Lawmakers Push Bill to Study Vehicle Software Security
A new bill introduced in the House of Representatives Tuesday would force the federal government to perform a long-term study of the security and privacy controls of the software running in vehicles, including their navigation, entertainment and other systems. The bill is sponsored by Rep. Ted Lieu (D-Calif.) and Rep. Joe Wilson (R-S.C.), and it’s another […]
U.S. Intel Report Points to Russia in Election-Related Hacks
In a new report, CIA, FBI, and NSA say that the hacking campaign that targeted the Democratic National Committee, other political organizations, and government agencies in the months before last year’s presidential election was ordered directly by Russian President Vladimir Putin, but says the intrusions didn’t affect vote-tallying systems. The report is a declassified version of […]
NSA: Russia Is the Top U.S. Competitor in Cyberspace
In a report to be published next week, the United States intelligence community will provide further support for its assertions that Russian intelligence services compromised government and private networks to influence the November presidential election. The report also will include details on a motive for the hacking campaign. The new report is the result of […]
California Law Makes Ransomware Use Illegal
It was nice to see the calendar turn over to 2017, for a lot of reasons, not the least of which is that on Jan. 1 a new law went into effect in California that outlaws the use of ransomware. The idea of needing a new law to make a form of hacking illegal may seem […]
Critical Vulnerability Haunts Popular PHP Library
There’s a critical security vulnerability in the PHPMailer library, a flaw that could allow an attacker to execute arbitrary code. The bug can be exploited remotely and a researcher already has released proof-of-concept exploit code for it. The PHPMailer library is used in a large number of web applications and open source projects, including WordPress and […]
Massive Methbot Ad Fraud Network Steals Millions Per Day
Cybercriminals are using a sophisticated botnet operation to impersonate both websites and visitors in order to steal as much as $5 million in ad revenue per day from publishers, according to new research into the network, known as Methbot. The botnet is enmeshed in the online ad infrastructure and has its own elaborate support system, […]
Hailstorm Spam Campaigns Being Used to Evade Defenses
In an effort to get past anti-spam and anti-malware systems and put their garbage in front of potential victims, some spammers are avoiding the traditional strategy of sending huge volumes of mail for long periods of time in favor of sending large bursts of spam in a very short timeframe. This technique, known as hailstorm […]
70 Percent of Enterprise Ransomware Victims Paid Up, Data Shows
Ransomware gangs have been targeting businesses in the last few months, seeking bigger paydays than what they can extract from consumers. The plan has been highly successful, according to new data, which shows that 70 percent of businesses infected with ransomware have paid the ransom to get their data back. Researchers at IBM Security’s X-Force […]
Beta Firmware Update Available for Vulnerable Netgear Routers
With exploit code publicly available and details of the vulnerability widely known, Netgear has released a beta version of new firmware to fix a bug in several of its routers that attackers can use to execute arbitrary code on the devices. The Netgear router vulnerability affects several of the company’s home router models, including the R6250, R6400, […]