Serious security holes found in one of LG’s older network-attached storage (NAS) products allow hackers to remotely access devices, researchers warned on Thursday.
read more
TeslaCrypt Authors Close Shop, Release Master Decryption Key
The operations of TeslaCrypt, one of the largest ransomware threats over the past months, appears to have shut down, with its authors already releasing a master decryption key, researchers at ESET report.
read more
Security: A True Crown Jewel of Software
A journalist asked me an interesting question this week: “Why doesn’t the Agile Manifesto address security?” After some thought, I think I have a good answer.
It does.
read more
Serious Vulnerabilities Found in Moxa Industrial Secure Routers
Industrial networking, computing and automation solutions provider Moxa has released a firmware update for one of its industrial secure routers to address several high severity vulnerabilities that can be exploited for denial-of-service (DoS) attacks, privilege escalation, and arbitrary code execution.
read more
Cisco Patches Serious Flaws in Web Security Appliance
Updates released by Cisco for the AsyncOS operating system powering the company’s Web Security Appliance (WSA) address several high severity denial-of-service (DoS) vulnerabilities.
read more
Ukraine Separatists, Politicians Targeted in Surveillance Operation
Researchers at ESET have uncovered a cyber surveillance/espionage operation aimed at separatists, government officials, journalists and politicians in Ukraine.
read more
Breakthrough in Random Number Generation Could Improve Encryption
Truly random numbers are difficult to produce. The clue is in that very description: if it can be produced once, it can be reproduced. And if a random number can be reproduced, it isn't random.
read more
Cyber Attackers Target US Presidential Campaigns: Official
Cyber attackers are targeting the campaigns of Democratic and Republican presidential contenders, US Director of National Intelligence James Clapper said Wednesday.
"We already have some indications of that," he said during a cyber-security discussion at the Bipartisan Policy Center in Washington.
read more
Yahoo Paid Out $1.6 Million in Bug Bounty Program
Yahoo has paid out a total of more than $1.6 million since the launch of its public bug bounty program in 2013, the tech giant reported on Tuesday.
Yahoo teamed up with HackerOne in October 2013 and launched a proper bug bounty program after researchers complained that they only got low-value vouchers and Yahoo-themed swag for reporting serious vulnerabilities.
read more
Scrub 6.5 Million – It Was 117 Million Passwords Stolen From LinkedIn in 2012
Four years ago approximately 6.5 million LinkedIn passwords found their way on to a Russian password forum. The incident was a huge embarrassment for LinkedIn, and although hashed, the passwords were not salted, and were consequently relatively easy to crack.
read more
