Thursday, July 19, 2018

Cisco patches critical vulnerabilities in Policy Suite

One of the worst security flaws permits attackers to act as root and execute arbitrary code.

Thousands of US voters’ data exposed by robocall firm

Each record contains a voter's name, address, and "calculated" political affiliation.

Tech giants, civil liberties coalition urges Congress to pass email privacy law

Right now, the government can read your six-month-old emails without a warrant.

Thousands of Mega logins dumped online, exposing user files

Exclusive: File names of 15,500 accounts was exposed, including purportedly illegal content.

Justice Dept. indicts 12 Russian spies over 2016 DNC hack

The 12 indictments were sought by US special counsel Robert Mueller.

Ukraine blocks VPNFilter attack against core country water system

Russia has been blamed for the cyberattack.

IBM: A data breach will now cost your organization $3.86 million, if you’re lucky

There are hidden costs over time which make the bill far larger than you may expect.

Another hack rocks cryptocurrency trading: Bancor loses $13.5 million

The alleged hack has raised questions over the validity of the start-up's "decentralized" system.

​The return of Spectre

Two new ways to assault computers using Spectre-style attacks have been discovered. These can be used against any operating system running on AMD, ARM, and Intel processors.

Adobe fixes over 100 vulnerabilities in latest security patch update

The massive security update covers Flash, Acrobat, Connect, Experience Manager, and Reader.

Apple fixes iPhone crash bug whenever Taiwan was mentioned

The bug is now fixed in iOS 11.4.1.

BlackTech threat group steals D-Link certificates to spread backdoor malware

The same certificate was used to sign legitimate D-Link software.

Ticketmaster breach was part of a larger credit card skimming effort, analysis shows

The breach wasn't a one-off event, as believed, but part of a massive credit card skimming operation.

Do aliens feel the beat? Music sent into space for extraterrestrials to decode

To mark its 25th anniversary, Barcelona's Sónar music festival launched a musical message beyond Earth's orbit.

This new feature will make it tougher for cops and hackers to unlock your iPhone

Restrictions on the USB port will make it tougher for police to get access to your data.

User data exposed in Domain Factory hosting security breach

Customers are being urged to change their passwords as soon as possible.

Fitness app Polar exposed locations of spies and military personnel

Location data revealed the home addresses of intelligence officers -- even when their profiles were set to private.

Former NSO employee steals, flogs Pegasus mobile hacking tool for $50 million

The staff member stole Pegasus spyware code and attempted to sell it in the Dark Web.

Critical ADB router, modem firmware vulnerabilities finally fixed

Patches for three bugs impacting Advanced Digital Broadcast broadband equipment have now been released.

Japan issues first-ever prison sentence in cryptojacking case

The 24-year-old has been sentenced despite making only $45 from his antics.

Why the Best Defense Is a Good Offensive Security Strategy

When many people think about offensive security, they picture a mysterious figure wearing a hoodie, sitting behind a black-and-green terminal, diligently typing away as he probes enterprise networks. But the cybersecurity world has evolved well beyond this Hollywood hacker...

Google hit with $5.1b fine in EU’s Android antitrust case

This could mean the end of free Android. In the meantime, Google plans to appeal.

Privacy Advocates Say Kelsey Smith Act Gives Police Too Much Power

This bill making its way through Congress would allow law enforcement to more easily uncover location data for cell phones from mobile carriers in an emergency.

IDG Contributor Network: Hack like a CISO

I have written several times over the last couple of years about how the role of today’s CISOs have changed and are now more tuned to support business activities and the management of enterprise risk. Serving an organization as...

Cisco patches critical vulnerabilities in Policy Suite

One of the worst security flaws permits attackers to act as root and execute arbitrary code.