Alleged Bezos hacking raises concerns on smartphone security

Allegations that Amazon boss and Washington Post owner Jeff Bezos had his phone hacked by Saudi Crown Prince Mohammed bin Salman have put a spotlight on the security of smartphones and the secretive tools used to hack them.

Smartphones are effectively pocket-sized computers that run apps on operating systems such as Apple's iOS or Google's Android. Those devices have enabled a new world of connectivity – unlimited free calls over WhatsApp, for example, or an atlas worth of up-to-the-second maps from Google – but also a parade of potential security problems.

What is ethical hacking?

Ethical hacking is an authorized process of attempting to gain unauthorized access over a defined network, computer, or data. It is performed by security experts called “white hats,” aimed to improve the security posture of an organization. An ethical hack can be defined as how perfectly one can copy malicious hacker’s actions and strategies. Ethical hackers identify vulnerabilities and suggest resolving before malicious attackers exploited them. They work proactively while pentesting the systems or networks on approval of the organization.

British banks hit by hacking of foreign exchange firm Travelex

Britain’s largest retail banks have been forced to halt processing foreign currency orders after a cyberattack on exchange provider Travelex.

Computer systems at the travel money firm have been down for more than a week since a malware attack on New Year’s Eve, leaving Lloyds, Barclays, HSBC and the Royal Bank of Scotland, among others, unable to process transactions.

The hackers have reportedly demanded $6 million in return for encrypted customer data. But in a statement late on Wednesday, Travelex said the system had been taken down as a “precautionary measure” following the discovery of the virus, and that its investigation had shown that customer data had not been compromised.

Researcher Spots New Tricks in Web Payment Card Skimmers

E-commerce sites have been under siege from cybercriminals who seek to sneak malicious code into checkout processes. A researcher has found two new methods that payment card number thieves are using to try to stay under the radar.

The attackers are sometimes referred to as Magecart, a name for a slew of groups that steal payment card numbers. These attackers often capitalize on vulnerabilities in e-commerce software or other security mistakes that allow for the injection of malicious Javacript, dubbed sniffers or skimmers.