionate about his work, positive about life and committed to helping people understand and grow.
He lives with his wife and children in Horsell and is very much a part of the local community. This talk was given at a TEDx event using the TED conference format but independently organized by a local community.
Feb 03 2019
Bolt is in beta phase of development which means there can be bugs. Any production use of this tool discouraged. Bolt crawls the target website
Source: Bolt : Cross-Site Request Forgery Scanner Tool 2019
Feb 02 2019
If you are using a laptop, chances are you have a…
Source: Check now to see if your webcam is being hacked
Feb 01 2019
Motherboard has identified a specific UK bank that has fallen victim to so-called SS7 attacks, and sources say the issue is wider than previously reported.
Source: Criminals Are Tapping into the Phone Network Backbone to Empty Bank Accounts
Jan 31 2019
Thought Collection #1 was big? Collection #2-5 just dwarfed it
Source: The biggest ever data dump just hit a colossal 2.2 billion accounts
Jan 30 2019
Remotely Spying via #FaceTime.
FaceTime any iOS 12.1 or later and you can remotely spy on them (audio and video) before they accept incoming call.
Jan 29 2019
3D Electric powerlines over sunrise
Countries could launch damaging attacks against gas pipelines and electricity grid, says assessment.
Source: Cyber attacks: China and Russia can disrupt US power networks warns intelligence report | ZDNet
Jan 29 2019
The Hawkeye Scanner CLI is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks
Source: Scanner CLI : A Project Security/Vulnerability/Risk Scanning Tool
Jan 28 2019
A Chilean Senator has taken to Twitter with alarming news – the company running the country’s ATM network suffered a serious cyberattack.
Source: Attackers used a LinkedIn job ad and Skype call to breach bank’s defences
Jan 27 2019
Facebook Messenger, Instagram and WhatsApp are to be integrated under the hood so that messages will travel across a unified communications platform. So, what are the implications on privacy for users of these services?
Source: How WhatsApp Merger With Facebook Messenger Puts Your Privacy At Risk
Jan 25 2019
UK-based Fidus Information Security was targeted by angler phishing
Source: How a Security Vendor Tricked Social Media Phishers
Subscribe to DISC InfoSec blog by Email
