Once unthinkable, 1 terabit attacks may soon be the new normal.
More than 20 vulns in SOHOpeless LTE gateway
If you've got a D-Link DWR-932 B LTE router, you might want to fire it into the sun - or hope that a firmware upgrade lands soon.
Hillary Clinton is vowing anew to respond to foreign hacking the same as any other attack against the United States. When she openly blamed Russia for recent U.S. cyber break-ins, Donald Trump wondered ...
InfoArmor says that not only was customer data sold in the underground, but the damage is far more extensive than reported.
Zerodium triples price for iOS exploits, doubles Android bounties to $200,000.
Zerodium triples iOS exploit bounty to $1.5M, doubles 'droid to $200k
Exploit broker Zerodium has tripled its bug bounty for a remote iOS 10 jailbreak vulnerability to US$1.5 million.
8 hours ago Brandis re-identification law proposal slammedZDNet View Synopsis+1
While Health Minister Sussan Ley has apologised for the breach in de-identified medical data, Australia's Attorney-General has come under fire for 'rushing' through legislation.
By Sijia Jiang HONG KONG (Reuters) - Chinese state broadcaster CCTV has slammed South Korean tech giant Samsung Electronics Co for what it said was "discrimination" against China consumers in its handling of a global recall of Galaxy Note 7 smartphones to replace batteries. In a commentary piece posted on its website on Thursday evening, CCTV said Samsung's behavior in China after the Sept. 2 recall of 2.5 million phones was "full of arrogance". CCTV said a video apology Samsung issued to U.S. consumers, along with various replacement options and compensation, was in stark contrast to its treatment of those in China, where the company issued a brief statement saying most phones didn't need to be replaced.
The RIG exploit kit recently stopped distributing Tofsee and cybercriminals have decided to use the botnet's own spamming capabilities to deliver the malware, Cisco's Talos team reported on Thursday.
The latest ISMG Security Report leads off with a discussion with DataBreachToday Executive Editor Mathew J. Schwartz on why online cybercrime is growing. Also, the latest status of the U.S. government's cyberthreat information sharing initiative.
7 minutes ago Who Is At Fault For A Security Breach?Forbes View Synopsis+1
Changing roles as security goes the way of the cloud revolution
A new report reveals that one in three businesses experienced an insider attack in the past year. More devices with more access are putting sensitive info in the hands of everyone: Spies included.
Data Exfiltration is arguably the most important target for a security researcher to identify. The seemingly endless breaches of major corporations are done via channels of various stealth, and an endless array of methods exist to communicate the data to remote endpoints while bypassing Intrusion Detection Systems, Intrusion Prevention Systems, firewalls, and proxies. This research examines a novel way to perform this data exfiltration, utilizing port knocking over User Datagram Protocol. It focuses specifically on the ease at which this can be done, the relatively low signal to noise ratio of the resultant traffic, and the plausible deniability of receiving the exfiltration data. Particular attention is spent on an implemented Proof of Concept, while the complete source code may be found in the Appendix.
Cisco inadvertently introduced a critical vulnerability in its email security appliances by forgetting to remove an internal testing interface from software releases made available to customers.
7 minutes ago Fancy Bear's Sloppy Mac MalwareInfoRiskToday View Synopsis+1
Russian Hacking Group's Latest Malware? Not So FancyA new kind of malware for Mac OS X has been linked to Fancy Bear, the Russian group suspected of hacking the DNC and the World Anti-Doping Agency. But the malware only poses a low risk to users, experts say.
The US Food and Drug Administration hasn't had an OPM-style breach, but it's left plenty of doors wide open, says government watchdog GAO.
26 minutes ago Cracking iOS 10 security will net you $1.5 millionYahoo Security View Synopsis+1
The iPhone is one of the most secure devices you can purchase these days, but Apple's security is far from being hack-proof. iOS 10 has already been jailbroken, although the jailbreakÂ isn't yet available to the masses. That means there are vulnerabilities in the code that hackers can use to get access to the phone. And a company thatÂ sells such exploits has raised its bug bounty for iPhone zero-day attacks - the kind of vulnerabilities that Apple hasn't yet discovered - to $1.5 million. DON'T MISS:Â Yup, now the iPhone 7 is exploding Zerodium is the exploit broker that's willing to pay $500,000 more than last year's $1 million bounty for similar hacks. As Wired reports , the money will go to anyone who can perform a remote jailbreak of an iPhone running iOS 10. In 2015, Zerodium was offeringÂ $500,000 for iOS 9 bugs. Comparatively, Android and Windows Phone bugs paid for up to $100,000.Â This year, Android 7.0 Nougat vulnerabilities canÂ net a hacker up to $200,000, but iOS 10 is still the most lucrative option. "We've increased the price due to the increased security for both iOS 10 and Android 7," company founder Chaouki Bekrar told Wired . "We would like to attract more researchers all year long." Bekrar, who also founded French hacking firm Vupen, said that Zerodium's clients are mostly North American governments and corporations, and government agencies in allied countries. Vupen also develops its own software intrusion techniques for private clients, mostly governments.
37 minutes ago NHS trusts "˜complacent' on cloud app security risksThe Register View Synopsis+1
Do we block unsanctioned ones? Well half of us think we do...
Almost half of NHS Trusts make no attempt to monitor cloud app usage, according to the results of a Freedom of Information request.
WASHINGTON (AP) - The Latest on the U.S. presidential race (all times EDT):
Building automation products from American Auto-Matrix are affected by a couple of high-severity vulnerabilities that allow remote hackers to compromise the affected system, ICS-CERT warned on Thursday.
Private exploit seller Zerodium has tripled the price of iOS rewards -- and Android is on the radar, too.
Says five-strong 'Group E' may have lifted a billion Yahoo! records, sells to states
Five hackers are said to be behind breaches totalling up to a staggering three billion credentials from some of the world's biggest tech companies including the Yahoo! breach that led to the loss of 500 million credentials.