Feed aggregator

Ransomware hits Louisiana state government systems

ZDNet Zero Day - Mon, 11/18/2019 - 18:44
Ransomware contained and some systems have already been recovered.
Categories: Security News

ProtonMail blocked in Belarus following wave of bomb threats across the country

ZDNet Zero Day - Mon, 11/18/2019 - 14:47
ProtonMail was previously blocked in Russia in March this year for the same reason
Categories: Security News

Intel to remove old drivers and BIOS updates from its site by the end of the week

ZDNet Zero Day - Mon, 11/18/2019 - 08:31
Intel is removing drivers and BIOS updates for desktop components and motherboards released in the 90s and early 2000s.
Categories: Security News

Security Vulnerabilities in Android Firmware

Schneier on Security - Mon, 11/18/2019 - 06:33
Researchers have discovered and revealed 146 vulnerabilities in various incarnations of Android smartphone firmware. The vulnerabilities were found by scanning the phones of 29 different Android makers, and each is unique to a particular phone or maker. They were found using automatic tools, and it is extremely likely that many of the vulnerabilities are not exploitable -- making them bugs... Bruce Schneier
Categories: Security News

Google patches ‘awesome’ XSS vulnerability in Gmail dynamic email feature

ZDNet Zero Day - Mon, 11/18/2019 - 05:18
The bug bounty hunter who disclosed the issue says the bug is a prime example of DOM Clobbering.
Categories: Security News

Attackers using WhatsApp MP4 video files vulnerability can remotely execute code

ZDNet Zero Day - Mon, 11/18/2019 - 03:56
The buffer overflow flow bug has been disclosed by Facebook.
Categories: Security News

Symantec, ESET, McAfee rank first in Windows anti-malware market share

ZDNet Zero Day - Sun, 11/17/2019 - 23:45
Avast, the market's leader for the past five years, has fallen to #6.
Categories: Security News

Chrome, Edge, Safari hacked at elite Chinese hacking contest

ZDNet Zero Day - Sat, 11/16/2019 - 18:24
China's top white-hat hackers have gathered in Chengdu to test zero-days against today's top software.
Categories: Security News

Thousands of hacked Disney+ accounts are already for sale on hacking forums

ZDNet Zero Day - Sat, 11/16/2019 - 02:00
Hackers began hijacking accounts hours after Disney+ launched earlier this week.
Categories: Security News

Friday Squid Blogging: Planctotuethis Squid

Schneier on Security - Fri, 11/15/2019 - 16:13
Neat video, and an impressive-looking squid. I can't figure out how long it is. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security News

TPM-Fail Attacks Against Cryptographic Coprocessors

Schneier on Security - Fri, 11/15/2019 - 09:36
Really interesting research: TPM-FAIL: TPM meets Timing and Lattice Attacks, by Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, and Nadia Heninger. Abstract: Trusted Platform Module (TPM) serves as a hardware-based root of trust that protects cryptographic keys from privileged system and physical adversaries. In this work, we per-form a black-box timing analysis of TPM 2.0 devices deployed on commodity computers. Our... Bruce Schneier
Categories: Security News

When one isn’t enough: This shady malware will infect your PC with dual Trojans

ZDNet Zero Day - Fri, 11/15/2019 - 07:17
Low detection rates and the drop of not one, but two Trojans, spells trouble.
Categories: Security News

US charges men with cryptocurrency theft, SIM-swapping attacks

ZDNet Zero Day - Fri, 11/15/2019 - 06:07
Hundreds of thousands of dollars in cryptocurrency was allegedly pilfered from victim wallets.
Categories: Security News

Google Chrome experiment crashes browser tabs, impacts companies worldwide

ZDNet Zero Day - Thu, 11/14/2019 - 22:44
In what looks to be the Chrome team's biggest misstep, companies report massive outages caused by unannounced Chrome experiment.
Categories: Security News

GitHub launches 'Security Lab' to help secure open source ecosystem

ZDNet Zero Day - Thu, 11/14/2019 - 17:17
Fourteen companies unite get together to search, find, and fix security flaws in GitHub-hosted open source projects.
Categories: Security News

Officials warn about the dangers of using public USB charging stations

ZDNet Zero Day - Thu, 11/14/2019 - 13:44
Travelers should use only AC charging ports, use USB no-data cables, or "USB condom" devices.
Categories: Security News

Upcoming Speaking Engagements

Schneier on Security - Thu, 11/14/2019 - 13:17
This is a current list of where and when I am scheduled to speak: I'm speaking on "Securing a World of Physically Capable Computers" at the Indian Institute of Science in Bangalore, India on December 12, 2019. The list is maintained on this page.... Bruce Schneier
Categories: Security News

Windows & Linux get options to disable Intel TSX to prevent Zombieload v2 attacks

ZDNet Zero Day - Thu, 11/14/2019 - 08:44
Disclosure of new Zombieload v2 vulnerability prompts OS makers to react with ways to disable Intel's TSX technology.
Categories: Security News

Technology and Policymakers

Schneier on Security - Thu, 11/14/2019 - 07:04
Technologists and policymakers largely inhabit two separate worlds. It's an old problem, one that the British scientist CP Snow identified in a 1959 essay entitled The Two Cultures. He called them sciences and humanities, and pointed to the split as a major hindrance to solving the world's problems. The essay was influential -- but 60 years later, nothing has changed.... Bruce Schneier
Categories: Security News