News
News
- November 12, 2018
12 Nov'18
SSD encryption failures made worse by BitLocker settings
Researchers discover major manufacturers poorly implemented SSD encryption, allowing easy access to data, and Microsoft BitLocker made the issue worse.
- November 12, 2018
12 Nov'18
Android Ecosystem Security Transparency Report is a wary first step
Reading through Google's first quarterly Android Ecosystem Security Transparency Report feels like a mix of missed opportunities and déjà vu all over again. Much of what is in the new Android ...
- November 09, 2018
09 Nov'18
New spam botnet infects over 100,000 home routers
News roundup: A new spam botnet infected over 100,000 home routers through a UPnP vulnerability, according to researchers. Plus, HSBC Bank reported a data breach, and more.
-
- November 08, 2018
08 Nov'18
Risk & Repeat: MIT CSAIL discusses securing the enterprise
This week's Risk & Repeat podcast discusses the MIT CSAIL Securing the Enterprise conference and how experts there advocated for new strategies and approaches to infosec.
- November 08, 2018
08 Nov'18
U.S. Cyber Command malware samples to be logged in VirusTotal
The Cyber National Mission Force will share unclassified U.S. Cyber Command malware samples to VirusTotal and one expert hopes there will be more action taken to help researchers.
- November 06, 2018
06 Nov'18
Latest Symantec acquisitions target endpoint security
Endpoint security startups Appthority and Javelin Networks are the latest Symantec acquisitions as the cybersecurity giant aims to improve its endpoint protection product.
- November 06, 2018
06 Nov'18
PortSmash side-channel attack targets Intel Hyper-Threading
The latest side-channel attack against Intel chips, known as PortSmash, targets Hyper-Threading in order to steal data, such as private OpenSSL keys from a TLS server.
- November 05, 2018
05 Nov'18
As PHP v5 nears its end, enterprises face serious threats
The majority of websites still use the outdated PHP v5, according to recent data, causing concern over the fact that it will stop receiving security support at the end of the year.
- November 02, 2018
02 Nov'18
Bleedingbit vulnerabilities put Wi-Fi access points at risk
Armis researchers discovered two chip-level Bluetooth vulnerabilities -- dubbed Bleedingbit -- that could allow pseudo-remote code execution on wireless access points.
- November 02, 2018
02 Nov'18
SamSam ransomware campaigns continue to target U.S. in 2018
News roundup: SamSam ransomware targeted 67 organizations in 2018, according to research. Plus, Equifax is sending its breach victims to Experian for credit monitoring, and more.
-
- November 02, 2018
02 Nov'18
Kraken ransomware gets packaged into Fallout EK
Researchers found Kraken ransomware has become more popular after being packaged in the Fallout exploit kit and becoming part of an affiliate program.
- October 31, 2018
31 Oct'18
The first sandboxed antivirus is Windows Defender
Microsoft created the first sandboxed antivirus solution in its latest Insider version of Windows Defender for Windows 10, moving proactively to harden the product against attacks.
- October 26, 2018
26 Oct'18
Google sets Android security updates rules but enforcement is unclear
The vendor requirements for Android are a strange and mysterious thing but a new leak claims Google has added language to force manufacturers to push more regular Android security updates. ...
- October 26, 2018
26 Oct'18
Settlement in Yahoo data breach leaves company to pay $50M
News roundup: The Yahoo data breach will cost the company another $50 million in a settlement deal. Plus, Check Point acquired cloud security company Dome9, and more.
- October 26, 2018
26 Oct'18
WebExec vulnerability leaves Webex open to insider attacks
A remote code execution flaw in Cisco Webex -- called WebExec -- could be an easy vector for insider attacks, and the researchers who found it say it's easier to exploit than detect.