Trending Now
LATEST
What is a keylogger? How attackers can monitor everything you type
Keylogger definitionTo read this article in full, please click here(Insider Story)
And that was actually the CLEAN version!
It's more than a few years back, and this oilfield services company is implementing a new email filter, says a pilot fish working there."It was part of an email security product," fish says. "The filter could identify emails containing...
Review: How StackRox protects containers
With the rise of cloud computing and later DevOps, containerization has never been more popular. But cybersecurity has yet to fully catch up. Even security applications designed to work natively in the cloud have trouble protecting the most popular...
Dark web goldmine busted by Europol
What’s the safest way to buy counterfeit banknotes? Not on the dark web market, as 235 people have just discovered to their cost.
Google will shut down consumer version of Google+ earlier due to a bug
Google announced it will close the consumer version of Google+ before than originally planned due to the discovery of a new security flaw.
Google will close the consumer version of Google+ in April, four months earlier than planned. According to G...
Teen SWATter who had 400 schools evacuated lands 3 years in jail
George Duke-Cohan is the British teen who posed as a worried father whose daughter had called him mid-flight during a hijacking.
Facebook fined $11m for misleading users about how data will be used
They said Facebook emphasizes the service being free, not that it's making big bucks off users' data. They ordered the company to apologize.
NHS Fax Ban Set to Improve Security from 2020
NHS Fax Ban Set to Improve Security from 2020The NHS will be banned from buying any more fax machines from next month as the government looks to upgrade the health service to more modern and secure communications platforms.
Health secretary Matt...
Texas Instruments flicks Armis’ Bluetooth chip vuln off its shoulder
Yeah, we've patched that one, adds Cisco Texas Instruments has rather feebly slapped down infosec researchers' findings on a so-called Bleedingbit Bluetooth Low Energy vulnerability after a more detailed explanation of the chipset's weakness emerged.…
New Google+ Bug Moves Site End Date Forward
New Google+ Bug Moves Site End Date Forward Google is speeding up the closure of its unpopular social networking platform after discovering a new bug affecting over 52 million users.
The tech giant announced in October that it would be...
Coming Together – Business Security Weekly #110
This week, Matt and Paul interview Brian Carey, Senior Security Consultant at Rapid7! Brian talks about emerging trends that he is seeing with his clients, and how they impact their clients’ security programs, including maturity, roadmap, and recommendations! In...
Unsupervised Learning: No. 155
Google+ breach, Android flaws, China's long game against the US, Australia's encryption blunder, NYPD drones, and more…Support the show.
2018-043-Adam-Baldwin, npmjs Director of Security, event stream post mortem, and making your package system more secure
Adam Baldwin (@adam_baldwin) Director of Security, npm https://foundation.nodejs.org/ https://spring.io/understanding/javascript-package-managers Role in the NodeJS project Advisory? Active role? Maintain security modules? Are there any requirements to being a dev? Are there different roles in...
DtSR Episode 326 – MidMarket Security
This week, go down the security rabbit hole with someone who has been working on security in the mid-market (likely the kind of company you work at, statistically) for a long time. Bob has some great lessons learned and...
ISC StormCast for Tuesday, December 11th 2018
Kubernetes Unauthenticated PoC Exploit for CVE-2018-1002105 https://github.com/evict/poc_CVE-2018-1002105#unauthenticated-pocWebAssembly Brings Buffer Overflows
DanaBot Malware Adds Spam to its Menu
A new generation of modular malware increases its value to criminals.
Google admits Google Plus hit by *another* privacy flaw, speeds up site’s closure
Google has admitted that Google Plus suffered another security failure last month, allowing the personal information of 52 million users to be accessed by third-party apps and developers without permission.
GlobeImposter ransomware victims find themselves abandoned by their extortionists
It’s a bad day when your computers get hit by ransomware.
But it only gets worse when you realise that you not only don’t have backups, but also have no way of contacting the criminals who encrypted your data.
Latest Google+ flaw leads Chocolate Factory to shut down site early
52.5 million accounts at risk, tens of people are worried Google says it will be speeding up the dismantling of its Google+ social network following the discovery of a new security bug that affected 52.5 million users.…
Hackers ramp up attacks on mining rigs before Ethereum price crashes into the gutter
Attackers scan for Ethereum wallets and mining rigs that have carelessly exposed port 8545 on the Internet.
‘Highly Active’ Seedworm Group Hits IT Services, Governments
Since September, the cyber espionage actors have targeted more than 130 victims in 30 organizations including NGOs, oil and gas, and telecom businesses.
Second Google+ bug hastens shutdown
After a second, newly discovered, bug affected 52.5 million Google+ users, Google has decided to shutter the social network earlier than originally planned.
“We’ve recently determined that some users were impacted by a software update introduced in November that contained...
City of North Bend hit with ransomware
The city of North Bend, Ore., was hit with a ransomware attack which temporarily locked out city workers from their computers and databases.
“One weekend morning a few weeks back all of our servers and things locked up, and we...
Highly Active MuddyWater Hackers Hit 30 Organizations in 2 Months
The cyberespionage group referred to as MuddyWater has hit over 130 victims in 30 organizations from late September to mid-November, Symantec security researchers said in a report published Monday.
read more
How to use Cloudflare encrypted DNS on Android
If you're looking for an easy means of enabling encrypted DNS on Android, the Cloudflare 1.1.1.1 app is the way to go.
LEADERS
Google admits Google Plus hit by *another* privacy flaw, speeds up site’s closure
Google has admitted that Google Plus suffered another security failure last month, allowing the personal information of 52 million users to be accessed by third-party apps and developers without permission.
GlobeImposter ransomware victims find themselves abandoned by their extortionists
It’s a bad day when your computers get hit by ransomware.
But it only gets worse when you realise that you not only don’t have backups, but also have no way of contacting the criminals who encrypted your data.
How Internet Savvy are Your Leaders?
Back in April 2015, I tweeted about receiving a letter via snail mail suggesting the search engine rankings for a domain registered in my name would suffer if I didn’t pay a bill for some kind of dubious-looking service I’d...
2018 Annual Report from AI Now
The research group AI Now just published its annual report. It's an excellent summary of today's AI security challenges, as well as a policy agenda to address them.
This is related, and also worth reading.
Bomb Threat Hoaxer, DDos Boss Gets 3 Years
The ringleader of a gang of cyber hooligans that made bomb threats against hundreds of schools and launched distributed denial-of-service (DDoS) attacks against Web sites — including KrebsOnSecurity on multiple occasions — has been sentenced to three years in...
