Month: January 2018

AWS, Google Cloud Popular Home for Botnet Controllers

Read full post The number of command-and-control listings increase 32% in 2017, with more botnet controllers hosted in the cloud.

/ January 10, 2018

FBI Director: Cryptocurrency, Nation-State Attacks, Among Agency’s Top Cybersecurity Concerns

Read full post Speaking at International Conference on Cyber Security, FBI director Christopher Wray pointed to a rise in nation-state attacks – and strong encryption that limits bureau investigations.

/ January 10, 2018

‘Shift Left’: Codifying Intuition into Secure DevOps

Read full post Shifting left is more than a catchy phrase. It’s a mindset that emphasizes the need to think about security in all phases of the software development life cycle.

/ January 10, 2018

Wi-Fi security overhaul coming with WPA3

Read full post Nearly 14 years after it ratified the Wireless Protected Access 2 (WPA2), the Wi-Fi Alliance has given the world a peek at what might be coming next for wireless security.

/ January 10, 2018

‘Back to Basics’ Might Be Your Best Security Weapon

Read full post A company’s ability to successfully reduce risk starts with building a solid security foundation.

/ January 10, 2018

Oracle WebLogic Exploit Used in Cryptocurrency Mining Campaign

Read full post PeopleSoft and WebLogic app servers, as well as cloud systems using WebLogic, hacked and used to net some $226K in digital currency.

/ January 10, 2018

Marketing ads, soon to be screening on your car dashboard

Read full post Get ready for car-delivered ads tailored to your whereabouts and your typical routes.

/ January 10, 2018

Tank-traps versus trappings in virtual currencies: A cybersecurity minefield

Read full post Bitcoin, the progenitor of the entire cryptocurrency boom and still the most popular virtual currency, experienced a truly heady run-up in value. Its price surge was punctuated with a crescendo midway through December, when a single bitcoin...

/ January 10, 2018

Smart-toymaker VTech fined over charges of violating child privacy law

Read full post The FTC said VTech transmitted and stored information without intrusion prevention, detection or encryption, in spite of policy claims.

/ January 10, 2018

Carphone Warehouse fined £400,000 over 2015 data breach

Read full post The successful cyberattack exposed information belonging to millions of UK customers.

/ January 10, 2018

Beautiful webchat honeys turn out to be fembots

Read full post Here we sit, broken hearted, paid our yuan and the video never started.

/ January 10, 2018

Adobe patches information leak vulnerability

Read full post The bug impacts Windows, Mac, and Linux machines.

/ January 10, 2018

Savage Security snapped up by Threatcare

Read full post Savage Security was assisting Threatcare with research before the buyout.

/ January 10, 2018

CoffeeMiner project lets you hack public Wi-Fi to mine cryptocoins

Read full post Remember how we keep telling you that HTTPS is about more than just privacy? Well, here’s a timely reminder why…coffeshop coin mining!

/ January 9, 2018

Turla Cyberespionage Gang Employs Adobe Flash Installer

Read full post In recent data theft campaigns, the APT group has been downloading malware from what appears to be legitimate Adobe URLs and IP addresses, ESET says.

/ January 9, 2018

Microsoft Patches Exploited Office Bug

Read full post An Office memory corruption vulnerability is the only CVE reported as under active attack for this month’s Patch Tuesday.

/ January 9, 2018

Microsoft: How the Threat Landscape Will Shift This Year

Read full post Exclusive interview with Windows Security lead on how 2017 was a “return to retro” security threats and 2018 will bring increasingly targeted, advanced, and dangerous cyberattacks.

/ January 9, 2018

‘Tis the Season: Dark Reading Caption Contest Winners

Read full post Bricked devices, penetration tests, and virtual reality were among the themes submitted in our latest holiday caption competition. And the winners are …

/ January 9, 2018

Threatcare Acquires Savage Security

Read full post The deal expands Threatcare’s business beyond its breach and attack simulation platform to include services and applied research.

/ January 9, 2018

Microsoft Confirms Windows Performance Hits with Meltdown, Spectre Patches

Read full post Windows servers will see biggest degradation, as will Windows 7 and 8 client machines, Microsoft said.

/ January 9, 2018

Microsoft says older Windows versions will face greatest performance hits after Meltdown, Spectre patches

Read full post Windows 7 and Windows 8 users will notice the greatest decrease in system performance after the processor patches are applied.

/ January 9, 2018

FBI locked out of 7,775 encrypted devices in 2017, says director

Read full post FBI director Christopher Wray said he supports strong encryption but called an inability to access encrypted devices an “urgent public safety issue.”

/ January 9, 2018

CISOs’ Cyber War: How Did We Get Here?

Read full post We’re fighting the good fight — but, ultimately, losing the war.

/ January 9, 2018

Aadhaar breaches fuelled by rogue admin accounts

Read full post Not long ago trumpeted as the world’s largest biometric database, India’s Aadhaar system covering 1.2bn citizens is rapidly acquiring a less impressive reputation as the easiest to breach.

/ January 9, 2018

Apple issues Spectre fix with iOS 11.2.2 update

Read full post On January 8, Apple made available iOS 11.2.2, which includes a security update for Spectre, one of the CPU-level vulnerabilities making the headlines as of late.

/ January 9, 2018

20 Cybersecurity Vendors Getting Venture Capital Love

Read full post VCs splashed a record $4B in funding in the cybersecurity pool – here are some highlights among the early- to middle-stage startups who snagged big deals last year.

/ January 9, 2018

ESET research: Appearances are deceiving with Turla’s backdoor-laced Flash Player installer

Read full post In order to establish persistence on the system, the installer tampers with the operating system’s registry. It also creates an administrative account that allows remote access. The post ESET research: Appearances are deceiving with Turla’s backdoor-laced Flash...

/ January 9, 2018

US tightens rules on border search

Read full post Your chances of being searched at a US border crossing are now at an all-time high. But the chances that border agents will be pulling data from your devices declined this past week – at least by...

/ January 9, 2018

Spyware user tracked boyfriend to have him killed by hitman

Read full post The plan was going well, until the ‘hitman’ turned out to be working for the FBI.

/ January 9, 2018

Facebook bug could have exposed your phone number to marketers

Read full post Self-service ad-targeting tools could have squeezed users’ phone numbers from their email addresses… verrrrry sloooowly.

/ January 9, 2018

Meltdown, Spectre Likely Just Scratch the Surface of Microprocessor Vulnerabilities

Read full post There’s a lot at stake when it comes to patching the hardware flaws.

/ January 8, 2018

New Cryptocurrency Mining Malware Has Links to North Korea

Read full post A malware tool for stealthily installing software that mines the Monero virtual currency looks like the handiwork of North Korean threat actors, AlienVault says.

/ January 8, 2018

With WPA3, Wi-Fi security is about to get a lot tougher

Read full post Finally, a security reprieve for open Wi-Fi hotspot users.

/ January 8, 2018

VTech to Pay $650,000 in FTC Settlement

Read full post VTech’s Kid Connect app and its Planet VTech platform collected personal information on 760,000 children without parental permission, the FTC alleges.

/ January 8, 2018

Emailed Cyberattack Targets 2018 Pyeongchang Olympics

Read full post More than 300 organizations associated with the 2018 Olympics have been hit with a targeted email campaign.

/ January 8, 2018

Wi-Fi Alliance Launches WPA2 Enhancements and Debuts WPA3

Read full post WPA2 protocol enhancements bring stronger security protection and best practices, while new WPA3 protocol offers new security capabilities.

/ January 8, 2018

Cyxtera Technologies to Acquire Immunity

Read full post Deal will bring penetration testing products and services to Cyxtera’s threat analytics portfolio.

/ January 8, 2018

Facebook needs fixing, says Mark Zuckerberg

Read full post Mark Zuckerberg has set himself a doozy of a personal challenge for 2018

/ January 8, 2018

US Gov Outlines Steps to Fight Botnets, Automated Threats

Read full post The US Departments of Commerce and Homeland Security identify the challenges of, and potential actions against, automated cyberattacks.

/ January 8, 2018

Star Wars: The Last Jedi – the security review

Read full post We take an objective look at the security angles in Star Wars: The Last Jedi.

/ January 8, 2018