Trending Now
LATEST
Norwegian aluminum producer Norsk Hydro hit by an unspecified cyberattack
Norwegian aluminum producer Norsk Hydro was hit by a cyber attack which began Monday evening and escalated into the night.
The Norwegian National Security Authority (NSM) declined to comment on what type of attack it was but said the extent...
Glitch exposes Sprint customer data to other users
A bug
has allowed some Sprint customers to see the personal data of other customers from
their online accounts.
The information visible includes names, cell phone numbers as well as calls made by other users and, and a Tech Crunch report cited...
ISC StormCast for Wednesday, March 20th 2019
Cloudflare Releases Proxy Detection Tools https://blog.cloudflare.com/monsters-in-the-middleboxes/Business Email Compromise Moving to
6 Ways Mature DevOps Teams Are Killing It in Security
New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
Ransomware drops the Lillehammer on Norsk Hydro: Aluminium giant forced into manual mode after systems scrambled
Norway the power and metals wrangler could have seen this one coming Norwegian power and metals giant Norsk Hydro is battling an extensive ransomware infection on its computers.…
Mozilla Releases Security Updates for Firefox
Original release date: March 19, 2019Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA)...
The Case of the Missing Data
The latest twist in the Equifax breach has serious implications for organizations.
Industrial Cybersecurity Firm Nozomi Launches Research Department
Industrial cybersecurity solutions provider Nozomi Networks on Tuesday announced the formal launch of the company’s research department, Nozomi Networks Labs.
read more
Cloudflare Launches New HTTPS Interception Detection Tools
Security services provider Cloudflare on Monday announced the release of two new tools related to HTTPS interception detection.
read more
Microsoft Ending Support for Windows 7
Original release date: March 19, 2019All software products have a life-cycle. After January 14, 2020, Microsoft will no longer provide security updates or support for PCs running the Windows 7 operating system. After this date, this product will no...
CIA bribery scam – crooks offer to erase child abuse evidence for $10,000
This scam is both intimidating and disturbing - the crooks are presenting themselves as corrupt CIA officials who will take a bribe.
Android Q — Google Adds New Mobile Security and Privacy Features
Google has recently released the first beta version of Android Q, the next upcoming version of Google's popular mobile operating system, with a lot of new privacy improvements and other security enhancements.
Android Q, where Q has not yet been...
Mobile App Security Firm Blue Cedar Raises $17 Million
Blue Cedar, a San Francisco-based company that specializes in securing mobile applications, on Tuesday announced that it raised $17 million in a Series B funding round.
read more
Authorities had OK to use Broidy’s hands, face to unlock phones confiscated in raid
Federal agents raiding the offices of former Republican National Committee (RNC) Deputy Finance Chair Elliot Broidy last year looking for details on his dealings with a number of people, including “Trump administration associates,” were authorized to use the fundraiser’s...
Norsk Hydro Shuts Plants Amid Ransomware Attack
The cyberattack, first detected on Monday night, has shut down Norsk's entire global network.
Severe security bug found in popular PHP library for creating PDF files
Vulnerability patched last year, but many websites and web apps will most likely remain vulnerable for years.
Podcast Episode 138: Hacker President? Joseph Menn of Reuters talks Beto and Cult of the Dead Cow
In this exclusive podcast interview with Security Ledger, Reuters investigative technology journalist Joseph Menn talks about his upcoming book on the iconic hacking group Cult of the Dead Cow and his discovery that U.S. presidential candidate Beto O'Rourke of...
Does GDPR compliance reduce breach risk?
Compliance can be costly and often feels more like red tape and a barrier to business than anything that provides a benefit. A report by EY and the International Association of Privacy Professionals (IAPP) estimates that organizations have spend...
Now Available: Recording of Chinese Malicious Cyber Activity Briefing
Original release date: March 19, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has posted the February 14, 2019, Awareness Briefing on Chinese Malicious Cyber Activity. This webinar provides background and mitigation techniques on Chinese malicious cyber activity targeting managed...
VMware and Pwn2Own Vancouver 2019
We wanted to post a quick acknowledgement that VMware will have representatives in attendance at Pwn2Own Vancouver 2019 to review any vulnerabilities that may be demonstrated during the security contest. Stay tuned for further updates.
As always please sign up...
Ransomware Attack Forces Aluminum Manufacturer to Shutdown Systems Worldwide
Photo by Terje Pedersen / NTB scanpix
One of the world's largest producers of aluminum has been forced to shut down several of its plants across Europe and the U.S. after an "extensive cyber attack" hit its operations, leaving companies'...
Microsoft Dominates 2018’s Most Exploited Vulnerabilities
Eight of the top ten most exploited vulnerabilities in 2018 affected Microsoft products. Only one -- but the second most exploited -- was an Adobe vulnerability. The last one, ranking at the ninth most exploited vulnerability of 2018, was...
US Orgs Not Ready to Comply with CCPA
US Orgs Not Ready to Comply with CCPAProtecting consumer privacy has become a top priority for legislators as candidates launch their 2020 campaigns and try to win over voters. According to research findings revealed in the new CCPA and...
Orange County hit and taken offline with ransomware
The Orange County, N.C., government was knocked offline by a ransomware attack early Monday morning.
County officials discovered files were being encrypted and shut down its entire network in an effort to stop the malware from spreading, effectively shutting down...
Researcher Finds Novel Bug Class in Windows Kernel
A security researcher working with Google Project Zero has discovered a novel bug class that impacts Windows and some of its drivers.
read more
LEADERS
Why real-time intelligence matters for managing third-party risk
Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support!
As leading companies in every industry today are undergoing digital transformation, the lines are blurring between any...
Aluminium plants hit by cyber-attack, global company turns to manual operations
Norsk Hydro, one of the world’s largest producers of aluminium, says that it is battling an “extensive cyber-attack” that first hit its systems on Monday evening and then escalated overnight.
Read more in my article on the Hot for Security...
Triton
Good article on the Triton malware which targets industrial control systems.
Google Play is flooded with hundreds of unsafe anti-virus products
A new study has closely examined whether 250 security products for Android smartphones are capable of protecting users at all.
The results are in… and disturbing.
Read more in my article on the Hot for Security blog.
CAs Reissue Over One Million Weak Certificates
Turns out that the software a bunch of CAs used to generate public-key certificates was flawed: they created random serial numbers with only 63 bits instead of the required 64. That may not seem like a big deal to...
