The “Dirty COW” Linux kernel vulnerability that was publicly disclosed last week can be leveraged to achieve root privileges on Android devices, security researchers reveal.
read more
LinkedIn Hacker Tied to Major Bitcoin Heist
The Russian national accused by U.S. authorities of hacking LinkedIn, Dropbox and Formspring made at least 1,500 bitcoins in 2013, including 620 stolen from a now-defunct exchange, according to a security expert.
read more
Apple Patches Multiple Flaws in iOS, macOS Sierra, Safari
Apple released a new set of security patches this week to resolve multiple vulnerabilities in iOS, macOS Sierra, Safari, tvOS, and watchOS.
read more
Mozilla Distrusts Certificates From WoSign, StartCom
Mozilla has decided to revoke trust in new WoSign and StartCom certificates, despite the steps taken by the companies in an effort to address the issues found by the web browser vendor.
read more
Required Insider Threat Program for Federal Contractors: Will It Help?
Many organizations use hundreds or even thousands of third party vendors. They connect to their networks, access private corporate data, and too often, as we saw in the case of Edward Snowden and more recently Harold Martin, elevate organizations’ cyber risk.
read more
Kaspersky Launches Industrial Control Systems CERT
Kaspersky Lab announced last week the launch of a new global computer emergency response team (CERT) focusing on industrial control systems (ICS).
read more
Researchers Leverage Voicemail Flaw to Compromise Messaging Apps
Italian security researchers have discovered a vulnerability that can be easily exploited to break into messaging applications such as Telegram, WhatsApp, and Signal.
read more
Muddy Waters, MedSec Respond to St. Jude Lawsuit
Investment research firm Muddy Waters and security company MedSec have responded to St. Jude Medical’s lawsuit and hired outside experts to back their claims that some of St. Jude’s cardiac products are affected by serious vulnerabilities.
read more
Being the Adult in the Room
Security Teams Need to be Recognized as the Even Keel that Stays the Course Even When the Rest of the Organization Gets Distracted.
read more
BIND Flaw Patched in 2013 Affects Linux Distros
A vulnerability patched by the Internet Systems Consortium (ISC) in the BIND DNS software several years ago has been found to affect Linux distributions that use packages derived from BIND releases prior to the security hole being fixed.
read more
