Senator Asks White House Cyber Chief to Block Malicious Ads on Government Networks
A US senator has asked the White House to look into the threat that malicious ads —also known as malvertising— pose to US government networks and computers. [...]
https://www.bleepingcomputer.com/news/security/senator-asks-white-house-cyber-chief-to-block-malicious-ads-on-government-networks/
A US senator has asked the White House to look into the threat that malicious ads —also known as malvertising— pose to US government networks and computers. [...]
https://www.bleepingcomputer.com/news/security/senator-asks-white-house-cyber-chief-to-block-malicious-ads-on-government-networks/
BleepingComputer
Senator Asks White House Cyber Chief to Block Malicious Ads on Government Networks
A US senator has asked the White House to look into the threat that malicious ads —also known as malvertising— pose to US government networks and computers.
Github Will Warn Developers About Vulnerable Dependencies in Their Projects
GitHub — the Internet largest code hosting service — is rolling out a new security feature through which it hopes to reduce the number of vulnerable projects hosted and distributed through its platform. [...]
https://www.bleepingcomputer.com/news/security/github-will-warn-developers-about-vulnerable-dependencies-in-their-projects/
GitHub — the Internet largest code hosting service — is rolling out a new security feature through which it hopes to reduce the number of vulnerable projects hosted and distributed through its platform. [...]
https://www.bleepingcomputer.com/news/security/github-will-warn-developers-about-vulnerable-dependencies-in-their-projects/
BleepingComputer
Github Will Warn Developers About Vulnerable Dependencies in Their Projects
GitHub — the Internet largest code hosting service — is rolling out a new security feature through which it hopes to reduce the number of vulnerable projects hosted and distributed through its platform.
Oracle Products Affected by Critical JOLDandBLEED Vulnerabilities
Oracle has issued an out-of-band emergency security update to address five vulnerabilities, among which one is rated 10 out of 10 on the CVSSv3 bug severity scale, and a second was rated 9.9 out of 10. [...]
https://www.bleepingcomputer.com/news/security/oracle-products-affected-by-critical-joldandbleed-vulnerabilities/
Oracle has issued an out-of-band emergency security update to address five vulnerabilities, among which one is rated 10 out of 10 on the CVSSv3 bug severity scale, and a second was rated 9.9 out of 10. [...]
https://www.bleepingcomputer.com/news/security/oracle-products-affected-by-critical-joldandbleed-vulnerabilities/
BleepingComputer
Oracle Products Affected by Critical JOLDandBLEED Vulnerabilities
Oracle has issued an out-of-band emergency security update to address five vulnerabilities, among which one is rated 10 out of 10 on the CVSSv3 bug severity scale, and a second was rated 9.9 out of 10.
China Delays Vulnerability Disclosure Process on Important Bugs
The Chinese vulnerability disclosure program is lagging behind when it comes to publishing details about critical flaws and vulnerabilities exploited by Chinese-linked cyber-espionage groups. [...]
https://www.bleepingcomputer.com/news/security/china-delays-vulnerability-disclosure-process-on-important-bugs/
The Chinese vulnerability disclosure program is lagging behind when it comes to publishing details about critical flaws and vulnerabilities exploited by Chinese-linked cyber-espionage groups. [...]
https://www.bleepingcomputer.com/news/security/china-delays-vulnerability-disclosure-process-on-important-bugs/
BleepingComputer
China Delays Vulnerability Disclosure Process on Important Bugs
The Chinese vulnerability disclosure program is lagging behind when it comes to publishing details about critical flaws and vulnerabilities exploited by Chinese-linked cyber-espionage groups.
Germany Bans Kids' Smartwatches, Classifies Them as Illegal Spying Devices
Germany's Federal Network Agency (Bundesnetzagentur), the country's telecommunications agency, has banned the sale of children's smartwatches after it classified such devices as "prohibited listening devices." [...]
https://www.bleepingcomputer.com/news/government/germany-bans-kids-smartwatches-classifies-them-as-illegal-spying-devices/
Germany's Federal Network Agency (Bundesnetzagentur), the country's telecommunications agency, has banned the sale of children's smartwatches after it classified such devices as "prohibited listening devices." [...]
https://www.bleepingcomputer.com/news/government/germany-bans-kids-smartwatches-classifies-them-as-illegal-spying-devices/
BleepingComputer
Germany Bans Kids' Smartwatches, Classifies Them as Illegal Spying Devices
Germany's Federal Network Agency (Bundesnetzagentur), the country's telecommunications agency, has banned the sale of children's smartwatches after it classified such devices as "prohibited listening devices."
#AskACISO Interview with Bob Turner, CISO of the University of Wisconsin-Madison
As part of my goal to becoming a Chief Information Security Office in the future, I have been conducting interviews with CISOs to gain insight and advice based on their experiences in this position. In this edition of the #AskACISO Interviews, I interviewed Bob Turner, the CISO of the University of Wisconsin-Madison. [...]
https://www.bleepingcomputer.com/editorial/security/askaciso-interview-with-bob-turner-ciso-of-the-university-of-wisconsin-madison/
As part of my goal to becoming a Chief Information Security Office in the future, I have been conducting interviews with CISOs to gain insight and advice based on their experiences in this position. In this edition of the #AskACISO Interviews, I interviewed Bob Turner, the CISO of the University of Wisconsin-Madison. [...]
https://www.bleepingcomputer.com/editorial/security/askaciso-interview-with-bob-turner-ciso-of-the-university-of-wisconsin-madison/
BleepingComputer
#AskACISO Interview with Bob Turner, CISO of the University of Wisconsin-Madison
As part of my goal to becoming a Chief Information Security Office in the future, I have been conducting interviews with CISOs to gain insight and advice based on their experiences in this position. In this edition of the #AskACISO Interviews, I interviewed…
Windows 8 and Later Fail to Properly Apply ASLR
Windows 8, Windows 8.1, and subsequent Windows 10 variations fail to properly apply ASLR, rendering this crucial Windows security feature useless. [...]
https://www.bleepingcomputer.com/news/security/windows-8-and-later-fail-to-properly-apply-aslr/
Windows 8, Windows 8.1, and subsequent Windows 10 variations fail to properly apply ASLR, rendering this crucial Windows security feature useless. [...]
https://www.bleepingcomputer.com/news/security/windows-8-and-later-fail-to-properly-apply-aslr/
BleepingComputer
Windows 8 and Later Fail to Properly Apply ASLR
Windows 8, Windows 8.1, and subsequent Windows 10 variations fail to properly apply ASLR, rendering this crucial Windows security feature useless.
Play Overwatch Free this Weekend & 50% Off Black Friday Deal Available Now
Blizzard has made Overwatch free-to-play for this weekend and have started Black Friday early by taking 50% off OverWatch until November 27th for subscribers to Xbox Live Gold or Playstation Plus. [...]
https://www.bleepingcomputer.com/news/gaming/play-overwatch-free-this-weekend-and-50-percent-off-black-friday-deal-available-now/
Blizzard has made Overwatch free-to-play for this weekend and have started Black Friday early by taking 50% off OverWatch until November 27th for subscribers to Xbox Live Gold or Playstation Plus. [...]
https://www.bleepingcomputer.com/news/gaming/play-overwatch-free-this-weekend-and-50-percent-off-black-friday-deal-available-now/
BleepingComputer
Play Overwatch Free this Weekend & 50% Off Black Friday Deal Available Now
Blizzard has made Overwatch free-to-play for this weekend and have started Black Friday early by taking 50% off OverWatch until November 27th for subscribers to Xbox Live Gold or Playstation Plus.
0000 Cryptomix Ransomware Variant Released
A new CryptoMix Ransomware variant was discovered that appends the .0000 extension to encrypted files and changes the contact emails used by the ransomware. This article will provide a brief description on the changes in this variant. [...]
https://www.bleepingcomputer.com/news/security/0000-cryptomix-ransomware-variant-released/
A new CryptoMix Ransomware variant was discovered that appends the .0000 extension to encrypted files and changes the contact emails used by the ransomware. This article will provide a brief description on the changes in this variant. [...]
https://www.bleepingcomputer.com/news/security/0000-cryptomix-ransomware-variant-released/
BleepingComputer
0000 Cryptomix Ransomware Variant Released
A new CryptoMix Ransomware variant was discovered that appends the .0000 extension to encrypted files and changes the contact emails used by the ransomware. This article will provide a brief description on the changes in this variant.
US Military Database Holding Web-Monitoring Data Left Exposed Online
A security researcher revealed today he found three misconfigured Amazon S3 servers belonging to the US Department of Defense (DOD) containing 1.8 billion social media and forum posts made by users from all over the world, including many by Americans. [...]
https://www.bleepingcomputer.com/news/security/us-military-database-holding-web-monitoring-data-left-exposed-online/
A security researcher revealed today he found three misconfigured Amazon S3 servers belonging to the US Department of Defense (DOD) containing 1.8 billion social media and forum posts made by users from all over the world, including many by Americans. [...]
https://www.bleepingcomputer.com/news/security/us-military-database-holding-web-monitoring-data-left-exposed-online/
BleepingComputer
US Military Database Holding Web-Monitoring Data Left Exposed Online
A security researcher revealed today he found three misconfigured Amazon S3 servers belonging to the US Department of Defense (DOD) containing 1.8 billion social media and forum posts made by users from all over the world, including many by Americans.
The Week in Ransomware - November 17th 2017 - CryptoMix and Targeted Attacks
This week was for the most part only small variants released. Of particular interest is the release of two CryptoMix variants and a in-development ransomware that is specifically targeting the J.Sterling Morton high school students through a fake student survey. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-17th-2017-cryptomix-and-targeted-attacks/
This week was for the most part only small variants released. Of particular interest is the release of two CryptoMix variants and a in-development ransomware that is specifically targeting the J.Sterling Morton high school students through a fake student survey. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-17th-2017-cryptomix-and-targeted-attacks/
BleepingComputer
The Week in Ransomware - November 17th 2017 - CryptoMix and Targeted Attacks
This week was for the most part only small variants released. Of particular interest is the release of two CryptoMix variants and a in-development ransomware that is specifically targeting the J.Sterling Morton high school students through a fake student…
Microsoft Updates Cause Old Epson Printers to Malfunction
Microsoft confirmed that six updates the company delivered this week as part of the November 2017 Patch Tuesday are causing Epson dot matrix printers to malfunction. [...]
https://www.bleepingcomputer.com/news/hardware/microsoft-updates-cause-old-epson-printers-to-malfunction/
Microsoft confirmed that six updates the company delivered this week as part of the November 2017 Patch Tuesday are causing Epson dot matrix printers to malfunction. [...]
https://www.bleepingcomputer.com/news/hardware/microsoft-updates-cause-old-epson-printers-to-malfunction/
BleepingComputer
Microsoft Updates Cause Old Epson Printers to Malfunction
Microsoft confirmed that six updates the company delivered this week as part of the November 2017 Patch Tuesday are causing Epson dot matrix printers to malfunction.
Microsoft's Black Friday Deals on Xbox One, Surface Laptop, and the Surface Pro
Microsoft has released their Black Friday promotions with deals on the new Surface Pro, the Surface Laptop, Xbox consoles and games, and virtual reality headsets. Most of these deals are starting on Monday, but discounts on Xbox games have already started. [...]
https://www.bleepingcomputer.com/news/deals/microsofts-black-friday-deals-on-xbox-one-surface-laptop-and-the-surface-pro/
Microsoft has released their Black Friday promotions with deals on the new Surface Pro, the Surface Laptop, Xbox consoles and games, and virtual reality headsets. Most of these deals are starting on Monday, but discounts on Xbox games have already started. [...]
https://www.bleepingcomputer.com/news/deals/microsofts-black-friday-deals-on-xbox-one-surface-laptop-and-the-surface-pro/
BleepingComputer
Microsoft's Black Friday Deals on Xbox One, Surface Laptop, and the Surface Pro
Microsoft has released their Black Friday promotions with deals on the new Surface Pro, the Surface Laptop, Xbox consoles and games, and virtual reality headsets. Most of these deals are starting on Monday, but discounts on Xbox games have already started.
Microsoft Appears to Have Lost the Source Code of an Office Component
The way Microsoft patched a recent security bug has made several security and software experts believe the company might have lost the source code to one of its Office components. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-appears-to-have-lost-the-source-code-of-an-office-component/
The way Microsoft patched a recent security bug has made several security and software experts believe the company might have lost the source code to one of its Office components. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-appears-to-have-lost-the-source-code-of-an-office-component/
BleepingComputer
Microsoft Appears to Have Lost the Source Code of an Office Component
The way Microsoft patched a recent security bug has made several security and software experts believe the company might have lost the source code to one of its Office components.
Android Bug Lets Attackers Record Audio & Screen Activity on 3 of 4 Smartphones
Android smartphones running Lolipop, Marshmallow, and Nougat, are vulnerable to an attack that exploits the MediaProjection service to capture the user's screen and record system audio [...]
https://www.bleepingcomputer.com/news/security/android-bug-lets-attackers-record-audio-and-screen-activity-on-3-of-4-smartphones/
Android smartphones running Lolipop, Marshmallow, and Nougat, are vulnerable to an attack that exploits the MediaProjection service to capture the user's screen and record system audio [...]
https://www.bleepingcomputer.com/news/security/android-bug-lets-attackers-record-audio-and-screen-activity-on-3-of-4-smartphones/
BleepingComputer
Android Bug Lets Attackers Record Audio & Screen Activity on 3 of 4 Smartphones
Android smartphones running Lolipop, Marshmallow, and Nougat, are vulnerable to an attack that exploits the MediaProjection service to capture the user's screen and record system audio
Terdot Banking Trojan Grows Into a Sophisticated Threat
Everything else is new, and there's a lot of it. According to Bitdefender, Terdot can also operate a local MitM proxy server to sniff and reroute web traffic, can target more than just banking sites, and can also download and execute files from a remote server. [...]
https://www.bleepingcomputer.com/news/security/terdot-banking-trojan-grows-into-a-sophisticated-threat/
Everything else is new, and there's a lot of it. According to Bitdefender, Terdot can also operate a local MitM proxy server to sniff and reroute web traffic, can target more than just banking sites, and can also download and execute files from a remote server. [...]
https://www.bleepingcomputer.com/news/security/terdot-banking-trojan-grows-into-a-sophisticated-threat/
BleepingComputer
Terdot Banking Trojan Grows Into a Sophisticated Threat
Everything else is new, and there's a lot of it. According to Bitdefender, Terdot can also operate a local MitM proxy server to sniff and reroute web traffic, can target more than just banking sites, and can also download and execute files from a remote server.
Wp-Vcd WordPress Malware Campaign Is Back
WordPress site owners should be on the lookout for a malware strain tracked as wp-vcd that hides in legitimate WordPress files and that is used to add a secret admin user and grant attackers control over infected sites. [...]
https://www.bleepingcomputer.com/news/security/wp-vcd-wordpress-malware-campaign-is-back/
WordPress site owners should be on the lookout for a malware strain tracked as wp-vcd that hides in legitimate WordPress files and that is used to add a secret admin user and grant attackers control over infected sites. [...]
https://www.bleepingcomputer.com/news/security/wp-vcd-wordpress-malware-campaign-is-back/
BleepingComputer
Wp-Vcd WordPress Malware Campaign Is Back
WordPress site owners should be on the lookout for a malware strain tracked as wp-vcd that hides in legitimate WordPress files and that is used to add a secret admin user and grant attackers control over infected sites.
Another Tor Browser Feature Makes It Into Firefox: First-Party Isolation
Unbeknown to most users, Mozilla added a privacy-enhancing feature to the Firefox browser over the summer that can help users block online advertisers from tracking them across the Internet. [...]
https://www.bleepingcomputer.com/news/software/another-tor-browser-feature-makes-it-into-firefox-first-party-isolation/
Unbeknown to most users, Mozilla added a privacy-enhancing feature to the Firefox browser over the summer that can help users block online advertisers from tracking them across the Internet. [...]
https://www.bleepingcomputer.com/news/software/another-tor-browser-feature-makes-it-into-firefox-first-party-isolation/
BleepingComputer
Another Tor Browser Feature Makes It Into Firefox: First-Party Isolation
Unbeknown to most users, Mozilla added a privacy-enhancing feature to the Firefox browser over the summer that can help users block online advertisers from tracking them across the Internet.
SSL Certificate Provider StartCom Shuts Down After Browser Ban
Certificate Authority (CA) StartCom announced last week, on Friday, its intention to cease operations by 2018, and completely shut down its certificate infrastructure by 2020. [...]
https://www.bleepingcomputer.com/news/security/ssl-certificate-provider-startcom-shuts-down-after-browser-ban/
Certificate Authority (CA) StartCom announced last week, on Friday, its intention to cease operations by 2018, and completely shut down its certificate infrastructure by 2020. [...]
https://www.bleepingcomputer.com/news/security/ssl-certificate-provider-startcom-shuts-down-after-browser-ban/
BleepingComputer
SSL Certificate Provider StartCom Shuts Down After Browser Ban
Certificate Authority (CA) StartCom announced last week, on Friday, its intention to cease operations by 2018, and completely shut down its certificate infrastructure by 2020.
82% of the Code on GitHub Consists of Clones of Previously Created Files
Most source code files hosted on GitHub are actually clones of previously created files, according to a recent study conducted by a joint team of researchers from the University of California, Irvine, the Czech Technical University, Microsoft Research, and Northeastern University. [...]
https://www.bleepingcomputer.com/news/software/82-percent-of-the-code-on-github-consists-of-clones-of-previously-created-files/
Most source code files hosted on GitHub are actually clones of previously created files, according to a recent study conducted by a joint team of researchers from the University of California, Irvine, the Czech Technical University, Microsoft Research, and Northeastern University. [...]
https://www.bleepingcomputer.com/news/software/82-percent-of-the-code-on-github-consists-of-clones-of-previously-created-files/
BleepingComputer
82% of the Code on GitHub Consists of Clones of Previously Created Files
Most source code files hosted on GitHub are actually clones of previously created files, according to a recent study conducted by a joint team of researchers from the University of California, Irvine, the Czech Technical University, Microsoft Research, and…
Amazon, Microsoft Launch Secret Cloud Servers for the US Intelligence Community
Today, Amazon announced a new offering named "AWS Secret Region," which is a cloud server region for use only by US intelligence agencies and their third-party contractors. [...]
https://www.bleepingcomputer.com/news/government/amazon-microsoft-launch-secret-cloud-servers-for-the-us-intelligence-community/
Today, Amazon announced a new offering named "AWS Secret Region," which is a cloud server region for use only by US intelligence agencies and their third-party contractors. [...]
https://www.bleepingcomputer.com/news/government/amazon-microsoft-launch-secret-cloud-servers-for-the-us-intelligence-community/
BleepingComputer
Amazon, Microsoft Launch Secret Cloud Servers for the US Intelligence Community
Today, Amazon announced a new offering named "AWS Secret Region," which is a cloud server region for use only by US intelligence agencies and their third-party contractors.