Researchers at Arbor Networks’ Security Engineering and Response Team (ASERT) have identified what they believe to be a tool used in advanced persistent threat (APT) attacks aimed at various entities in East Asia.
read more
Shortened URLs Expose Private Cloud Data
Short-URL enumeration can be used to discover and read shared content stored in the cloud, including files for which the user didn’t create a short URL, researchers have demonstrated.
read more
Flaws Found in Accuenergy, Ecava ICS Products
ICS-CERT has published advisories detailing several vulnerabilities in ICS products from Accuenergy, Ecava and Sierra Wireless, including issues that have been rated “high severity.”
read more
Microsoft Patches “Mousejack” Vulnerability
Microsoft released several security updates this month as part of its regular Patch Tuesday update, including the overhyped Badlock flaw.
read more
20 Foreigners Linked to $81 Million Bangladesh Bank Heist: Police
Bangladesh police probing a $81 million electronic heist from the central bank said Monday that more than 20 unnamed foreigners were involved in the audacious theft.
read more
C99 Webshell Increasingly Used in WordPress Attacks
IBM Security has warned WordPress website administrators about a sharp increase in the number of attacks leveraging a variant of a PHP webshell called C99.
read more
3.2 Million Devices Exposed to Ransomware Attacks: Cisco
Researchers at Cisco have identified millions of machines that could become infected with file-encrypting ransomware due to out-of-date software.
Ransomware attacks aimed at organizations have been increasingly common and malicious actors have been trying to come up with new methods to make their operations more profitable.
read more
Apple Defends Stand in Brooklyn Case on iPhone Access
Apple urged a federal court Friday to reject efforts to force the company to help break into an iPhone as part of a New York drug investigation.
In the latest case involving efforts to compel Apple to help law enforcement break encryption, the company said the court should simply rule the assistance is unnecessary and not authorized by law.
read more
Authorities Disrupt ATM Skimming Operation
Authorities successfully disrupted a large-scale ATM skimming operation as part of a collaboration with Italian law enforcement, Europol announced Thursday.
read more
Western Digital User Data Exposed by DNS Issue
A DNS configuration issue on a Western Digital (WD) server supporting the company's My Cloud NAS products could have been exploited by malicious actors to gain access to potentially valuable user data. WD has taken steps to address the problem.
read more
