F5 Networks BIG-IP appliances are affected by a serious vulnerability that can be exploited by a remote attacker to extract memory. An Internet scan showed that hundreds of hosts had been exposed by the flaw.
read more
U.S. Queries PayPal in Money Laundering Probe
San Francisco – US authorities have demanded information from online payment service PayPal as part of a money laundering investigation, according to a regulatory filing available on Wednesday.
read more
Forcepoint Acquires Skyfence from Imperva
Forcepoint, the cybersecurity firm created from the $1.9 billion combination of Raytheon and Websense, today announced that it has agreed to acquire the Skyfence business from Imperva.
read more
Erebus Ransomware Bypasses UAC for Privilege Elevation
A newly observed ransomware variant is using a technique to bypass User Account Control (UAC) in order to elevate its privileges without displaying a UAC prompt, researchers have discovered.
read more
Rockwell Automation Teams With Claroty on Industrial Network Security
Rockwell Automation this week announced that it teaming up with industrial cybersecurity startup Claroty to combine their security products and services into future, combined security offerings.
read more
HackerOne Penetrates VC Pockets for $40 Million
Bug bounty platform provider HackerOne announced on Wednesday that it has raised $40 million in a Series C financing round led by Dragoneer Investment Group.
read more
HTTPS Security Weakened by AV Products, Middleboxes: Study
An increasing number of antiviruses and network appliances intercept TLS connections to gain visibility into encrypted traffic, but in many cases this weakens connection security and introduces vulnerabilities, according to a new study.
read more
Macro Malware Comes to macOS
After becoming a common occurrence on Windows-based computers over the past few years, Malware that abuses macro-enabled Microsoft Office documents to spread is now targeting macOS users too.
read more
Two-thirds of Enterprises Usually Breached by White Hat Hackers
Analysis of 128 penetration tests conducted in the fourth quarter of 2016 shows that approximately two-thirds of tested companies were successfully breached. This is despite the limited time — in 89% of cases, less than two weeks — available to the pentesters compared to the effectively unlimited time available to blackhat attackers.
read more
Legitimate Tools Abused For Fileless Infections
Many organizations around the world have been targeted in attacks that leveraged legitimate tools for fileless infections and traffic tunneling, Kaspersky Lab reported on Wednesday.
read more
