Security News

GovPayNow payment portal may have exposed over 14 million customer records

ZDNet Zero Day - 19 hours 50 min ago
Names, addresses, and financial data were reportedly compromised due to lax security practices.
Categories: Security News

UK watchdog has not issued any GDPR data breach-related fines yet

ZDNet Zero Day - Mon, 09/17/2018 - 23:40
UK official says ICO has been receiving 500 calls a week to the agency's breach reporting line since May 25, the day the new GDPR regulation entered into effect.
Categories: Security News

US lawmakers introduce bill to fight cybersecurity workforce shortage

ZDNet Zero Day - Mon, 09/17/2018 - 17:29
Report claims US public and private sectors had over 300,000 cybersecurity-related job openings between April 2017 and March 2018.
Categories: Security News

New XBash malware combines ransomware, coinminer, botnet, and worm features in deadly combo

ZDNet Zero Day - Mon, 09/17/2018 - 16:01
New XBash malware strain targets both Linux and Windows servers
Categories: Security News

Apple iOS 12 security update tackles Safari spoofing, data leaks, kernel memory flaws

ZDNet Zero Day - Mon, 09/17/2018 - 14:52
The iPad and iPhone maker's iOS 12 launch is accompanied by a slew of security updates for various products.
Categories: Security News

Facebook bolsters bug bounty program with rewards for user token exposure

ZDNet Zero Day - Mon, 09/17/2018 - 11:17
If you submit a valid case of Facebook user access token leaks, you are eligible for a financial reward.
Categories: Security News

Hackers hijack surveillance camera footage with 'Peekaboo' zero-day vulnerability

ZDNet Zero Day - Mon, 09/17/2018 - 11:00
The previously unknown security flaw in Nuuo software is thought to impact hundreds of thousands of devices worldwide.
Categories: Security News

Ordinary Wi-Fi devices can be used to detect suspicious luggage, bombs, weapons

ZDNet Zero Day - Mon, 09/17/2018 - 09:36
Researchers turn ordinary WiFi devices in rudimentary scanners that can identify potentially dangerous objects hidden inside bags or luggage.
Categories: Security News

NSA Attacks Against Virtual Private Networks

Schneier on Security - Mon, 09/17/2018 - 06:12
A 2006 document from the Snowden archives outlines successful NSA operations against "a number of "high potential" virtual private networks, including those of media organization Al Jazeera, the Iraqi military and internet service organizations, and a number of airline reservation systems." It's hard to believe that many of the Snowden documents are now more than a decade old.... Bruce Schneier
Categories: Security News

Why the 'fixed' Windows EternalBlue exploit won't die

ZDNet Zero Day - Mon, 09/17/2018 - 05:53
Cryptojacking, endless infection loops, and more are ensuring that the leaked NSA tool continues to disrupt the enterprise worldwide.
Categories: Security News

GAW Miners CEO earns prison time for defrauding customers of $9 million

ZDNet Zero Day - Mon, 09/17/2018 - 03:46
The company operated a Ponzi scheme under the guise of cryptocurrency mining.
Categories: Security News

Ransomware attack blacks out screens at Bristol Airport

ZDNet Zero Day - Sun, 09/16/2018 - 16:56
Airport officials decline to pay ransom demand and manually restore all affected systems. Functionality has been restored to all screens after two days.
Categories: Security News

Critical infrastructure will have to operate if there's malware on it or not

ZDNet Zero Day - Sun, 09/16/2018 - 08:51
Retired US Air Force cyber-security expert shares his thoughts on the future of critical infrastructure security.
Categories: Security News

Nasty piece of CSS code crashes and restarts iPhones

ZDNet Zero Day - Sat, 09/15/2018 - 17:33
Vulnerability most likely affects any iOS and macOS app that uses the WebKit rendering engine to display web pages. Apple is investigating.
Categories: Security News

FragmentSmack vulnerability also affects Windows, but Microsoft patched it

ZDNet Zero Day - Fri, 09/14/2018 - 18:04
FragmentStack can drive CPU usage up through the roof, jamming servers bombarded with malformed IP packets. Just the ideal vulnerability for DDoS attacks on Windows servers.
Categories: Security News

Friday Squid Blogging: Dissecting a Giant Squid

Schneier on Security - Fri, 09/14/2018 - 16:13
Lessons learned. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security News

Click Here to Kill Everybody Reviews and Press Mentions

Schneier on Security - Fri, 09/14/2018 - 14:14
It's impossible to know all the details, but my latest book seems to be selling well. Initial reviews have been really positive: Boing Boing, Financial Times, Harris Online, Kirkus Reviews, Nature, Politico, and Virus Bulletin. I've also done a bunch of interviews -- either written or radio/podcast -- including the Washington Post, a Reddit AMA, "The 1A " on NPR,... Bruce Schneier
Categories: Security News

US loses extradition battle with Russia for Bitcoin kingpin

ZDNet Zero Day - Fri, 09/14/2018 - 13:38
Around 95 percent of all ransomware payments were laundered through Vinnik's BTC-e platform.
Categories: Security News

Blockchain betting app mocks competitor for getting hacked. Gets hacked four days later

ZDNet Zero Day - Fri, 09/14/2018 - 10:28
Hacker steals roughly $125,000 from blockchain-based online gambling app by exploiting vulnerability in EOS smart contract (game's source code).
Categories: Security News

Data breaches affect stock performance in the long run, study finds

ZDNet Zero Day - Fri, 09/14/2018 - 09:02
Study finds that stocks from 28 companies that suffered large breaches had underperformed on the stock market.
Categories: Security News