Just two weeks after Chrome 52 was released in the stable channel, Google has issued an update to resolve 10 security vulnerabilities, 7 of which were discovered by external developers.
read more
New Windows Attack Turns Evil Maid into Malicious Butler
Black Hat USA 2016 – Researchers at Microsoft have demonstrated that a Windows vulnerability previously believed to be exploitable only in physical access scenarios can also be launched remotely, which could make it a tempting target for advanced persistent threat actors.
read more
40 Percent of Companies Will Pay the Ransom
Thirty-nine percent of enterprises were hit by ransomware last year, according to new figures from Osterman research commissioned by endpoint security firm Malwarebytes. Of those, 40% paid the attackers in order to retrieve their data. These statistics come from a new survey designed to explore the effect of ransomware on business: The State of Ransomware.
read more
Critical Flaws Found in Cisco Small Business Routers
Researchers have uncovered several critical and high severity vulnerabilities in Cisco’s small business RV series routers. The networking giant has released patches for some of the security holes.
read more
Attackers Disguise Macro Malware by Renaming Files
Malware operators can hide the use of malicious macros to distribute malware by simply renaming the offending Office documents, Cisco researchers reveal.
read more
Hacking of DNC Raises Fears of Cyber Attack on U.S. Election
Can the US election be hacked?
The recent breach of Democratic National Committee data, along with other electronic intrusions, has raised concerns about cyber incidents that could affect the outcome of the US presidential race, or other contests.
read more
IBM Unveils “X-Force Red” Pen Testing Group
IBM this week unveiled a new penetration testing group that will operate under its security services division to help customers uncover security gaps in their networks.
read more
Flaws in Ruckus Access Points Expose Organizations to Attacks
Black Hat USA 2016 – Ruckus Wireless, a global company that specializes in wireless networking equipment for enterprises and service providers, is working on developing patches for several vulnerabilities identified by an expert in its access point (AP) products.
read more
One-Third of ICS Flaws Are Zero-Days When Disclosed: Report
More than 1,500 vulnerabilities specific to industrial control systems (ICS) have been disclosed in the past 15 years and many of them did not have vendor patches when their existence was made public, according to a new report from FireEye.
read more
High-Profile Vulnerabilities Affect HTTP/2
Black Hat USA 2016 – Imperva today revealed details on four high-profile attack vectors affecting HTTP/2, the new version of the HTTP protocol.
read more
