News

News

• September 12, 2018 12 Sep'18

  Risk & Repeat: Inside the GAO's Equifax breach report

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Government Accountability Office's report on the Equifax breach and the questions it raises.

• September 12, 2018 12 Sep'18

  Microsoft patches Windows ALPC flaw exploited in the wild

  Microsoft's September 2018 Patch Tuesday release included a fix for the Windows ALPC vulnerability that was exploited in the wild for about two weeks before being patched.

• September 12, 2018 12 Sep'18

  Jake Braun discusses the Voting Village at DEF CON

  The Voting Village at DEF CON 26 expanded its scope to test every aspect of election security that it could. Organizer Jake Braun discusses how it went and what's next.

• September 11, 2018 11 Sep'18

  Trend Micro apps on Mac accused of stealing data

  Researchers claimed Trend Micro apps in the Mac App Store were stealing data. The company removed the offending features, but researchers are still not sold on Trend Micro's excuse.

• September 11, 2018 11 Sep'18

  Robot social engineering works because people personify robots

  Brittany 'Straithe' Postnikoff studied robot social engineering and found personification of robots can lead to effective attacks, regardless of whether or not AI is involved.

• Sponsored News

  • It’s Time to Modernize Your SOC

    Sponsored by Microsoft - With the shift to remote work caused by COVID-19, Security Operations Centers (SOCs) are under more pressure than ever, particularly with many SOC workers also working from home. Today’s reality is that SOCs have to embrace a new way of working in order to keep their analysts and admins effective and to ensure that morale doesn’t collapse under the weight of too much work and pressure. See More

  • 6 Factors to Consider in Building Resilience Now

    Sponsored by Microsoft - COVID-19 has been, and continues to be, a stark reminder of the importance of business resilience. Organizations of all types and sizes have had to adjust to rapidly changing and unpredictable circumstances: A shift to remote work, supply chain disruptions, new digitally driven business models and an environment where uncertainty is the rule, not the exception. See More

  • Why Zero Trust, Why Now

    Sponsored by Microsoft - The concept of a Zero Trust cybersecurity architecture has been around for more than a decade, but adoption didn’t really begin to take hold until the past couple of years. As with many technology innovations, it hasn’t always been clear just what Zero Trust is all about and, more important, how to implement it easily and cost effectively. See More

  • 5 Best Practices To Secure Remote Workers

    Sponsored by Microsoft - The impact of COVID-19 has changed the dynamics and landscape of remote work for at least the foreseeable future and, probably, forever. All of a sudden, organizations across all industries had to scale remote workers at unprecedented intensity and speed. See More

  View All Sponsored News
• September 07, 2018 07 Sep'18

  Another mSpy leak exposed millions of sensitive user records

  News roundup: An mSpy leak has again exposed millions of customer records on the internet. Plus, the FIDO Alliance launched a biometrics certification, and more.

• September 07, 2018 07 Sep'18

  Lazarus Group hacker charged in WannaCry, Sony attacks

  The Department of Justice charged one Lazarus Group hacker, Park Jin Hyok, for his role in the WannaCry attack, Sony hack, SWIFT banking theft and more.

• September 07, 2018 07 Sep'18

  Misconfigured Tor sites leave public IP addresses exposed

  The anonymity of Tor is once again under scrutiny, as a researcher finds misconfigured Tor sites can expose the public IP address connected to a dark web site.

• September 06, 2018 06 Sep'18

  Risk & Repeat: Fortnite flaw disclosure enrages Epic Games

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the dispute between Google and Epic Games over a newly disclosed flaw in the Android version of Fortnite.

• September 05, 2018 05 Sep'18

  Five Eyes wants to weaken encryption, or legislation may be needed

  Five Eyes -- the government intelligence alliance between Australia, Canada, New Zealand, the U.K. and the U.S. -- vows not to weaken encryption, while pushing for encryption backdoors.

• August 31, 2018 31 Aug'18

  Another patched Apache Struts vulnerability exploited

  News roundup: A new Apache Struts vulnerability was exploited in the wild mere days after it was patched. Plus, Facebook removes app over privacy concerns and more.

• August 30, 2018 30 Aug'18

  Risk & Repeat: Are the Meltdown and Spectre flaws overhyped?

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss whether or not Meltdown and Spectre deserved to be nominated for the Pwnie Awards' Most Overhyped Bug.

• August 30, 2018 30 Aug'18

  Congress wants CVE program changes from DHS and MITRE

  In a letter to DHS and MITRE, Congress said CVE program management has been 'insufficient' and called for the program to receive more consistent funding and additional oversight.

• August 29, 2018 29 Aug'18

  Windows 10 zero-day disclosed on Twitter, no fix in sight

  Security researcher SandboxEscaper released proof-of-concept code for a Windows 10 zero-day on Twitter, but Microsoft has no details for a potential patch.

• August 28, 2018 28 Aug'18

  Fortnite vulnerability on Android causes disclosure tension

  Epic Games patched a Fortnite vulnerability in its Android installer, but Google's disclosure policy comes under fire once again as Epic Games' founder called the disclosure 'irresponsible.'

• August 24, 2018 24 Aug'18

  NSA leaker Reality Winner sentenced to five years in jail

  NSA leaker Reality Winner sentenced to 63 months in prison for releasing classified documents detailing an attack by the Russian military against U.S. election systems.

• August 24, 2018 24 Aug'18

  Hundreds of Facebook accounts deleted for spreading misinformation

  News roundup: Social media platforms shut down accounts spreading misinformation. The Facebook accounts deleted were tied to Iran, Russia. Plus, Ryuk ransomware spreads, and more.

• August 23, 2018 23 Aug'18

  AI bias and data stewardship are the next ethical concerns for infosec

  AI bias and the need for data stewardship to prevent issues surrounding the trend of hoarding data are the next big ethical concerns for infosec, according to Laura Norén.

• August 23, 2018 23 Aug'18

  Laura Noren advocates data science ethics for employee info

  Expert Laura Norén believes companies should be held to standards of data science ethics both when it comes to customer data and also for the data collected about employees.

• August 23, 2018 23 Aug'18

  Risk & Repeat: Meltdown and Spectre disclosure in review

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss new insights -- and questions -- regarding the coordinated disclosure effort for Meltdown and Spectre.

• August 17, 2018 17 Aug'18

  DHS cybersecurity rhetoric offers contradictions at DEF CON

  The Vote Hacking Village at Defcon 26 in Las Vegas was an overwhelming jumble of activity -- a mock vote manipulated, children hacking election results websites, machines being disassembled -- and ...

• August 17, 2018 17 Aug'18

  Intel disclosed Spectre-like L1TF vulnerabilities

  News roundup: Intel disclosed L1TF vulnerabilities with similarities to Spectre, but with a focus on data. Plus, the NIST Small Business Cybersecurity Act is now a law, and more.

• August 17, 2018 17 Aug'18

  ICS security fails the Black Hat test

  Industrial control systems hit the mainstream at Black Hat this year, with over two dozen program sessions tackling different angles of the subject. The takeaway: Vendors still aren't really trying.

• August 16, 2018 16 Aug'18

  Finalized TLS 1.3 update has been published at last

  The finalized TLS 1.3 update has been published after a four-year process. The new protocol promises to be faster and more secure than its predecessor, TLS 1.2.

• August 15, 2018 15 Aug'18

  Infosec mental health support and awareness hits Black Hat 2018

  While burnout, depression and PTSD can affect anyone, infosec mental health still doesn't often get the attention it deserves, but Black Hat 2018 attempted to change that.

• August 14, 2018 14 Aug'18

  Google location tracking continues even when turned off

  New research has discovered mobile apps may still store where users have been even after Google location-tracking services have been turned off.

• August 14, 2018 14 Aug'18

  Amanda Rousseau on becoming a cybersecurity researcher

  Cybersecurity researcher Amanda Rousseau discusses the relationship between the infosec community and law enforcement and how to create the next generation of white hat hackers.

• August 14, 2018 14 Aug'18

  Amanda Rousseau talks about computer forensics investigations

  Amanda Rousseau, aka Malware Unicorn, discusses her time in computer forensics investigations with the DoD, as well as the joys of reverse engineering malware encryption by hand.

• August 13, 2018 13 Aug'18

  Lessons learned from Meltdown and Spectre disclosure process

  During a Black Hat 2018 session, Google, Microsoft and Red Hat offered a behind-the-scenes look at the disclosure and response effort for Meltdown and Spectre.

• August 10, 2018 10 Aug'18

  2018 Pwnie Awards cast light and shade on infosec winners

  The Meltdown and Spectre research teams won big at the Pwnie Awards this year at Black Hat, while the late-entry Bitfi Wallet team overwhelmingly won for Lamest Vendor Response.

• August 10, 2018 10 Aug'18

  Web cache poisoning attacks demonstrated on major websites, platforms

  PortSwigger's James Kettle doesn't believe web cache poisoning is theoretical and to prove it, he demonstrated several attacks on major websites and platforms at Black Hat 2018.

• August 10, 2018 10 Aug'18

  WhatsApp vulnerabilities let hackers alter messages

  News roundup: New WhatsApp vulnerabilities enabled hackers to alter messages sent in the app. Plus, the PGA was hit with a ransomware attack, and more.

• August 09, 2018 09 Aug'18

  Irregularities discovered in WinVote voting machines

  At Black Hat 2018, security researcher Carsten Schuermann unveiled the results of a forensic analysis of eight WinVote voting machines that had been used in Virginia elections.

• August 09, 2018 09 Aug'18

  Risk & Repeat: Can Disclose.io help protect vulnerability researchers?

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Disclose.io project and what it could mean for the future of security research and vulnerability disclosure.

• August 09, 2018 09 Aug'18

  Meltdown and Spectre disclosure suffered "extraordinary miscommunication"

  During a panel discussion at Black Hat 2018 on Meltdown and Spectre, Google explained how miscommunication left the company's incident response out of the early disclosure process.

• August 08, 2018 08 Aug'18

  Parisa Tabriz's Black Hat 2018 keynote challenges infosec's status quo

  In her Black Hat 2018 keynote, Google's Parisa Tabriz celebrated the unrecognized, long-term work that can cause real change in security and challenge the status quo.

• August 07, 2018 07 Aug'18

  Bugcrowd CTO explains crowdsourced security benefits and challenges

  In part two of this interview, Bugcrowd founder and CTO Casey Ellis discusses the value of crowdsourced vulnerability research, as well as some of the challenges.

• August 06, 2018 06 Aug'18

  BGP hijacking attacks target payment systems

  Researchers discovered a wave of BGP hijacking attacks aimed at DNS servers related to payment-processing systems in an apparent effort to steal money from unsuspecting users.

• August 06, 2018 06 Aug'18

  Coinhive malware infects tens of thousands of MikroTik routers

  The cryptominer Coinhive malware has infected tens of thousands of MikroTik routers around the world, as malicious actors take advantage of poor patching habits by users.

• August 03, 2018 03 Aug'18

  Disclose.io launches vulnerability disclosure 'safe harbor'

  News roundup: Disclose.io offers legal bug bounty framework to give researchers safe harbor from legal action for vulnerability disclosures. Plus, Stamos exits Facebook, and more.

• August 03, 2018 03 Aug'18

  Five things to watch for at Black Hat USA this year

  As Black Hat USA 2018 approaches, we take a quick look at trends in the conference agenda and sessions not to miss.

• August 03, 2018 03 Aug'18

  Reddit breach sparks debate over SMS 2FA

  Using two-factor authentication with one-time passwords sent via SMS has come under question again after a Reddit breach was blamed on the faulty 2FA method.

• August 02, 2018 02 Aug'18

  Risk & Repeat: A deep dive on SamSam ransomware

  In this week's Risk & Repeat podcast, SearchSecurity editors talk about the SamSam ransomware campaign, which may be the work of a single hacker who's made nearly $6 million.

• August 02, 2018 02 Aug'18

  Black Hat 2018 survey: Cybersecurity staffing, budgets still lacking

  According to a survey of Black Hat 2018 attendees, organizations are still struggling with insufficient cybersecurity staff and budgets to meet the current and emerging threats.

• August 02, 2018 02 Aug'18

  FIN7 members arrested after stealing 15 million credit card records

  The FBI arrested three members of the FIN7 cybercrime gang -- also known as the Carbanak Group -- for targeting more than 100 businesses and stealing 15 million credit card records.

• August 02, 2018 02 Aug'18

  Black Hat 2018 conference coverage

  The SearchSecurity team covers the latest threats and vulnerabilities featured at this year's Black Hat USA with news, interviews and more from Las Vegas.

• July 31, 2018 31 Jul'18

  Malvertising campaign tied to legitimate online ad companies

  A new report from Check Point Research uncovers an extensive malvertising campaign known as Master134 and implicates several online advertising companies in the scheme.

• July 31, 2018 31 Jul'18

  Yale data breach discovered 10 years too late

  A Yale University data breach from 2008 was only just discovered, and the school has released details on the compromised information, including Social Security numbers.

• July 31, 2018 31 Jul'18

  Bugcrowd CTO on the need for responsible disclosure policy, 'good faith'

  Bugcrowd founder and CTO Casey Ellis talks about his concerns that the era of 'good faith' between security researchers and enterprises is in jeopardy.

• July 31, 2018 31 Jul'18

  U.S. government making progress on DMARC implementation

  The deadline for full DMARC implementation in U.S. government-owned domains is less than three months away, and only half of the domains have the correct policy in place.

• July 31, 2018 31 Jul'18

  Citrix's Peter Lefkowitz on impact of GDPR privacy requirements

  New consumer privacy laws are changing the global privacy landscape. Citrix's Peter Lefkowitz explains how Citrix is approaching GDPR compliance and privacy issues in general.

• July 31, 2018 31 Jul'18

  NetSpectre is a remote side-channel attack, but a slow one

  A new PoC attack using Spectre variant 1 called NetSpectre marks the first time Spectre v1 has been exploited remotely, although questions remain on the practicality of the attack.

• July 27, 2018 27 Jul'18

  How Dropbox dropped the ball with anonymized data

  Dropbox came under fire for sharing anonymized data with academic researchers after questions emerged about how the data was protected and used.

• July 27, 2018 27 Jul'18

  LifeLock vulnerability exposed user email addresses to public

  News roundup: A LifeLock vulnerability exposed the email addresses of millions of customers. Plus, Amazon's Rekognition misidentified 28 members of Congress as criminals, and more.

• July 27, 2018 27 Jul'18

  Senator wants government to stop Adobe Flash use

  Senator Ron Wyden wrote a letter to multiple government agencies advocating that the entire U.S. government stop Adobe Flash use on all systems due to security risks.

• July 26, 2018 26 Jul'18

  Ponemon: Mega breaches, data breach costs on the rise

  The Ponemon Institute's '2018 Cost of a Data Breach Study' details a rise in data breaches with a look at mega breaches and why U.S. companies experience the greatest loss.

• July 26, 2018 26 Jul'18

  Risk & Repeat: DHS warns of power grid cyberattacks

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss a new warning from the Department of Homeland Security regarding Russian hackers targeting the U.S. power grid.

• July 26, 2018 26 Jul'18

  DHS details electrical grid attacks by Russian agents

  For the first time, DHS has offered more detailed and unclassified information about electrical grid attacks carried out by Russian hackers and the dangers to U.S. infrastructure.

• July 24, 2018 24 Jul'18

  Physical security keys eliminate phishing at Google

  Successful phishing attempts have been eliminated among Google employees following a requirement to use physical security keys in order to gain access to all Google accounts.

• July 20, 2018 20 Jul'18

  Critical Cisco vulnerabilities patched in Policy Suite

  News roundup: Critical Cisco vulnerabilities in Policy Suite products were patched this week. Plus, Venmo's API is set to public, exposing a trove of customer data, and more.

• July 20, 2018 20 Jul'18

  Microsoft launches Identity Bounty Program, offers up to $100,000

  Microsoft introduced its new Identity Bounty Program that offers up to $100,000 in rewards for reported vulnerabilities in its identity services, such as Azure Active Directory.

• July 20, 2018 20 Jul'18

  As AI identity management takes shape, are enterprises ready?

  Experts at the Identiverse 2018 conference discussed how artificial intelligence and machine learning are poised to reshape the identity and access management market.

• July 19, 2018 19 Jul'18

  NSS Labs ranks next-gen firewalls, with some surprises

  Researchers used individual test reports and comparison data to determine the value of investments in next-generation firewall technology.

• July 19, 2018 19 Jul'18

  Risk & Repeat: Closing the gender gap at cybersecurity conferences

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the under-representation of women at cybersecurity conferences and how it affects the infosec industry.

• July 19, 2018 19 Jul'18

  Vendor admits election systems included remote software

  A vendor admitted to compromising its election system security by installing remote access software on systems over the span of six years, but claims to have stopped the practice.

• July 17, 2018 17 Jul'18

  X-Agent malware lurked on DNC systems for months after hack

  The indictment of Russian intelligence officers accused of hacking the DNC revealed a troubling timeline, including the X-Agent malware lurking on DNC systems for months.

• July 17, 2018 17 Jul'18

  Is the new California privacy law a domestic GDPR?

  The difference between data privacy protections afforded to European Union residents and people in the U.S. is more sharply highlighted now that the EU's General Data Protection Regulation has ...

• July 17, 2018 17 Jul'18

  Accenture's Justin Harvey explains why cyber attribution isn't important

  Accenture's Justin Harvey spoke at RSA Conference 2018 about his experiences with incident response and his views on the importance of cyber attribution.

• July 13, 2018 13 Jul'18

  Chrome site isolation arrives to mitigate Spectre attacks

  In an effort to mitigate the risk of Spectre attacks, Google Chrome site isolation has been enabled for 99% of browser users to minimize the data that could be gleaned by an attacker.

• July 13, 2018 13 Jul'18

  Russian intelligence officers indicted for DNC hack

  A grand jury for special counsel Robert Mueller's election-interference investigation indicted 12 Russian intelligence officers for crimes related to the DNC and DCCC hacks.

• July 13, 2018 13 Jul'18

  New Spectre variants earn $100,000 bounty from Intel

  Researchers discovered two new Spectre variants that can be used to bypass protections and attack systems and earned $100,000 in bug bounties from Intel.

• July 13, 2018 13 Jul'18

  Ticketmaster breach part of worldwide card-skimming campaign

  News roundup: The Ticketmaster breach was part of a massive digital credit card-skimming campaign. Plus, the U.K. fined Facebook over the Cambridge Analytica scandal, and more.

• July 11, 2018 11 Jul'18

  GandCrab ransomware adds NSA tools for faster spreading

  NSA exploit tools have already been used in high-profile malware. And now, GandCrab ransomware v4 has added the NSA's SMB exploit in order to spread faster.

• July 11, 2018 11 Jul'18

  Risk & Repeat: New concerns about smartphone spying

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss research that shows some Android apps record video of users' screens without permission or notifications.

• July 10, 2018 10 Jul'18

  Stolen digital certificates used in Plead malware spread

  Researchers found the spread of Plead malware was aided by the use of stolen digital certificates, making the software appear legitimate and hiding the true nature of the attacks.

• July 09, 2018 09 Jul'18

  How did an old, unpatched Firefox bug expose master passwords?

  A Firefox bug went undetected for nine years. Expert Michael Cobb explains how it enabled attackers to access the browser's master password and what's being done to mitigate it.

• July 06, 2018 06 Jul'18

  Researchers discover Android apps spying on users' screens

  News roundup: Academic researchers discover Android apps secretly recording and sharing video of users' screens. Plus, an NSO Group employee lands in hot water, and more.

• July 06, 2018 06 Jul'18

  Risk & Repeat: Is AI-driven identity management the future?

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss Identiverse 2018 and how artificial intelligence is being applied to identity and access management.

• July 03, 2018 03 Jul'18

  RAMpage attack unlikely to pose real-world risk, expert says

  The RAMpage attack against the Rowhammer vulnerability in Android devices is theoretically possible, but it may be more academic than it is a practical concern, one expert said.

• June 29, 2018 29 Jun'18

  Cyber attribution: Why it won't be easy to stop the blame game

  Infosec experts have argued that too much focus is put on cyber attribution, but moving away from publicly identifying threat groups and nation-states may be easier said than done.

• June 29, 2018 29 Jun'18

  Risk & Repeat: U.S. government eyes offensive cyberattacks

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the risks of the U.S. Cyber Command engaging in offensive cyberattacks against foreign adversaries.

• June 29, 2018 29 Jun'18

  WebAssembly updates may cancel out Meltdown and Spectre fixes

  News roundup: Upcoming WebAssembly updates may undo the Meltdown and Spectre mitigations. Plus, FireEye denied claims it 'hacked back' China, and more.

• June 29, 2018 29 Jun'18

  GlobalSign, Comodo launch competing IoT security platforms

  Rival certificate authorities GlobalSign and Comodo CA have strengthened their presence in the IoT security market with new platforms for connected devices.

• June 29, 2018 29 Jun'18

  McAfee details rise in blockchain threats, cryptocurrency attacks

  McAfee's new 'Blockchain Threat Report' charts a dramatic rise in cryptomining malware and details four major attack vectors for cryptocurrency-related threats.

• June 29, 2018 29 Jun'18

  Have I Been Pwned integration comes to Firefox and 1Password

  With new Have I Been Pwned integration, Firefox and 1Password users will be able to learn if their email addresses have been compromised in any known data breaches.

• June 28, 2018 28 Jun'18

  EFF's STARTTLS Everywhere aims to protect email in transit

  The EFF's new STARTTLS Everywhere initiative aims to secure email as it transits the internet between mail servers to prevent mass surveillance, as well as email spoofing.

• June 27, 2018 27 Jun'18

  TLBleed attack can extract signing keys, but exploit is difficult

  A new side-channel attack on Intel chips, named TLBleed, can extract signing keys. But the researcher who discovered it said users shouldn't worry, because it's not the next Spectre.

• June 26, 2018 26 Jun'18

  Ping adds AI-driven API protection with Elastic Beam acquisition

  Ping Identity increased its focus on API security with the acquisition of Elastic Beam, a startup that uses artificial intelligence to apply behavioral security on enterprise APIs.

• June 26, 2018 26 Jun'18

  New WPA3 security protocol simplifies logins, secures IoT

  Latest WPA3 security protocol update adds new features to the Wi-Fi access specification for simple and secure wireless access for individuals, as well as enterprises.

• June 25, 2018 25 Jun'18

  Accenture's Tammy Moskites on the cybersecurity gender gap

  Accenture's Tammy Moskites spoke with SearchSecurity at RSA Conference 2018 about the gender gap in the infosec industry and what can be done to close it.

• June 22, 2018 22 Jun'18

  Unprotected Firebase databases leaked over 100 million records

  Android and iOS mobile apps that use unprotected Firebase databases leaked over 100 million records that include PHI, financial records and authentication information.

• June 22, 2018 22 Jun'18

  No more selling mobile location data, promise carriers

  Sen. Ron Wyden got all major U.S. wireless carriers to promise not to sell mobile location data to third parties, but experts question the basic security practices in place.

• June 22, 2018 22 Jun'18

  China-based Thrip hacking group targets U.S. telecoms

  News roundup: China-based Thrip hacking group used legitimate tools to attack companies in the U.S. and Southeast Asia. Plus, election officials didn't know about hacks, and more.

• June 21, 2018 21 Jun'18

  Accused CIA leaker charged with stealing government property

  The DOJ has officially charged the accused CIA leaker, Joshua Schulte, with theft of government property and gathering national defense information in the Vault 7 case.

• June 21, 2018 21 Jun'18

  Risk & Repeat: New election security bill introduced

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Protecting American Votes and Elections Act of 2018, which requires paper ballots and audits.

• June 20, 2018 20 Jun'18

  Constant offensive cyberattacks approved by Pentagon

  The Pentagon reportedly approved the use of offensive cyberattacks by the U.S. Cyber Command, and one expert said enterprises should be ready to handle the 'return fire.'

• June 18, 2018 18 Jun'18

  Accenture's Tammy Moskites explains how the CISO position is changing

  Accenture's Tammy Moskites spoke with SearchSecurity at RSA Conference 2018 about the daunting challenges CISOs face today and how the position may be changing.

• June 18, 2018 18 Jun'18

  PyRoMineIoT cryptojacker uses NSA exploit to spread

  The latest malware threat based on the EternalRomance NSA exploit is PyRoMineIoT, a cryptojacker infecting IoT devices. But experts said the NSA shouldn't be held responsible for the damages.

• June 15, 2018 15 Jun'18

  EU institutes Kaspersky ban, calls software 'malicious'

  News roundup: Following a vote by the European Parliament to implement a Kaspersky ban in the EU, Kaspersky announced it would halt ties with the No More Ransom project and Europol.

• June 15, 2018 15 Jun'18

  FBI fights business email compromise with global crackdown

  U.S. federal agencies worked with international law enforcement in Operation Wire Wire to find and prosecute alleged cybercriminals conducting business-email-compromise scams.