Facebook CSO: It’s Time to Focus on Real Problems
LAS VEGAS–The security community needs to get back to solving real problems facing real users in the real world, Facebook’s CSO said, and the company is putting up a million dollars to help do that. Alex Stamos, the top security official at Facebook, said security professionals are spending too much time focusing on elaborate hacks […]
U.S., European Law Enforcement Take Down AlphaBay Dark Web Market
Authorities in the United States and Europe have shut down two huge criminal marketplace operating on the dark web, one of which officials say was responsible for more than $1 billion in illicit transactions in the last three years. The investigations into the AlphaBay and Hansa marketplaces have been going on since last year, and […]
GhostCtrl Android Malware Hijacks Audio, Roots Devices
A recently discovered piece of Android malware called GhostCtrl apparently evolved from the well-known OmniRAT tool for desktop platforms and has the ability to steal or delete a wide variety of user and device data. GhostCtrl has an interesting pedigree and history. The backdoor is connected to a data-stealing worm known as Retadup that was detected […]
Attackers Compromising Fresh WordPress Installs
Attackers are scanning for new WordPress installations that haven’t been configured yet and compromising them and then using that access to take over entire sites. The attacks have been going on since May and researchers have seen many IP addresses that typically are engaged in other attack campaigns joining in this one, too. Using automated tools, […]
Congressmen Seek to Outlaw Cyber Intel Sharing With Russia
A group of House Democrats has introduced a bill that would formalize a policy of the United States not sharing cyber intelligence with Russia. The proposed law is a direct response to comments President Donald Trump made earlier this week after he met with Russian President Vladimir Putin. After the meeting, Trump said on Twitter […]
Makers of ME Doc Software Say They’ve Closed Backdoor Used By NotPetya
The makers of the M.E. Doc software that has been at the center of the NotPetya malware story say they have produced an updated version of the application that does not include the backdoor that had been slipped in by attackers several months ago. “M.E.Doc has created an update that will ensure safe work in the […]
NATO: NotPetya Likely the Work of State Attackers
The NotPetya ransomware that hit thousands of computers last week likely was created and launched by state-sponsored attackers, according to a new analysis by security experts at NATO. Based on the complexity and estimated cost of the operation, analysts at NATO’s Cooperative Cyber Defense Center of Excellence concluded that NotPetya either was the work of […]
Anthem Settles Data Breach Suit for $115 Million
Anthem Inc., the victim of one of the more extensive data breaches in U.S. history, has agreed to pay a settlement of $115 million to consumers affected by the incident. The settlement is believed to be the largest ever to result from a data breach in the U.S. and would end a class-action lawsuit that followed […]
Microsoft Makes Edge Bug Bounty Permanent
Microsoft is making the bug bounty for its Edge browser a permanent program, a significant change to the way the company incentivizes researchers to find vulnerabilities in the application. It’s been a little less than a year since Microsoft launched the bounty as a temporary offering with the Windows 10 Insider Preview. The idea was […]