SamSam Increases Ransom Demand to $33,000

Sat, 24 Jun 2017 11:20:32 +0000

In newly observed attacks, the SamSam ransomware that has been active for more than a year is demanding a whopping $33,000 to decrypt all affected machines in a network. read more

CIA Knew in August that Putin Sought to Boost Trump: Report

Sat, 24 Jun 2017 01:50:59 +0000

The CIA had top-level intelligence last August that Russian President Vladimir Putin personally ordered an operation to help Donald Trump win the US presidential race, the Washington Post reported Friday. The intelligence shocked the White House and put US security chiefs on a top-secret crisis footing to figure out how to react. read more

GreatHorn Secures $6.3 Million to Combat Spear-Phishing Attacks

Fri, 23 Jun 2017 17:39:51 +0000

Belmont, Mass-based start-up GreatHorn announced Wednesday completion of a $6.3 million Series A funding round led by Techstars Venture Capital Fund and .406 Ventures.  read more

Microsoft Downplays Impact of "Fireball" Malware

Fri, 23 Jun 2017 16:36:14 +0000

The Fireball malware detailed early this month might not have had as much impact as originally reported, Microsoft claims. read more

Kantara Initiative Releases Consent Receipt Form for GDPR

Fri, 23 Jun 2017 14:57:23 +0000

With less than one year before GDPR kicks in, the newswaves have been flooded in recent months with new surveys showing how ill-prepared business still remains. But while there is much news, there has been little in the way of practical technology solutions. read more

GhostHook Attack Can Bypass Windows 10's PatchGuard

Fri, 23 Jun 2017 14:37:34 +0000

A newly discovered attack targeting Windows 10’s PatchGuard can bypass the protection and hook a malicious kernel code (rootkit) at the kernel level, CyberArk Labs security researchers warn. read more

Siemens Patches Flaws in SIMATIC, XHQ Products

Fri, 23 Jun 2017 11:46:33 +0000

Siemens and ICS-CERT published advisories this week to alert users of improper authentication and privilege escalation vulnerabilities affecting some SIMATIC and XHQ products. read more

WikiLeaks Details CIA's Air-Gapped Network Hacking Tool

Fri, 23 Jun 2017 07:20:00 +0000

WikiLeaks published several documents on Thursday detailing a tool allegedly used by the U.S. Central Intelligence Agency (CIA) to hack air-gapped networks through USB drives. read more

Configuration Error Embarrasses UK's Cyber Essentials

Thu, 22 Jun 2017 22:52:20 +0000

The UK government's Cyber Essentials scheme has suffered an embarrassing incident; but one that can hardly be called a breach and certainly not a cyber-attack. A configuration error in the underlying software platform exposed the email addresses of consultancies registered with the scheme -- nothing more. read more

Microsoft Extends Edge Bounty Program Indefinitely

Thu, 22 Jun 2017 16:45:27 +0000

Microsoft this week announced that the Edge Web Platform bounty program launched for Windows Insider Preview (WIP) last year has been extended indefinitely. The program was launched on August 4, 2016, and Microsoft says that it has already paid over $200,000 in bounties over the ten-month period. read more

OpenVPN Patches Remotely Exploitable Vulnerabilities

Thu, 22 Jun 2017 15:38:35 +0000

OpenVPN this week patched several vulnerabilities impacting various branches, including flaws that could be exploited remotely. read more

Testing in an Agile and DevOps World

Thu, 22 Jun 2017 13:19:19 +0000

We live in a software-defined world.  Software touches just about everything we do. Any business trying to maintain their competitive advantages, or gain market momentum, has had to reintegrate their software somehow. This has resulted in fast-paced development methods, like Agile and DevOps, which facilitate continuous product improvements. On the downside, these new methods of development can minimize testing and, in turn, potentially compromise performance and security. read more

Necurs Botnet Distributing Locky Ransomware via Fake Invoices

Thu, 22 Jun 2017 12:14:24 +0000

The Necurs spam botnet has switched back to distributing the Locky ransomware in a campaign featuring messages disguised as fake invoices, Cisco Talos security researchers reveal. read more

Consortium Promotes Principles for Fair and Accurate Security Ratings

Thu, 22 Jun 2017 11:24:55 +0000

Under the aegis of the U.S. Chamber of Commerce, more than 40 companies -- including some of America's largest banks and tech companies -- have signed up to a set of new guiding principles for fair and accurate security ratings. read more