View Full Version : Security News



  1. OpenVPN to get two separate security audits
  2. How to prepare your company for cybersecurity threats
  3. Researchers set to work on malware-detecting CPUs
  4. Cloud providers not expanding security as fast as customers adopt cloud
  5. DressCode Android malware found in 3,000 apps
  6. How the EFF was pushed to rethink its Secure Messaging Scorecard
  7. US DOJ can’t access data stored abroad with just a warrant, court rules
  8. Shard: Open source tool checks for password re-use
  9. Avast to acquire AVG for $1.3 billion
  10. New Russian law to force service providers to decrypt encrypted comms
  11. Android-rooting malware lurking on Google Play
  12. ApocalypseVM ransomware decrypter released
  13. 70,000 hacked servers for sale on xDedic underground market
  14. Adobe Flash zero-day actively exploited in targeted attacks
  15. 789% year-over-year spike in malware and phishing
  16. Improving software security through a data-driven security model
  17. Who’s tracking you online, and how?
  18. PGP-encrypted comms network allegedly used by criminals shuts down
  19. Researcher develops tool that blocks OS X crypto-ransomware
  20. Beware of emails with JavaScript attachments!
  21. Rooting malware lurking in third party Android app stores
  22. Playing Hearthstone? Want to cheat? You might end up with Bitcoin-stealing malware
  23. Android users on high alert as malware, phishing and scams are projected to rise
  24. 60+ Trojanized Android games lurking on Google Play
  25. OpenSSL bug that could allow traffic decryption has been fixed
  26. The history of cyber attacks: From ancient to modern
  27. Versatile Linux backdoor acts as downloader, spyware
  28. "Deliberately hidden" backdoor found on US governments comms system
  29. OpenWPM: An automated, open source framework for measuring web privacy
  30. OS X's Gatekeeper bypassed again
  31. Cheap web cams can open permanent, difficult-to-spot backdoors into networks
  32. Android banking Trojan defeats voice call-based 2FA
  33. Drupal moves to fix flaws in update process
  34. SLOTH attacks weaken secure protocols because they still use MD5 and SHA-1
  35. January Android security update fixes 5 critical flaws, removes unneeded component
  36. Difficult to block JavaScript-based ransomware can hit all operating systems
  37. Google is testing password-free logins
  38. Android users targeted with sophisticated new banking Trojan
  39. Cisco Systems will be auditing their code for backdoors
  40. Oracle agrees to settle FTC charges it deceived consumers about Java updates
  41. Who planted the backdoors in Junipers firewalls?
  42. New date for migrating off vulnerable SSL and early TLS encryption
  43. Linux machines can be "owned" by hitting backspace 28 times
  44. Linux machines can be "owned" by hitting backspace 28 times
  45. Twitter users warned about being targeted by state-sponsored attacks
  46. Business email compromise scams still happening, still successful
  47. Whitepaper: Cyber Security Best Practices
  48. Turn the Cyber Kill Chain against your attacker
  49. Apple releases security updates for every major product
  50. Microsoft warns of imminent end of support for all but the latest Internet Explorer versions
  51. A deadly campaign delivers Pony info-stealer followed by Cryptowall ransomware
  52. 86% of PHP-based apps contain at least one XSS vulnerability
  53. How Europol analyzes malware
  54. VTech data breach gets worse: Childrens pictures and chat logs were also compromised
  55. Global cyberconflicts, hacktivism and disruptions are on the horizon
  56. Telegram Android app is a stalker's dream
  57. VPN protocol flaw allows attackers to discover users true IP address
  58. Spyware/adware combo masquerading as AnonyPlayer hits Android users
  59. Video training course: Penetration testing and ethical hacking
  60. How malware peddlers trick users into enabling Office macros
  61. ISIS operation security guide gives insight into group's cybersecurity practices
  62. How fake users are impacting business through acts of fraud and theft
  63. Exploit kit activity up 75 percent
  64. Anonymous goes after ISIS, aims to expose recruiters and sympathizers
  65. Point of Sale malware gaining momentum as holiday shopping season approaches
  66. Event: ENITSE Enterprise IT Security Conference & Exhibition
  67. Bug in Android Gmail app allows effective email spoofing
  68. Phishers are targeting millions of DHL customers
  69. Google debuts customized warning for social engineering sites
  70. Information security innovation and the fast-paced threat landscape
  71. Email is more secure today than it was two years ago
  72. Digitally signed spam campaign spotted delivering malware
  73. Rooted, Trojan-infected Android tablets sold on Amazon
  74. Ivan Ristic and SSL Labs: How one man changed the way we understand SSL
  75. Three indicted in largest theft of customer data from a U.S. financial institution in history
  76. Beware of Apple-themed phishing emails threatening to limit your account
  77. Stolen or lost devices and the risks of remote working
  78. Final TalkTalk breach tally: 4% of customers affected
  79. A new, streamlined version of Cryptowall is doing rounds
  80. IT priorities are changing: Cloud-first strategy to rise
  81. Sale of legitimate code-signing certs booms on darknet markets
  82. Trojanized versions of 20,000 popular apps found secretly rooting Android devices
  83. 11 zero-days uncovered in Samsung Galaxy S6 Edge
  84. Researchers map out hard-to-kill, multi-layered spam botnet
  85. Hard-hitting insights into global attacks targeting organizations
  86. Open source tool checks for vulnerabilities on Android devices
  87. Chimera crypto-ransomware is hitting German companies
  88. The growth of mobile malware and online banking attacks
  89. Stanford researchers identify potential security hole in genomic data-sharing network
  90. Researchers can identify people through walls by using wireless signals
  91. Most consumers believe cloud-based apps can be hacked
  92. Android infostealer masquerading as MS Word document
  93. China is the top target for DDoS reflection attacks
  94. Hackers put up for sale 13 million plaintext passwords stolen from 000webhost
  95. Most are unaware of the seriousness of medical data theft
  96. US Library of Congress makes tinkering with your car software legal
  97. The security communitys reaction as CISA passes US Senate
  98. How can we decide on surveillance and privacy when we can't see the whole picture?
  99. WhatsApp collects phone numbers, call duration, and more!
  100. TalkTalk breach: Attackers demand £80,000 for stolen data
  101. The top 6 scariest cloud security mistakes and how to avoid them
  102. Cloud-based vulnerability management: Top vendors in the field
  103. What should companies do after a wide-scale data breach?
  104. Nine arrested in UK investigation of criminal network defrauding bank customers
  105. Week in review: Criminals hacked chip-and-PIN system, secret code in printers allows tracking, and insecure WD self-encrypting hard drives
  106. Microsoft wants researchers to find bugs in .NET Core and ASP.NET, will pay
  107. 12 new malware strains discovered each minute
  108. Smart home security and privacy checklist
  109. Four things to know about new net neutrality rules
  110. New ransomware delivered via Windows Remote Desktop Services
  111. Apple pushes out critical security updates for OS X, iOS, watchOS, and other products
  112. WikiLeaks publishes documents stolen from CIA directors email account
  113. Think twice about Android root
  114. Back to the Future: How much of Marty and Doc's tech is a reality?
  115. Fitbit trackers can easily be infected with malware, and spread it on
  116. Tech support scammers start targeting users of Apple devices
  117. Tech-savvy users are actually the worst offenders
  118. Free PCI and NIST compliant SSL test
  119. Data dump points to a breach at Electronic Arts
  120. 1 in 4 organizations have experienced an APT
  121. IS hackers are attacking the US energy grid
  122. Secret code in color printers enables government tracking
  123. UK workers are significantly lacking in security awareness
  124. Facebook starts warning users of state-sponsored attacks against their accounts
  125. Emergency Flash update plugs zero-day exploited in the wild
  126. Internet of Things: Rethinking privacy and information sharing
  127. Cyber warfare fears spur US Navy to teach celestial navigation again
  128. Microsoft fixes critical flaws in all versions of Windows and Office
  129. Hackers are exploiting zero-day flaw in fully patched Adobe Flash
  130. UK, US law enforcement agencies disrupt Dridex botnet
  131. Global Internet experts reveal plan for more secure, reliable Wi-Fi routers
  132. The countdown to the EU Data Protection Regulation
  133. How to become a nightmare for cyber attackers
  134. Companies investing in cloud, security and Big Data are growing faster
  135. Secure networks are the key to unlocking A2P potential
  136. WiFi jamming attacks more simple and cheaper than ever
  137. America’s Thrift Stores breached by Eastern European criminals
  138. Android ransomware gets new, professional look thanks to Google’s Material Design
  139. Internet of Things: Connecting the security dots from application design to post-sale
  140. Review: Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts
  141. Cybersecurity expectations: Myth and reality
  142. Compliance vs. cybersecurity: Insurers face competing priorities
  143. Thousands of Zhone SOHO routers can be easily hijacked
  144. Chinese hackers arrested at US request
  145. GnuPG 2.1.9 released
  146. Authentication bypass flaw in Netgear SOHO routers exploited in the wild
  147. Don't sink your network
  148. Theoretical computer science provides answers to data privacy problem
  149. LogMeIn to acquire LastPass for $125 million
  150. Apple boots some ad blockers from App Store to protect users privacy
  151. Which Android smartphones are most secure?
  152. Attackers compromise Cisco Web VPNs to steal login credentials, backdoor target networks
  153. Do attribution and motives matter?
  154. Most are concerned about security of healthcare data
  155. Top strategic IT predictions for 2016 and beyond
  156. New Toshiba CMOS image sensor improves recognition and authentication
  157. CIOs agree, IT is more complex than ever
  158. Fake Android apps bypass Google Play store security
  159. Former journalist faces 25 years in prison for article defacement
  160. Free tool to remove YiSpecter iOS malware
  161. Hackers breach firm whose tech is used in Samsung Pay
  162. Pen-testing drone searches for unsecured devices
  163. Photo: A walk through Cyber Security Europe 2015
  164. The average cost of cybercrime escalates to $15 million per organization
  165. The impact of digital business on information security
  166. How are businesses responding to cyber risks?
  167. Huawei 3G routers rife with flaws
  168. Wealth of personal data found on used electronics purchased online
  169. Amazon launches AWS web application firewall
  170. Previously unknown Moker RAT is the latest APT threat
  171. The price of the Internet of Things will be a vague dread of a malicious world
  172. How attackers attempt to infect organizations
  173. High prevalence of personal health information at risk
  174. Winnti groups attack platform is based on decade old malware
  175. Cisco disrupts major ransomware campaign that brought in $30M annually
  176. IP camera manufacturers force researcher to pull conference talk
  177. Google patches Stagefright 2.0 on Nexus devices
  178. Attackers take over org's OWA server, harvest domain credentials with malicious DLL
  179. T-Mobile customer data stolen from Experian already for sale
  180. Applying machine learning techniques on contextual data for threat detection
  181. Attackers prefer lower-bandwidth DDoS attacks
  182. Cybersecurity is being taken seriously around the globe
  183. Nuclear facilities are wide open to cyber attacks
  184. Top 5 Android Marshmallow enterprise security benefits
  185. Advertising malware affects non-jailbroken iOS devices
  186. Car hacking via compromised car diagnostic tools
  187. Prevention is the best cure for identity theft
  188. The changing role of the risk manager
  189. Week in review: The evolution of the CISO, a simple Gatekeeper bypass, and Stagefright 2.0
  190. Compromising Macs with simple Gatekeeper bypass
  191. Unexpectedly benevolent malware improves security of routers, IoT devices
  192. Personal info of 15 million T-Mobile USA customers stolen in Experian breach
  193. Fake PayPal app is going after German users' banking credentials
  194. With unprotected keys and certificates, businesses lose customers
  195. Exposing fraud behavior patterns associated with compromised identities
  196. Unsurprisingly, companies are not protecting personal information
  197. New, improved Ghost Push variants continue to target Android users
  198. Employee use of cloud services puts business data at risk
  199. Stagefright 2.0: A billion Android devices could be compromised
  200. Apple releases OS X El Capitan, patches passcode loophole in iOS
  201. 7 key global DDoS trends revealed
  202. Compromising Macs with simple Gatekeeper bypass
  203. The value of threat intelligence
  204. The barriers to cybersecurity research, and how to remove them
  205. Fragmented approaches to PKI don't always follow best practices
  206. CISOs are looking for more integration and automation
  207. 500 million users at risk of compromise via unpatched WinRAR bug
  208. Scammers use Google AdWords, fake Windows BSOD to steal money from users
  209. Attackers posing as legitimate insiders still an enormous security risk
  210. Companies leave vulnerabilities unpatched for up to 120 days
  211. Women represent only 10% of the infosec workforce
  212. File insecurity: the final data leakage frontier
  213. VBA malware is back!
  214. Too many vulnerable medical systems can be found online
  215. XOR DDoS botnet launching attacks from compromised Linux machines
  216. Do security flaws with life-threatening implications need alternative disclosure?
  217. Hilton, Trump hotel chains hit by PoS malware
  218. How to avoid data breaches? Start by addressing human error
  219. The evolution of the CISO in todays digital economy
  220. Chinese fraudsters are hijacking and misusing Uber accounts
  221. Oysters tablet comes preinstalled with Trojanized Android firmware
  222. Mobile ad network exploited to launch JavaScript-based DDoS attack
  223. Yahoo open-sources Gryffin, a large scale web security scanning platform
  224. How organizations can increase trust and resilience
  225. Is your network suffering from the trombone effect?
  226. Silent Circle launches Blackphone 2, delivering business and personal privacy
  227. Infographic: Devaluing data, fighting cybercrime
  228. Mapping the underground cybercrime economy in order to disrupt it
  229. Cisco releases tool for detecting malicious router implants
  230. Enhancing email security in Office 365
  231. GreenDispenser malware makes ATMs spit out cash
  232. Mobile payments data breaches expected to grow
  233. Free tool helps organizations respond to vulnerability reports
  234. Scandinavian users hit with fake post office emails, ransomware
  235. Vulnerabilities in security software leave users open to attacks
  236. The number of fingerprints stolen in OPM hack rose to 5.6 million
  237. Apple tackles the XcodeGhost crisis by removing apps, alerting devs and users
  238. Chinese promotion company hijacks Android devices around the world
  239. CUJO: Plug-n-play protection for all devices
  240. Healthcare industry sees 340% more security incidents than the average industry
  241. Free WordPress plugin for a password-free login
  242. Using external URL shorteners for internal needs may lead to sensitive data leaks
  243. Killing computer infrastructures with a bang!
  244. WD My Cloud NAS devices can be hijacked by attackers
  245. ENISA provides details on the complex cybersecurity exercise carried out in 2014
  246. Firefox 41 includes critical security updates
  247. Most gamers lack confidence in developers’ security safeguards
  248. NIST will award $3.6 million to projects designed to improve cybersecurity
  249. Facebook tries to help advertisers and users with new ad control options
  250. Number of XcodeGhost-infected iOS apps rises