CrowdStrike launches Intelligence Exchange Program
At Black Hat, CrowdStrike announced the launch of the CrowdStrike Intelligence Exchange Program (CSIX). The exchange enables vendor partners to access and share threat …
Teen researcher publishes PayPal 2FA bypass exploit
Joshua Rogers, a teenage whitehat based in Australia, has found an extremely simple way to bypass PayPal’s two-factor authentication feature. Rogers first discovered the …
Open source threat visualization engine for infosec pros
OpenDNS has released OpenGraphiti, an interactive open source data visualization engine that enables security analysts, researchers and data scientists to pair visualization …
DDoS attack volumes plummet as NTP servers got patched
Wise to attackers’ exploitation of the Network Time Protocol (NTP) vulnerability to create distributed reflection denial of service (DrDoS) attacks, information security …
The weak links in an increasingly dynamic threat landscape
The Cisco 2014 Midyear Security Report, released today at Black Hat, examines the “weak links” in organizations – outdated software, bad code, abandoned …
PF Chang’s data breach lasted 8 months
Asian-themed US restaurant chain P.F. Chang’s China Bistro has finally provided some more details about the breach it suffered earlier this year, including the 33 …
Android RAT impersonates Kaspersky Mobile Security
A clever malware delivery campaign impersonating well-known AV vendor Kaspersky Lab is actively targeting Polish Android users. It all starts with a spam email sporting the …
How to foil SynoLocker and minimize the damage
We wrote on Monday warning about Synology NAS users being targeted with SynoLocker, a customized version of the Cryptolocker ransomware, which encrypts the files contained on …
Poweliks malware creates no files, lays low in the registry
For most malware, performing their malicious task(s) is the primary goal, and a close second is to stay unnoticed on the system for as long as possible. As developers of …
NIST asks for comments on security guide for federal information systems
The National Institute of Standards and Technology (NIST) has issued for public comment a draft update of its primary guide to assessing the security and privacy controls that …
China bans Symantec, Kaspersky software from govt systems
Symantec and Kaspersky Lab have become the latest victims of Chinese government’s procurement agency’s axe as the two firms have been dropped from the approved …
New game sharpens secure coding skills
Today at Black Hat, Checkmarx launched Game of Hacks, a challenging game for software developers and security professionals to test their application hacking skills, improve …
Featured news
Resources
Don't miss
- RansomHub claims alleged breach of Apple partner Luxshare
- Linux users targeted by crypto thieves via hijacked apps on Snap Store
- Pro-Russian hacktivist campaigns continue against UK organizations
- Cybercriminals speak the language young people trust
- Bandit: Open-source tool designed to find security issues in Python code