Tuesday, March 19, 2019
ZDNet

Severe security bug found in popular PHP library for creating PDF files

Vulnerability patched last year, but many websites and web apps will most likely remain vulnerable for years.
ZDNet

EU government websites infested with third-party adtech scripts

Ironic as it may be, EU websites might not be compliant with the EU's own data protection rules.
ZDNet

Aluminum producer switches to manual operations after ‘extensive cyber-attack’

Norway's Norsk Hydro said a cyber-attack on late Monday night crippled its IT systems.
ZDNet

Facebook blocked over 1.2 million New Zealand shooting videos at upload

Facebook has released new figures relating to the live-streamed attacks.
ZDNet

Google open-sources project for sandboxing C/C++ libraries on Linux

Support for other programming languages to be added in future releases.
ZDNet

Hacked tornado sirens taken offline in two Texas cities ahead of major storm

City officials took hacked tornado sirens offline ahead of major storm. Luckily, they weren't needed.
ZDNet

New Mirai malware variant targets signage TVs and presentation systems

Security researchers spot new Mirai botnet with an enhanced arsenal of IoT exploits.
ZDNet

Is it still a good idea to publish proof-of-concept code for zero-days?

Time and time again, the publication of PoC code for zero-days and recently patched security bugs often helps hackers more than end-users.
ZDNet

UK code breakers release Enigma war machine simulator

You can also try out Bombe and Typex code-cracking for yourself.
ZDNet

Round 4: Hacker returns and puts 26Mil user records for sale on the Dark Web

Gnosticplayers returns with new user records, most of which he obtained by hacking companies last month.
ZDNet

Microsoft releases Application Guard extension for Chrome and Firefox

Extensions only available for Windows Insiders for now. To work for everyone once Windows 10 19H1 is live.
ZDNet

Dutch hacker who DDoSed the BBC and Yahoo News gets no jail time

Hacker used a Mirai botnet to DDoS companies and ask for ransoms to stop attacks.
ZDNet

Android Q to get a ton of new privacy features

Coming to Android Q: MAC address randomization, new location data permission popup, no more clipboard sniffing.
ZDNet

Fujitsu wireless keyboard model vulnerable to keystroke injection attacks

There are slim chances that Fujitsu will release a patch.
ZDNet

Database leaks 250K legal documents, some marked ‘not designated for publication’

Database taken down two weeks later. Owner never identified.
ZDNet

Microsoft to fix ‘novel bug class’ discovered by Google engineer

Fixes to be included with Windows 10 19H1, scheduled for release in a few weeks.
ZDNet

‘100 unique exploits and counting’ for latest WinRAR security bug

As expected, the recent WinRAR vulnerability is now being abused en-masse by multiple threat actors.
ZDNet

Facebook debuts AI tool to tackle revenge porn

A new support service has also been launched to tackle the spread of intimate images without consent.
ZDNet

Former Mt. Gox CEO found guilty of record tampering, but likely to avoid prison

Mark Karpeles has been found guilty of fiddling accounts but not embezzlement in the Mt. Gox case.
ZDNet

Two-thirds of all Android antivirus apps are frauds

Only 23 Android antivirus apps had a 100 percent detection rate with no false positives.

6 Ways Mature DevOps Teams Are Killing It in Security

New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
The Register

Ransomware drops the Lillehammer on Norsk Hydro: Aluminium giant forced into manual mode after systems scrambled

Norway the power and metals wrangler could have seen this one coming Norwegian power and metals giant Norsk Hydro is battling an extensive ransomware infection on its computers.…

Old Tech Spills Digital Dirt on Past Owners

Researcher buys old computers, flash drives, phones and hard drives and finds only two properly wiped devices out of 85 examined.

The Case of the Missing Data

The latest twist in the Equifax breach has serious implications for organizations.
SecurityWeek

Industrial Cybersecurity Firm Nozomi Launches Research Department

Industrial cybersecurity solutions provider Nozomi Networks on Tuesday announced the formal launch of the company’s research department, Nozomi Networks Labs. read more