Week in review: APT wars, 18-year-old bug endangers Windows users, and main sources of data breaches
Here’s an overview of some of last week’s most interesting news and articles:Simda botnet taken down in global operationThe Simda botnet, believed to have infected …
Upatre malware gets full SSL comms encryption
“The extremely popular Upatre Trojan downloader has undergone considerable changes that will make it and its communication more difficult to spot and block. The changes …
Attackers actively downing Microsoft’s IIS web servers
Attackers are actively exploiting a DoS vulnerability (CVE-2015-1635) affecting Microsoft’s Internet Information Services (IIS) extensible web server, SANS ISC CTO …
GitHub issues transparency report
GitHub has released its first ever transparency report. Of the 10 subpoenas for user data, GitHub has disclosed information in 7 of them, and has informed affected users about …
Exploit for crashing Minecraft servers made public
After nearly two years of waiting for Mojang to fix a security vulnerability that can be used to crash Minecraft servers, programmer Ammar Askar has released a proof of …
How IT pros protect and investigate their endpoints
More organizations are operating under the assumption that their network has already been compromised, or will be, according to a survey conducted by the SANS Institute. …
Pawn Storm cyberspies still at work, target NATO and the White House
Pawn Storm, the long-standing economic and political cyber-espionage operation that has been first detailed in October 2014, continues unabated. Aiming to compromise the …
1 in 4 employees enable cloud attacks
While businesses are clearly embracing the power of cloud applications with each organization collaborating with an average of 865 other organizations – internal users, …
D-Link’s failed patch for DIR-890L router adds a new hole
Prolific hacker Craig Heffner, who has a particular interest in hacking embedded devices, has recently documented the existence of a command injection bug in the firmware of …
Security analytics: The key for breach detection?
Although security spending is at an all-time high, security breaches at major organizations are also at an all-time high, according to Gartner, Inc. The impact of advanced …
IBM unveils cyber threat intelligence sharing platform
IBM is making its vast library of security intelligence data available via the IBM X-Force Exchange, a new cyber threat intelligence sharing platform powered by IBM Cloud. …
HSBC Finance Corporation confirms data breach
A breach notification letter sent to the New Hampshire Attorney General’s Office by the HSBC Finance Corporation has revealed that sensitive mortgage information of …
Featured news
Resources
Don't miss
- What types of compliance should your password manager support?
- What 35 years of privacy law say about the state of data protection
- 40 open-source tools redefining how security teams secure the stack
- Password habits are changing, and the data shows how far we’ve come
- Product showcase: Tuta – secure, encrypted, private email