Security News

British Airways: Cyberattack, data theft bigger than we first thought

ZDNet Zero Day - Thu, 10/25/2018 - 12:46
185,000 customers in addition to original estimates may have had their data, including credit card information, exposed.
Categories: Security News

New DDoS botnet goes after Hadoop enterprise servers

ZDNet Zero Day - Thu, 10/25/2018 - 11:51
Hacker group targets misconfigured Hadoop YARN components to plant DemonBot DDoS malware on resource-rich servers.
Categories: Security News

North Korea blamed for two cryptocurrency scams, five trading platform hacks

ZDNet Zero Day - Thu, 10/25/2018 - 09:00
Two new reports support FireEye's characterization that North Korea is "the most destructive cyber threat right now."
Categories: Security News

Cisco releases fix for privilege escalation bug in Webex Meetings app

ZDNet Zero Day - Thu, 10/25/2018 - 06:54
No, there are no workarounds -- patch now.
Categories: Security News

Android Ad-Fraud Scheme

Schneier on Security - Thu, 10/25/2018 - 06:49
BuzzFeed is reporting on a scheme where fraudsters buy legitimate Android apps, track users' behavior in order to mimic it in a way that evades bot detectors, and then uses bots to perpetuate an ad-fraud scheme. After being provided with a list of the apps and websites connected to the scheme, Google investigated and found that dozens of the apps... Bruce Schneier
Categories: Security News

Apple blocks GrayKey police tech in iOS update

ZDNet Zero Day - Thu, 10/25/2018 - 05:53
Reports suggest the data-slurping tool has been rendered useless -- but no-one knows how.
Categories: Security News

Facebook must pay UK's ICO £500,000 over Cambridge Analytica scandal

ZDNet Zero Day - Thu, 10/25/2018 - 05:14
The fine has now been imposed and is final, but it could have been far worse.
Categories: Security News

Free decryption tool released for multiple GandCrab ransomware versions

ZDNet Zero Day - Thu, 10/25/2018 - 03:30
New decryption tool can recover files locked by GandCrab versions 1, 4, and 5.
Categories: Security News

Data leak at consulting firm handling fundraisers for the Democratic party

ZDNet Zero Day - Wed, 10/24/2018 - 19:12
Exposed data includes information on thousands of fundraisers and even credentials for databases of voter records.
Categories: Security News

Hacker Guccifer, who exposed Clinton private email server, ready for US prison sentence

ZDNet Zero Day - Wed, 10/24/2018 - 17:03
Hacker was released on parole from Romanian prison this week and is now eligible for a second US extradition to serve 52 months in a US prison on a 2016 sentence.
Categories: Security News

Microsoft sees 25 percent rise in US law enforcement requests

ZDNet Zero Day - Wed, 10/24/2018 - 13:50
Law enforcement requests numbers stayed the same at the global level, but saw a spike in the US.
Categories: Security News

Meet the malware which turns your smartphone into a mobile proxy

ZDNet Zero Day - Wed, 10/24/2018 - 11:52
The proxies can be used to circumvent internal network security controls.
Categories: Security News

Most enterprise vulnerabilities remain unpatched a month after discovery

ZDNet Zero Day - Wed, 10/24/2018 - 08:00
More bugs are being squashed by the enterprise, but the time it takes to do so leaves organizations at risk.
Categories: Security News

Mozilla will match all donations to the Tor Project

ZDNet Zero Day - Wed, 10/24/2018 - 07:54
Mozilla gives back to the Tor Project after it embedded multiple Tor Browser features into Firefox.
Categories: Security News

This botnet snares your smart devices to perform DDoS attacks with a little help from Mirai

ZDNet Zero Day - Wed, 10/24/2018 - 07:32
Chalubo is a new botnet which is being used in attacks against servers and IoT devices.
Categories: Security News

China's Hacking of the Border Gateway Protocol

Schneier on Security - Wed, 10/24/2018 - 06:00
This is a long -- and somewhat technical -- paper by Chris C. Demchak and Yuval Shavitt about China's repeated hacking of the Internet Border Gateway Protocol (BGP): "China's Maxim ­ Leave No Access Point Unexploited: The Hidden Story of China Telecom's BGP Hijacking." BGP hacking is how large intelligence agencies manipulate Internet routing to make certain traffic easier to... Bruce Schneier
Categories: Security News

Pocket iNet ISP exposed 73GB of data including secret keys, plain text passwords

ZDNet Zero Day - Wed, 10/24/2018 - 05:17
Updated: The Washington-based ISP's bucket exposed everything from passwords to internal corporate data.
Categories: Security News

Yahoo agrees to pay $50 million to settle data breach lawsuit

ZDNet Zero Day - Wed, 10/24/2018 - 04:18
The company will also provide free credit monitoring services to roughly 200 million people impacted by the cyberattacks.
Categories: Security News

Microsoft Windows zero-day disclosed on Twitter, again

ZDNet Zero Day - Tue, 10/23/2018 - 18:58
Zero-day impacts Windows 10, Server 2016, and Server 2019 only.
Categories: Security News

Magecart group leverages zero-days in 20 Magento extensions

ZDNet Zero Day - Tue, 10/23/2018 - 15:52
Security researcher asks for help in identifying all vulnerable Magento extensions. Only two of 20 currently identified.
Categories: Security News