The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) last week published its annual vulnerability coordination report for the fiscal year 2015. The report provides details on the number and types of security holes disclosed to the agency last year.
read more
Exploit Kits Take Cyberattacks to the Masses. But They’re Preventable.
Exploit Kits Can be Stopped When the Proper Steps are Taken
read more
DNS Data Can Help Attackers Deanonymize Tor Users
Researchers have disclosed a theoretical attack scenario that could allow global or semi-global adversaries to leverage Domain Name System (DNS) traffic to deanonymize Tor users.
read more
Hacker Releases Source Code of IoT Malware Mirai
A hacker has released the source code of Mirai, the Internet of Things (IoT) malware used to launch massive distributed denial-of-service (DDoS) attacks against the websites of journalist Brian Krebs and hosting provider OVH.
read more
Brazilian Hackers Using RDP to Spread Xpan Ransomware
Brazilian cybercriminals are expanding their tactics and have recently adopted ransomware as a new means of attack, Kaspersky Lab reveals.
read more
Encryptor RaaS Shuts Down Without Releasing Master Key
Security researchers earlier this year managed to zero-in on the Encryptor Ransomware-as-a-Service (Raas), which forced the developer to shut down the operation, but without releasing the master key to help victims.
read more
Europe Cracks Down on Export of Surveillance Technologies
The European Union has published its proposal (PDF) for a revised Regulation on the export of dual use goods.
read more
Sensitive FDA Systems at Risk of Cyberattacks: Audit
A report made available this week by the U.S. Government Accountability Office (GAO) shows that the Food and Drug Administration (FDA) needs to address some serious cybersecurity weaknesses that expose industry and public health data.
read more
Yahoo! Doesn’t Revoke iOS Mail Access After Password Change
Users resetting their Yahoo! passwords might also want to check the list of authorized apps and devices, because iOS Mail will continue to have access to the account even after a password reset, researchers discovered.
read more
Cisco Forgets to Remove Testing Interface From Security Appliance
Cisco inadvertently introduced a critical vulnerability in its email security appliances by forgetting to remove an internal testing interface from software releases made available to customers.
read more
