Responsible Disclosure - Critical for Security, Critical for Intelligence

Tue, 17 Jan 2017 18:38:19 +0000

Not Adhering to Responsible Disclosure has the Potential to Amplify the Threats Posed by Certain Vulnerabilities and Incidents read more

Critical Infrastructure Security: Risks Posed by IT Network Breaches

Tue, 17 Jan 2017 17:57:15 +0000

read more

Credential Stuffing: a Successful and Growing Attack Methodology

Tue, 17 Jan 2017 16:00:08 +0000

With a database of 1 million stolen credentials, criminals using a credential stuffing attack with a tool such as Sentry MBA could expect to compromise roughly 10,000 accounts on a targeted but uncompromised site. In 2016, 3.3 billion user credentials were spilled onto the internet, according to figures from Shape Security's just released 2017 Credential Spill Report. read more

Windows 10 Blocks Zero-Days Before Patches Arrive: Microsoft

Tue, 17 Jan 2017 13:25:22 +0000

Unknown to vendors but exploited by cybercriminals, zero-day vulnerabilities are the most threatening security issues, but Microsoft's Windows 10 can block exploitation of these vulnerabilities before they are even patched, Microsoft says. read more

App Stores Must Register With State: China

Tue, 17 Jan 2017 11:55:55 +0000

Shanghai - App stores in China must register with the state from Monday, a government statement said, as China tightens its control over the internet. App stores are "not strict" when they examine and approve apps, the China Cyberspace Administration, the country's internet watchdog, said in a statement. read more

Security Audit Finds No Major Flaws in Dovecot

Tue, 17 Jan 2017 10:59:25 +0000

Germany-based security services provider Cure53 has conducted a security audit of Dovecot and determined that the software lives up to its reputation of being highly secure. read more

McDonald's Website Flaws Allow Phishing Attacks

Tue, 17 Jan 2017 09:34:01 +0000

A researcher has disclosed a couple of unpatched vulnerabilities affecting the official McDonald’s website after the company ignored his attempts to responsibly report the issues. read more

Google Shares Details of Its Security Infrastructure

Mon, 16 Jan 2017 19:24:08 +0000

read more

CryptoSearch Lets Users Move Ransomware-Encrypted Files

Mon, 16 Jan 2017 17:43:56 +0000

Being hit by ransomware usually means that you no longer have access to your files unless you pay a ransom or find another way to decrypt them, but a newly released tool allows users to move encrypted files to a new location. read more

Flaws Found in Carlo Gavazzi Energy Monitoring Products

Mon, 16 Jan 2017 17:30:15 +0000

Swiss-based industrial and building automation solutions provider Carlo Gavazzi has released firmware updates for some of its energy monitoring products to address potentially serious vulnerabilities that could expose devices to remote cyberattacks. read more

Many Mobile Apps Unnecessarily Leak Hardcoded Keys: Analysis

Mon, 16 Jan 2017 17:03:47 +0000

Some third-party applications unnecessarily store keys or secrets that could be abused to leak a variety of user credentials and other type of sensitive data, software security startup Fallible warns. read more

These Were the Most Common Passwords Used in 2016

Mon, 16 Jan 2017 15:54:27 +0000

Although weak and commonly used passwords have long been one of the most used venues to compromise accounts, they remain at the top of the most popular passwords charts, a recent Keeper Security report reveals. read more

Russian State Television Blames Hackers for BBC Sherlock Finale Leak

Mon, 16 Jan 2017 14:58:57 +0000

A Russian state-controlled broadcaster on Monday blamed hackers for the embarrassing leak online of the final episode of the BBC drama Sherlock a day before it was due to air. read more

DroidJack Masquerades as Super Mario Run for Android

Mon, 16 Jan 2017 14:20:14 +0000

Less than two weeks after the Marcher Trojan was found masquerading as the unreleased Super Mario Run game for Android, the infamous DroidJack RAT (Remote Access Trojan) has reportedly adopted the same distribution tactic. read more