Emerging Information Security Threats
- January 11, 2017
Poor authentication in MongoDB configurations has led to a sharp increase in ransom attacks, and experts say tens of thousands of databases could be at risk.
- December 09, 2016
News roundup: Internet-connected devices, including 3.2 million routers; 80-plus models of CCTV cameras have backdoors; Dirty Cow gets patched; NSA suffers 'brain drain' and more.
- December 02, 2016
Authorities from 30 countries have dismantled Avalanche, the crimeware-as-a-service network used to steal hundreds of millions from victims around the globe.
- November 18, 2016
Just two weeks before the deadline, U.S. lawmakers seek to postpone until next summer the acceptance of controversial updates to Rule 41, allowing legal access to unspecified systems.
- November 18, 2016
News roundup: The latest chapter of Symantec's security struggles involves a high-severity DLL code flaw. Plus, Dyn attacker might be a lone gamer, James Clapper resigns and more.
- November 04, 2016
Roundup: Mirai botnet attacks take down Liberia internet, as a new IoT botnet adapts old malware. Plus, the latest on Dirty COW and the WoSign certificate authority controversy.
- October 19, 2016
Researchers devised an exploit of an Intel chip flaw that allows an adversary to bypass ASLR protection and potentially boost the effectiveness of an attack on any platform.
- September 26, 2016
A series of potent, record-setting DDoS attacks hit several targets last week and apparently used IoT malware to infect and leverage a large number of internet connect devices.
- September 20, 2016
Cisco warns that an as-yet unpatched vulnerability derived from Shadow Brokers' BENIGNCERTAIN hacking tool is being exploited in the wild.
- September 02, 2016
Apple patched spyware bugs in OS X and Safari that enabled the 'lawful intercept' Pegasus cyberweapon exploit against iOS because the desktop and mobile OSes shared vulnerable code.
- August 25, 2016
More unanswered questions remain about the Shadow Brokers' release of NSA/Equation Group cyberweapons cache, as vendors move to mitigate and researchers search for vulnerabilities.
- August 05, 2016
Black Hat researchers report flaws in key web protocols, demonstrating widespread flaws in HTTP/2 implementations; Banner Health announces breach affecting 3.7 million.
- July 27, 2016
The KeySniffer wireless vulnerability goes beyond the similar MouseJack flaw in exposing users of inexpensive wireless keyboards to sniffing, injection attacks.
- June 24, 2016
U.S. Senate fails to pass National Security Letter regulation to enhance warrantless FBI surveillance access to metadata, including email headers and browser history.
- June 22, 2016
EFF and privacy activists oppose Rule 41 changes, while the Department of Justice claims the changes do not alter 'traditional protections' under the Fourth Amendment.