20
Jun

Widely used D-Link Modem/Router Under Attack

Posted by on · · · · | News

Ars Technica is running a story on how the Sartori botnet has been actively targeting widely used D-Link DSL Internet modems in a effort to expand its infected base and likely launch new, and more sophisticated attacks against networks and devices. What makes the focus on D-Link notable is its position as one of the […]

Read More
06
Apr

NYC Announces City’s First-Ever Cybersecurity Initiative

Posted by on · · · | News

Via NYC.gov: Mayor Bill de Blasio has a announced “NYC Secure“, New York City’s first ever cyber-security initiative. NYC Secure will defend New Yorkers from malicious cyber activity on mobile devices, across public Wi-Fi networks, and beyond. The first NYC Secure programs will include a free City-sponsored smartphone protection app that, when installed, will issue […]

Read More
06
Feb

In Just 24 hours, 5,000 Android Devices are Conscripted into Mining Botnet

Posted by on · · · · | Blog · News

Via Ars Technica: A new internet worm emerged over the weekend that took less than 24-hours to infect Android devices such a smartphones and TV boxes. Once infected, the devices began mining the Monero brand of crypto-currency, and seeking additional devices to infect: Once infected, Android phones and TV boxes scan networks for other devices […]

Read More
30
Jan

More Than 2000 WordPress Sites Found to be Infected With Key-Logging Malware

Posted by on · · · | Blog · News

The security desk at Ars Technica is reporting on a new attack where more than 2000 WordPress sites were infected with malware that can capture keystrokes (and passwords) within the administrative control panel. It also installs an in-browser crypto-currency miner that hijacks the computers of site visitors to run silently in the background. Side effects […]

Read More
12
Jan

Meltdown and Spectre: The Pain Has Only Just Begun

Posted by on · · · | Blog · News

Ars Technica has published an excellent in-depth article detailing how the upcoming software and hardware patches designed to deal with the Meltdown and Spectre vulnerabilities will likely have a negative impact on computer performance. To recap: modern high-performance processors perform what is called speculative execution. They will make assumptions about which way branches in the code […]

Read More
29
Dec

Web Trackers Exploit Browser Login Managers

Posted by on · · · | News

Another day, another online hack, or so it seems. Whether it’s the Yahoo! password grab, or the Equifax data breach, we know that we need to secure our passwords online. Just when you thought you had done everything to be save online, we now learn of one more way your data is not safe. A […]

Read More
27
Dec

Critical Vulnerability Patched in Mozilla Thunderbird

Posted by on · · · | News

Via Ars Technica: Mozilla has recently released a major upgrade to the Thunderbird email client that addresses a critical buffer-overflow vulnerability that was discovered earlier this year: The bug, rated critical by the Mozilla Foundation, is CVE-2017-7845, which is a buffer overflow vulnerability affecting only Windows users. “A buffer overflow occurs when drawing and validating […]

Read More
03
Nov

Westlaw: Blockchain 101

Posted by on · · · · · | News

Thomson Reuters (aka: Westlaw) has a introductory primer up on the increased use of blockchain technologies in both the financial and legal sectors. Blockchain 101 [Note: The article is partially pay-walled, so to read the full piece you will need a Westlaw login.]

Read More
25
Oct

New Ransomware, Dubbed “Bad Rabbit”, Strikes Europe

Posted by on · · · · | News

Endgadget is reporting on a new malware attack underway in in Europe. Dubbed “Bad Rabbit”, the attack takes advantage of widely known flaws in Adobe’s Flash product to trick users into downloading a fake update from a compromised web site. Once installed, the update encrypts user files, rendering them inaccessible until a ransom demand of […]

Read More
17
Oct

KRACK Attack Opens Your Wi-Fi Networks to Snooping

Posted by on · · · · · | News

Mathy VanHoef, a researcher with the imec-DistriNet Research Group at University of Leuven, Belgium has released a paper titled Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 which details a major vulnerability in the WPA2 wireless security protocol. Per VanHoef’s release notes: [A]ttackers can use this novel attack technique to read information that was previously […]

Read More