It turned out to be a tricky month for security admins to take that long-awaited summer vacation because July was one of the busiest months in recent memory in terms of vulnerabilities. The vulns were copious and severe, and all the big vendors seemed to suffer.
read more
Many Tor Relays Found Snooping on Dark Web Services
Researchers at Northeastern University have analyzed the Tor anonymity network and discovered that there are at least 110 nodes that spy on dark web services.
read more
Researchers Used PHP Zero-Days to Hack PornHub
A team of researchers discovered a couple of serious vulnerabilities in PHP and managed to gain remote code execution access on one of the world’s most popular adult websites.
Dario Weißer, Ruslan Habalov and an expert who uses the online moniker “cutz” discovered in late May that they could hack PornHub by leveraging vulnerabilities in PHP.
read more
Bank Hacks Raise Fears for Financial Sector
A series of spectacular cyber attacks against banks, resulting in the theft of tens of millions of dollars, has heightened fears for an industry becoming an increasingly attractive target for hackers.
read more
Celebrity Email Hacker Sentenced to 6 Months in Prison
Andrew Helton, 29, of Portland, Oregon, was sentenced this week to six months in prison for hacking into hundreds of email accounts, including ones belonging to celebrities.
read more
Android 7.0 to Strictly Enforce Verified Boot
Google is planning new security features for the upcoming Android 7.0, including verified boot, which will prevent devices with a corrupt or modified boot image from booting.
read more
Decryption Tools Released for Bart, PowerWare Ransomware
Researchers have released free tools that allow victims of the Bart and PowerWare file-encrypting ransomware families to recover their data without paying the cybercriminals.
read more
Vulnerabilities in SAP HANA Impact Over 10,000 Customers: Report
Vulnerabilities in SAP HANA represent a risk to more than 10,000 SAP customers running different versions of the popular business-critical application, security firm Onapsis warns.
read more
Microsoft Officially Launches Azure Security Center
Microsoft is strengthening its grip on the cloud with two major new announcements this week. The first is that the Azure Security Center is now generally available; and the second is that Azure Active Directory Identity Protection and Azure Active Directory Privileged Identity Management options will both be available within the next few months.
read more
Critical Flaws Found in Cisco Networking Products
Cisco has addressed a critical vulnerability in one of its unified computing solutions and is working on developing patches for products affected by a recently disclosed ASN1C compiler flaw.
read more
