Week in review: VENOM bug, infosec and ethics, and flawed crypto endangers smart grid devices
Here’s an overview of some of last week’s most interesting news, podcasts and articles:IoT and the great data heistWith the introduction of new mobile devices in …
ISSA-LA to hold premier Los Angeles information security event
The Seventh Annual Information Security Summit offers educational sessions presented by a world-class line up of keynote and featured presenters.This year’s Summit and …
Rogue GTA 5 mods carry password-stealing malware
“Gamers who choose to play Grand Theft Auto V (GTA 5) on their PC should be carefull not to install two game mods that have been found to be bundled with malware. …
Rombertik’s disk wiping mechanism is aimed at pirates, not researchers
Rombertik, the information-stealing malware that was recently analyzed by Cisco researchers and which apparently tries to prevent researchers from doing so by rewriting the …
Security firm publishes details, exploit code for Google App Engine flaws
Polish firm Security Explorations has published technical details and PoC code for several security issues identified in Google App Engine (GAE) for Java.The company has found …
How Google handles “right to be forgotten” requests
Google has released a new report on its implementation of “right to be forgotten” requests, and has revealed that it has removed 58.7 percent of the URLs it was …
Google completes ban of extensions not in the Chrome Web Store
Google is slowly but surely working on preventing developers of malicious Chrome extensions from delivering their wares to users.First, in May 2014, they made it so that …
Sensitive customer data leaked following mSpy data breach
mSpy, a company that sells “customized and user-friendly mobile and computer monitoring solutions,” has apparently suffered a data breach.They still haven’t …
United Airlines offers air miles for vulnerability information
United Airlines has become the first airline to start a bug bounty program and instead of monetary rewards, it offers air miles: a million for remote code execution bugs, …
US House of Representatives votes to stop NSA’s bulk data collection
The highly debated USA FREEDOM Act, a bill whose purpose is “to rein in the dragnet collection of data by the NSA and other government agencies, increase transparency of …
New domains revive old spam
The new generic top-level domain (gTLD) registration program, launched in January 2014 and intended for use by relevant communities and organizations, has proved irresistible …
Organizations lack control over mobile workspaces
More than 64 percent of respondents to a SANS survey said a majority of their mobile workforce can access their organizations’ secure data remotely, yet less than 25 percent …