A researcher has identified another potentially serious Linux kernel vulnerability that has been around for several years. The flaw was addressed in the kernel more than one week ago, but some of the affected Linux distributions have yet to release patches.
read more
Attackers Use New NSIS Installers to Hide Ransomware
Newly observed ransomware campaigns are leveraging installer files from the Nullsoft Scriptable Install System (NSIS) to hide malicious code, Microsoft says.
read more
Defense-in-Depth has Failed Us. Now What?
Defense-in-depth. It’s a philosophy we’re all familiar with: layering defenses so that if one fails, another layer is there to stop the attack. Sounds like a great approach, and it has become standard practice for the vast majority. The problem is that, frankly, it has not worked. For years we have been bombarded with a slew of headlines about compromises and breaches.
read more
Security Teams Need to Understand How Developers Tools Work
Understanding Development Work Practices Allows Security Teams to Speak to Developers Using Terms They Understand
read more
Planes, Trains, Automobiles, and Digital Transformation
When most people think about technology innovation in the transportation sector, connected and self-driving cars immediately come to mind. But digital transformation is happening across other transportation industries as well.
read more
Intel Offers Up to $30,000 for Hardware Vulnerabilities
Intel has launched its first bug bounty program and the tech giant is prepared to offer up to $30,000 for vulnerabilities found in its products.
read more
Several Vulnerabilities Patched in Drupal 8
Several vulnerabilities have been patched in the Drupal content management system (CMS) with the release of version 8.2.7, including access bypass, cross-site request forgery (CSRF) and remote code execution flaws.
The most serious of them, rated critical and tracked as CVE-2017-6377, is an access bypass weakness affecting the editor module.
read more
Pwn2Own 2017: Experts Hack Edge, Safari, Ubuntu
Bug bounty hunters have managed to hack Microsoft Edge, Safari, Ubuntu and Adobe Reader on the first day of the Pwn2Own 2017 competition taking place these days alongside the CanSecWest conference in Vancouver, Canada.
read more
New Acronym Malware Possibly Linked to Potao
Researchers at Arbor Networks have come across a new piece of malware that could be linked to the Trojan used in the campaign known as Operation Potao Express.
read more
U.S. Government Indicts Two Russian FSB Officers Over Yahoo Hack
U.S. Government Indicts Four Over 2014 Yahoo Hack, Including Two Russian FSB Officers
read more
