Feed aggregator

Mozilla has banned nearly 200 malicious Firefox add-ons over the last two weeks

ZDNet Zero Day - Sat, 01/25/2020 - 02:00
Mozilla's security staff is cracking down on malicious Firefox add-ons.
Categories: Security News

Friday Squid Blogging: More on the Giant Squid's DNA

Schneier on Security - Fri, 01/24/2020 - 16:18
Following on from last week's post, here's more information on sequencing the DNA of the giant squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security News

Trend Micro antivirus zero-day used in Mitsubishi Electric hack

ZDNet Zero Day - Fri, 01/24/2020 - 14:51
Hackers exploited a Trend Micro OfficeScan zero-day to plant malicious files on Mitsubishi Electric servers.
Categories: Security News

Class-action lawsuit filed against controversial Clearview AI startup

ZDNet Zero Day - Fri, 01/24/2020 - 11:05
Plaintiffs claim New York startup broke Illinois privacy laws regarding the use of residents' biometrics data.
Categories: Security News

Technical Report of the Bezos Phone Hack

Schneier on Security - Fri, 01/24/2020 - 08:34
Motherboard obtained and published the technical report on the hack of Jeff Bezos's phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman. ...investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it. Instead, they... Bruce Schneier
Categories: Security News

Hackers target unpatched Citrix servers to deploy ransomware

ZDNet Zero Day - Fri, 01/24/2020 - 08:10
REvil ransomware gang has been spotted abusing Citrix bug to infect victims.
Categories: Security News

Privacy worries cited as possible reason for DNA test firm 23andMe's sales downturn

ZDNet Zero Day - Fri, 01/24/2020 - 07:39
It may be no surprise considering US law enforcement was recently granted permission to plunder DNA databases.
Categories: Security News

Citrix releases new patches to plug critical server vulnerability

ZDNet Zero Day - Fri, 01/24/2020 - 05:58
Additional versions of Citrix ADC and Citrix Gateway can now be protected against the severe security issue.
Categories: Security News

Owner of stolen data marketplace Cardplanet pleads guilty

ZDNet Zero Day - Fri, 01/24/2020 - 04:47
The trading post was a hotbed of stolen US credit card information.
Categories: Security News

New York state wants to ban government agencies from paying ransomware demands

ZDNet Zero Day - Thu, 01/23/2020 - 15:26
Another NY Senate bill would create a cyber security enhancement fund and restricting the use of taxpayer moneys in paying ransoms
Categories: Security News

MDhex vulnerabilities impact GE patient vital signs monitoring devices

ZDNet Zero Day - Thu, 01/23/2020 - 12:34
GE Healthcare plans to release patches in Q2 2020.
Categories: Security News

Someone is uninstalling the Phorpiex malware from infected PCs and telling users to install an antivirus

ZDNet Zero Day - Thu, 01/23/2020 - 11:57
Malware analysts believe someone has hijacked the Phorpiex botnet from its creator and is sabotaging its operations by alerting users they've been infected.
Categories: Security News

Apple Abandoned Plans for Encrypted iCloud Backup after FBI Complained

Schneier on Security - Thu, 01/23/2020 - 06:10
This is new from Reuters: More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee. Under that plan, primarily designed to thwart hackers, Apple would no longer have a... Bruce Schneier
Categories: Security News

A timeline of events surrounding the Bezos phone hack

ZDNet Zero Day - Wed, 01/22/2020 - 15:23
Bezos hack connected to Khashoggi murder and the Washington Post's subsequent media coverage.
Categories: Security News

Microsoft to forcibly install Bing search extension in Chrome for Office 365 ProPlus users

ZDNet Zero Day - Wed, 01/22/2020 - 08:55
Microsoft will change the default search engine in Chrome from Google to Bing for its Office 365 ProPlus customers starting mid-February.
Categories: Security News

Coalition acquires IoT search engine BinaryEdge

ZDNet Zero Day - Wed, 01/22/2020 - 08:00
US cyber-insurer Coalition buys BinaryEdge for undisclosed sum to boost its cyber insurance policy offering.
Categories: Security News

Microsoft discloses security breach of customer support database

ZDNet Zero Day - Wed, 01/22/2020 - 07:28
Five servers storing customer support analytics were accidentally exposed online in December 2019.
Categories: Security News

Data leak strikes US cannabis users, sensitive information exposed

ZDNet Zero Day - Wed, 01/22/2020 - 07:00
A database backing point-of-sale systems used in medical and recreational marijuana dispensaries has been compromised.
Categories: Security News

ProtonVPN apps handed to open source community in transparency push

ZDNet Zero Day - Wed, 01/22/2020 - 06:28
The code backing ProtonVPN apps on all platforms can now be examined at leisure.
Categories: Security News

Half a Million IoT Device Passwords Published

Schneier on Security - Wed, 01/22/2020 - 06:09
It's a list of easy-to-guess passwords for IoT devices on the Internet as recently as last October and November. Useful for anyone putting together a bot network: A hacker has published this week a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) "smart" devices. The list, which was published on a... Bruce Schneier
Categories: Security News