It’s a new year and while some things change, some things stay the same (or similar). There’s lots of FUD about the sophisticated cyber attacks that are multi-threaded and obfuscated. Certainly there are attacks that fall into this category, but if you look at all of the cybercrime activity from the past year, it’s clear that the majority of threats do not have the level of sophistication that is often talked about.
read more
Oracle Will Stop Trusting MD5-Signed JAR Files in April
Oracle has decided to give Java developers more time to ensure that their JAR files are not signed with the MD5 algorithm. Java Runtime Environment (JRE) will no longer trust these types of files starting with April 2017.
read more
Report Examines State of Security Operations Centers
read more
Continue readingNumber of U.S. Data Breaches Increased in 2016: Report
The number of data breaches disclosed by organizations in the United States has increased by 40 percent in 2016 compared to the previous year, according to a report released on Thursday by CyberScout (formerly IDT911) and the Identity Theft Resource Center (ITRC).
read more
DHS Used Outdated, Unpatched Systems: Audit
The Department of Homeland Security (DHS) has made improvements to its information security program, but problems have still been identified in several areas, according to a report made public this week by the Office of Inspector General (OIG).
read more
Some Ideas Never Die; the Trojan is Wheeled in Again
The ancient Greeks are credited with many inventions that continue today in some form – the water mill, odometer, alarm clock and cartography, to name a few. As a security professional what comes to mind instantly is the Trojan horse, devised to sneak Greek soldiers behind the walls of the city of Troy and win the war.
read more
Docker Patches Escape Container Vulnerability
Docker recently resolved a runc privilege escalation vulnerability that could be exploited by a malicious program to escape container and access the host.
read more
Docker Patches Container Escape Vulnerability
Docker recently resolved a runc privilege escalation vulnerability that could be exploited by a malicious program to escape container and access the host.
read more
Suspected Russian Hacker Wanted by U.S. Jailed in Spain
An alleged Russian hacker wanted for fraud has been detained in Spain and jailed pending extradition to the United States, police and a court spokesman said Thursday.
read more
Ransack Campaigns Target Hadoop and CouchDB
Following a series of ransom attacks against MongoDB and Elasticsearch databases in recent weeks, many users of CouchDB and Hadoop are now finding their databases are under attack as well.
read more
