Security news that informs and inspires

All Articles

901 articles:

Decipher Podcast: Rick Altherr

Rick Altherr of Eclypsium joins Dennis Fisher to talk about the company's new research on unsigned device firmware.

Podcast

Changes in Kernel Code Created New Security Bugs in Android Devices

Code changes intended to prevent attacks can wind up creating even more security issus, Google Project Zero warned.

Android

Ransomware Attack Hit Gas Pipeline Facility

A gas compression facility was the victim of a ransomware attack that took its operations offline for two days and required replacement equipment.

Ransomware

OpenSSH Adds Support for U2F Hardware Keys

OpenSSH has added support for hardware security keys that implement the U2F standard.

2fa

Microsoft Pulls Buggy UEFI Security Update

Microsoft has removed the Windows security update addressing issues with third-party boot managers after users complained the updates caused their systems to stop working.

Microsoft, Hardware, Windows

Sale of Corp.com Can Expose Corporate Data

Depending on who winds up buying corp.com, administrators with Active Directory in their networks may wind up with sensitive information unexpectedly leaving the network. Now is the time to check the configuration to make sure they are not using the domain internally.

Dns Security, Active Directory Domain Services, Internet

Senate Bill Would Create Data Protection Agency

Sen. Kirsten Gillibrand has introduced a new bill that would establish a federal Data Protection Agency with privacy oversight.

Privacy

Extensive Fraud Network Found Using Malicious Chrome Extensions

A long-running ad fraud campaign that was using more than 500 malicious Google Chrome extensions has been identified and halted by researchers.

Google, Adware

Decipher Podcast: Riana Pfefferkorn

Riana Pfefferkorn of the Center for Internet and Society at Stanford University joins Dennis Fisher to discuss encryption, privacy, and the draft of the EARN IT Act.

Privacy, Podcast

FBI Says BEC Scam Losses Dwarf Ransomware

The FBI IC3 Internet Crime Report shows more than $1.7 billion in looses from BEC scams, far more than from any other kind of cybercrime activity it tracks.

Ransomware

Browsers Will Block Sites Using Old Versions of TLS

Starting in March 2020, all the major web browsers—Firefox, Chrome, Safari, and Edge—will display warnings when users visit websites that only support Transport Layer Security (TLS) versions 1.0 or 1.1. Users will be unable to visit those sites.

Tls, Browser Security, Ssl Security

US Charges Chinese PLA Members in Equifax Breach

The Department of Justice indicted four members of China's People's Liberation Army in connection with the Equifax data breach in 2017.

China, Apache

Serious Bluetooth Flaw Fixed in Android Update

Google has patched a critical Bluetooth flaw in Android that could give an attacker control of a vulnerable device without any user interaction.

Android, Google

Malware Backdoor Campaign Targets Financial Services

An attack campaign has targeted financial services using a new type of backdoor since early January, FireEye said.

Backdoors, Malware, Financial Institutions

Cisco Fixes CDP Flaws in Routers, Switches

Cisco has patched five serious vulnerabilities that affect routers, switches, and IP phones and cameras with the Cisco Discovery Protocol enabled.

Cisco