View Full Version : Security News

  1. Previously unknown Moker RAT is the latest APT threat
  2. The price of the Internet of Things will be a vague dread of a malicious world
  3. How attackers attempt to infect organizations
  4. High prevalence of personal health information at risk
  5. Winnti groups attack platform is based on decade old malware
  6. Cisco disrupts major ransomware campaign that brought in $30M annually
  7. IP camera manufacturers force researcher to pull conference talk
  8. Google patches Stagefright 2.0 on Nexus devices
  9. Attackers take over org's OWA server, harvest domain credentials with malicious DLL
  10. T-Mobile customer data stolen from Experian already for sale
  11. Applying machine learning techniques on contextual data for threat detection
  12. Attackers prefer lower-bandwidth DDoS attacks
  13. Cybersecurity is being taken seriously around the globe
  14. Nuclear facilities are wide open to cyber attacks
  15. Top 5 Android Marshmallow enterprise security benefits
  16. Advertising malware affects non-jailbroken iOS devices
  17. Car hacking via compromised car diagnostic tools
  18. Prevention is the best cure for identity theft
  19. The changing role of the risk manager
  20. Week in review: The evolution of the CISO, a simple Gatekeeper bypass, and Stagefright 2.0
  21. Compromising Macs with simple Gatekeeper bypass
  22. Unexpectedly benevolent malware improves security of routers, IoT devices
  23. Personal info of 15 million T-Mobile USA customers stolen in Experian breach
  24. Fake PayPal app is going after German users' banking credentials
  25. With unprotected keys and certificates, businesses lose customers
  26. Exposing fraud behavior patterns associated with compromised identities
  27. Unsurprisingly, companies are not protecting personal information
  28. New, improved Ghost Push variants continue to target Android users
  29. Employee use of cloud services puts business data at risk
  30. Stagefright 2.0: A billion Android devices could be compromised
  31. Apple releases OS X El Capitan, patches passcode loophole in iOS
  32. 7 key global DDoS trends revealed
  33. Compromising Macs with simple Gatekeeper bypass
  34. The value of threat intelligence
  35. The barriers to cybersecurity research, and how to remove them
  36. Fragmented approaches to PKI don't always follow best practices
  37. CISOs are looking for more integration and automation
  38. 500 million users at risk of compromise via unpatched WinRAR bug
  39. Scammers use Google AdWords, fake Windows BSOD to steal money from users
  40. Attackers posing as legitimate insiders still an enormous security risk
  41. Companies leave vulnerabilities unpatched for up to 120 days
  42. Women represent only 10% of the infosec workforce
  43. File insecurity: the final data leakage frontier
  44. VBA malware is back!
  45. Too many vulnerable medical systems can be found online
  46. XOR DDoS botnet launching attacks from compromised Linux machines
  47. Do security flaws with life-threatening implications need alternative disclosure?
  48. Hilton, Trump hotel chains hit by PoS malware
  49. How to avoid data breaches? Start by addressing human error
  50. The evolution of the CISO in todays digital economy
  51. Chinese fraudsters are hijacking and misusing Uber accounts
  52. Oysters tablet comes preinstalled with Trojanized Android firmware
  53. Mobile ad network exploited to launch JavaScript-based DDoS attack
  54. Yahoo open-sources Gryffin, a large scale web security scanning platform
  55. How organizations can increase trust and resilience
  56. Is your network suffering from the trombone effect?
  57. Silent Circle launches Blackphone 2, delivering business and personal privacy
  58. Infographic: Devaluing data, fighting cybercrime
  59. Mapping the underground cybercrime economy in order to disrupt it
  60. Cisco releases tool for detecting malicious router implants
  61. Enhancing email security in Office 365
  62. GreenDispenser malware makes ATMs spit out cash
  63. Mobile payments data breaches expected to grow
  64. Free tool helps organizations respond to vulnerability reports
  65. Scandinavian users hit with fake post office emails, ransomware
  66. Vulnerabilities in security software leave users open to attacks
  67. The number of fingerprints stolen in OPM hack rose to 5.6 million
  68. Apple tackles the XcodeGhost crisis by removing apps, alerting devs and users
  69. Chinese promotion company hijacks Android devices around the world
  70. CUJO: Plug-n-play protection for all devices
  71. Healthcare industry sees 340% more security incidents than the average industry
  72. Free WordPress plugin for a password-free login
  73. Using external URL shorteners for internal needs may lead to sensitive data leaks
  74. Killing computer infrastructures with a bang!
  75. WD My Cloud NAS devices can be hijacked by attackers
  76. ENISA provides details on the complex cybersecurity exercise carried out in 2014
  77. Firefox 41 includes critical security updates
  78. Most gamers lack confidence in developers’ security safeguards
  79. NIST will award $3.6 million to projects designed to improve cybersecurity
  80. Facebook tries to help advertisers and users with new ad control options
  81. Number of XcodeGhost-infected iOS apps rises
  82. Exploit broker offers $1 million for reliable iOS 9 exploit
  83. Android SMS Trojans evolve, go after bank and payment system accounts
  84. Reactions to the XcodeGhost malware infecting iOS apps
  85. Malware-infected game discovered on Google Play, up to 1 million users at risk
  86. Are you ready for EMV?
  87. Millions of iOS users endangered by Trojanized apps from the App Store
  88. 26 vulnerabilities found in parental monitoring application
  89. AVG will sell user browsing and search info to advertisers
  90. Symantec fires employees who issued rogue Google certificates
  91. D-Link accidentally leaks code-signing certs in its firmware
  92. Data security for the borderless enterprise
  93. Information security: A key issue in the 2016 U.S. presidential campaign?
  94. Critical Bugzilla flaw allows access to unpatched vulnerability information
  95. State-sponsored cyberattacks linked to Russian intelligence gathering
  96. Information security: A key issue in the 2016 presidential campaign?
  97. Malicious SYNful Cisco router implant found on more devices around the globe
  98. Malware takes screenshots of the infected player’s virtual poker hand
  99. Top cloud security issue? Lack of visibility
  100. iOS 9 partially fixes critical, easily exploitable AirDrop bug
  101. 80% increase of malware on Windows devices
  102. Behind the scenes at BruCON, a European hacker conference
  103. New POS Trojan created by mixing code from older malware
  104. Big Data investments on the rise
  105. Microsoft details how Device Guard fights malware in Windows 10
  106. Persistent XSS flaw in SharePoint 2013 revealed, patched
  107. (IN)SECURE Magazine issue 47 released
  108. Android 5 bug allows attackers to easily unlock password-protected devices
  109. Container security concerns escalate
  110. Why background screening is vital for IT security
  111. 230,000 new malware samples detected each day
  112. Malicious router implants open permanent entry points into target networks
  113. Privacy International helps individuals find out if they were spied on by the GCHQ
  114. Do we need harsher penalties and enforced data breach detection measures?
  115. The rise of repeated "low and slow" DDoS attacks
  116. Industrial security awareness continues to remain low
  117. Encryption: Whose keys are they, anyway?
  118. Tor security improves as .onion becomes a special-use domain name
  119. Researchers find backdoor bug in NASA rovers' real-time OS
  120. New malware can make ATMs not give users card back
  121. Review: Next Generation Red Teaming
  122. Intel establishes automotive security review board
  123. The Lord of the Hacktivist Rings
  124. Apple complicates app sideloading in iOS 9 for increased security
  125. 63% in favor of encryption backdoors to respond to national security threats
  126. Vulnerability management embraces new functions
  127. PIN-changing, screen-locking Android ransomware
  128. US Energy Departments systems breached 159 times in four years
  129. Attack code for critical Android Stagefright flaw published
  130. Review: Encryptr: Open source cloud-based password manager
  131. Internet of Things: Security misconceptions, expectations, and the future
  132. Global cyber insurance market to grow to over $20 billion by 2025
  133. Aggressive tactics from DD4BC extortionist group revealed
  134. Cyberespionage group exploits satellites for ultimate anonymity
  135. Microsoft pushes out security updates, plugs holes actively exploited by attackers
  136. Security pros acknowledge risks from untrusted certificates but take no action
  137. New Android malware could inflict $250,000 of losses
  138. The White House sprints to lock down data
  139. 2015 saw 888 data breaches, 246 million records compromised worldwide
  140. Half of iPhones on corporate networks run outdated iOS versions
  141. Zero-day bugs in Kaspersky and FireEye products found, exploits disclosed
  142. Ashley Madison developers not big on security
  143. Vulnerabilities in WhatsApp Web affect 200 million users globally
  144. Android ransomware masquerades as Adult Player app, takes photo of victim
  145. How talking to recognition technologies will change us
  146. Seagate wireless hard drives open wide to attack
  147. Innovative security research comes to Singapore
  148. End-to-end encryption is key for securing the Internet of Things
  149. Hacker had access to sensitive info about Firefox bugs for over a year
  150. Innovative security research comes to Singapore
  151. Week in review: iOS malware compromising Apple accounts, and fake recruiters on LinkedIn targeting infosec pros
  152. Fake recruiters on LinkedIn are targeting infosec pros
  153. Cisco squashes DoS bug in its unified infrastructure software
  154. Operational security and cybersecurity come together in Anaheim
  155. Cyber crooks opt for APT method for delivering malware
  156. PayPal stored XSS vulnerability exposed
  157. Open source Sleepy Puppy tool finds XSS bugs in target apps and beyond
  158. Persistent cyber spies try to impersonate security researchers
  159. Clever Android ransomware infects tens of thousands of devices
  160. Major browser makers synchronize end of support for RC4
  161. Popular Android AppLock app full of gaping security holes
  162. Adware installer gives itself permission to access Mac users keychain
  163. Best practices for ensuring compliance in the age of cloud computing
  164. 0-days found in widely used Belkin router, fixes still unavailable
  165. 95% of websites in 10 new TLDs are suspicious
  166. Whats burning up resources for IT pros during the summer?
  167. Verizon and Splunk deliver actionable threat intelligence
  168. Snoopers’ Charter will cause extreme rise in business costs
  169. 49 new Regin backdoor modules discovered
  170. An emerging global threat: BEC scams hitting more and more businesses
  171. Why collaboration is crucial in the battle for IT security
  172. Should a data breach be the kiss of death for the CEO?
  173. How data breaches are changing information security
  174. Ashley Madison-themed blackmail, data deletion scams hitting inboxes
  175. Five years of hardware and software threat evolution
  176. How Linux Foundation sysadmins secure their workstations
  177. Spotting malicious apps on Android markets just got easier
  178. Over 225,000 Apple accounts compromised via iOS malware
  179. Whos afraid of shadow IT?
  180. CPU hardware performance counters for security
  181. Should the removal of personal info posted online be a human right?
  182. EMEA organizations are being pre-emptive about security
  183. 5 reasons Security Congress is the (ISC)2 member event of the year
  184. What drives employees to shadow IT?
  185. Protect against privileged credential attacks with zero trust
  186. The big picture of protecting and securing Big Data
  187. 81% of healthcare organizations have been compromised
  188. Unsurprisingly, most would support eliminating passwords
  189. Effective security starts with UX
  190. Malvertising campaigns increase 325 percent
  191. Unmanaged Apple devices are a liability for corporations
  192. How to get better at web application security
  193. UDP-based Portmap latest target for DDoS attackers looking to amplify attacks
  194. If you build it, they will come
  195. Cybercriminals are becoming more creative
  196. Evaluating the security of open source software
  197. The rise of artificial intelligence technologies
  198. Security flaws could allow attackers to steal over 100 different cars
  199. Payment card info of 93,000 customers stolen
  200. Most security executives lack confidence in their security posture
  201. Stolen Ashley Madison data dumped online, seems legitimate
  202. Microsoft issues emergency patch for IE flaw exploited in the wild
  203. The unstoppable rise of DDoS attacks
  204. Keep your site more secure with WordPress 4.3
  205. Mozilla is experimenting with improved Private Browsing
  206. Solving the third-party risk management puzzle for PCI
  207. Does your mobile carrier track you online?
  208. Researcher releases exploit for OS X 0-day that gives root access
  209. IBM is betting big on open source in the enterprise
  210. How to sabotage DDoS-for-hire services?
  211. Dealing with a difficult data legacy
  212. Five points of failure in recovering from an attack
  213. Privileged accounts are still easy to compromise
  214. BitTorrent clients can be made to participate in high-volume DoS attacks
  215. Google plugs Google Admin app sandbox bypass 0-day
  216. Maintaining security during your healthcare merger or acquisition
  217. Cloud security without borders
  218. Week in review: New C++ bugs, preventing insider threats, and gamifying threat detection
  219. Researcher hacks house arrest tracking system
  220. Google's Android Stagefright patch is flawed
  221. Apple fixes a bucketload of vulnerabilities in everything
  222. Dealing with a difficult data legacy
  223. Five principal cloud security challenges
  224. Researchers get $100k for detecting emerging class of C++ bugs
  225. Cisco spots attackers hijacking its networking gear by modifying firmware
  226. Redefining security visualization with Hollywood UI design
  227. Impact and scope of fraud that crosses multiple industries
  228. Addressing IoT risks with a trust framework
  229. Dropbox adds support for FIDO U2F secure authentication
  230. Researchers hack Corvette via SMS to plugged-in tracking dongle
  231. Attackers actively exploiting Windows bug via malicious USB devices
  232. Insider trading ring hacked into newswire services, raked in $100M based on stolen info
  233. Scammers exploit mobile ads for easy profit
  234. Revisiting takedown wins: Are users in the developing world getting left behind?
  235. Firefox 40: New features and critical security updates
  236. Looks like mobile device security is on nobodys mind
  237. Kali Linux 2.0 released: New 4.0 kernel, improved hardware and wireless driver coverage
  238. How to prevent insider threats in your organization
  239. Event: (ISC)2 SecureTurkey
  240. How to minimize insider threats in your organization
  241. Angler EK exploits recently patched IE bug to deliver ransomware
  242. Severe deserialization vulnerabilities found in Android and third-party Android SDKs
  243. Top 10 U.S. cities for online fraud
  244. Darkhotel spying crew boosts attacks with Hacking Team exploit
  245. Cloud security: Integrated global CDN with DDoS mitigation and WAF
  246. Defending the enterprise in an increasingly complex environment
  247. HTC phone stores fingerprints in easily accessible plaintext
  248. Fraudsters steal nearly $47 million from Ubiquiti Networks
  249. Google adds another obstacle for developers of deceptive Chrome extensions
  250. Info of 2.4 million Carphone Warehouse customers stolen