20
Jun

Widely used D-Link Modem/Router Under Attack

Posted by on · · · · | News

Ars Technica is running a story on how the Sartori botnet has been actively targeting widely used D-Link DSL Internet modems in a effort to expand its infected base and likely launch new, and more sophisticated attacks against networks and devices. What makes the focus on D-Link notable is its position as one of the […]

Read More
06
Apr

NYC Announces City’s First-Ever Cybersecurity Initiative

Posted by on · · · | News

Via NYC.gov: Mayor Bill de Blasio has a announced “NYC Secure“, New York City’s first ever cyber-security initiative. NYC Secure will defend New Yorkers from malicious cyber activity on mobile devices, across public Wi-Fi networks, and beyond. The first NYC Secure programs will include a free City-sponsored smartphone protection app that, when installed, will issue […]

Read More
06
Feb

In Just 24 hours, 5,000 Android Devices are Conscripted into Mining Botnet

Posted by on · · · · | Blog · News

Via Ars Technica: A new internet worm emerged over the weekend that took less than 24-hours to infect Android devices such a smartphones and TV boxes. Once infected, the devices began mining the Monero brand of crypto-currency, and seeking additional devices to infect: Once infected, Android phones and TV boxes scan networks for other devices […]

Read More
30
Jan

More Than 2000 WordPress Sites Found to be Infected With Key-Logging Malware

Posted by on · · · | Blog · News

The security desk at Ars Technica is reporting on a new attack where more than 2000 WordPress sites were infected with malware that can capture keystrokes (and passwords) within the administrative control panel. It also installs an in-browser crypto-currency miner that hijacks the computers of site visitors to run silently in the background. Side effects […]

Read More
12
Jan

Meltdown and Spectre: The Pain Has Only Just Begun

Posted by on · · · | Blog · News

Ars Technica has published an excellent in-depth article detailing how the upcoming software and hardware patches designed to deal with the Meltdown and Spectre vulnerabilities will likely have a negative impact on computer performance. To recap: modern high-performance processors perform what is called speculative execution. They will make assumptions about which way branches in the code […]

Read More
27
Dec

Critical Vulnerability Patched in Mozilla Thunderbird

Posted by on · · · | News

Via Ars Technica: Mozilla has recently released a major upgrade to the Thunderbird email client that addresses a critical buffer-overflow vulnerability that was discovered earlier this year: The bug, rated critical by the Mozilla Foundation, is CVE-2017-7845, which is a buffer overflow vulnerability affecting only Windows users. “A buffer overflow occurs when drawing and validating […]

Read More
03
Nov

Westlaw: Blockchain 101

Posted by on · · · · · | News

Thomson Reuters (aka: Westlaw) has a introductory primer up on the increased use of blockchain technologies in both the financial and legal sectors. Blockchain 101 [Note: The article is partially pay-walled, so to read the full piece you will need a Westlaw login.]

Read More
25
Oct

New Ransomware, Dubbed “Bad Rabbit”, Strikes Europe

Posted by on · · · · | News

Endgadget is reporting on a new malware attack underway in in Europe. Dubbed “Bad Rabbit”, the attack takes advantage of widely known flaws in Adobe’s Flash product to trick users into downloading a fake update from a compromised web site. Once installed, the update encrypts user files, rendering them inaccessible until a ransom demand of […]

Read More
17
Oct

KRACK Attack Opens Your Wi-Fi Networks to Snooping

Posted by on · · · · · | News

Mathy VanHoef, a researcher with the imec-DistriNet Research Group at University of Leuven, Belgium has released a paper titled Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 which details a major vulnerability in the WPA2 wireless security protocol. Per VanHoef’s release notes: [A]ttackers can use this novel attack technique to read information that was previously […]

Read More
05
Oct

Yahoo!’s 2013 Data Breach Was FAR Worse Than Reported

Posted by on · · · | News

Via Bloomberg: “Yahoo! Triples Likely Scope of 2013 Hack to 3 Billion Users” If you’ve ever had a Yahoo! account, the following sentence is not going to help your blood pressure: Yahoo, the internet company acquired by Verizon Communications Inc. this year, now believes a 2013 security breach exposed all 3 billion of its users […]

Read More