Browse archive

January Android security update fixes 5 critical flaws, removes unneeded component

The update fixes 12 issues, five of which are critical.

Demanding accountability: The need for cyber liability

Clarity is key.

Cisco Jabber flaw allows MitM attackers to wiretap communications

A vulnerability in Cisco's Jabber client for Windows can be exploited by attackers.

Difficult to block JavaScript-based ransomware can hit all operating systems

Ransom32 is delivered on the victims' computer in the form of a self-extracting WinRAR archive.

Cisco Systems will be auditing their code for backdoors

Cisco Systems has announced that they will be reviewing the software running on their devices.

Spotlight

When hacking saves lives: Hacking medical devices and implants

Of all the IoT devices out there, none are more crucial to users than the medical devices that help them simplify the management of certain medical conditions or, in the most extreme cases, actually keep living.

An Internet of Things wish list for 2016

While there is certainly plenty of legislation out there to protect citizen’s privacy online, it will be difficult to apply much of it to the kinds of data that will be collected through billions of sensors watching our every move both in the home and when out and about.

Difficult to block JavaScript-based ransomware can hit all operating systems

Ransom32 is delivered on the victims' computer in the form of a self-extracting WinRAR archive. It uses the built-in scripting language to unpack its contents and among the files it unpacks is one called chrome.exe.

Lack of skills and recruiting among challenges facing information security profession

Companies with pressing cyber security needs are finding that there’s a major lack of qualified professionals to fill their positions, which makes them vulnerable to cyber attacks.

Google is testing password-free logins

Infosec pros are moving beyond traditional passwords, and companies are expected to follow in the same direction.

What's New

Flaw in Comcast's home security system lets burglars in without triggering alarm | 6 January 2016. |

Crucial flaw discovered in the Comcast XFINITY Home Security system.
- Scammers target citizens filing tax returns online
EFF: T-Mobile breaks net neutrality rules with Binge On service | 6 January 2016. |

Customers have been complaining about the quality of streamed videos.
- LastPass 4.0 features fresh UX, emergency access, sharing center
Cyber security guidelines for the shipping industry | 6 January 2016. |

A group consisting of several leading shipping organizations and companies has published a set of guidelines to help the global shipping industry.
- Tips for implementing a converged infrastructure
Study: Global cost of cyber crime | 6 January 2016. |

There is significant variation in total cybercrime costs among participating companies.
- HTML5 Security Cheat Sheet

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

DON'T
MISS
Wed, Jan 6th

Linode forces password reset for all users due to suspected breach

LastPass 4.0 features fresh UX, emergency access, sharing center

Cyber security guidelines for the shipping industry

When hacking saves lives: Hacking medical devices and implants

De-anonymizing code authors by analyzing executable binaries

Malware News

Difficult to block JavaScript-based ransomware can hit all operating systems
4 January 2016.

Android users targeted with sophisticated new banking Trojan

9% of all ransomware-infected emails target the UK

Mobile banking threats among the leading malicious financial programs

Asian company is the newest APT threat

Reviews

Google Earth Forensics

Change and configuration auditing with Netwrix Auditor 7.0

Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts

Privacy News

De-anonymizing code authors by analyzing executable binaries
5 January 2016.

Stolen medical information affects 18 out of 20 industries

Human error reduces security offered by encryption apps

New EU rules on data protection put the citizen back in the driving seat

13 million MacKeeper users exposed in data breach

Events

RSA Conference 2016
29 February - 04 March 2016.

Infosecurity Europe 2016
07 June - 09 June 2016.

Editor's choice

When hacking saves lives: Hacking medical devices and implants

Of all the IoT devices out there, none are more crucial to users than medical devices.

De-anonymizing code authors by analyzing executable binaries

A group of researchers that have previously proven that it's possible to de-anonymize programmers by analysing the source code of programs they have created, have now demonstrated that a good result can be also be achieved by analyzing executable binaries of those programs.

Is the Cybersecurity Act of 2015 effective?

While many are decrying the newly signed Cybersecurity Act of 2015 for its privacy issues, DB Networks is taking the Act to task for an equally troublesome reason: It is based on erroneous assumptions, rendering it nearly completely useless at improving cybersecurity.

Facebook drops Flash, adding one more reason for users to stop using it altogether

Facebook recently announced it stopped using Adobe Flash for web videos that appear on its News Feed, Pages and the embedded Facebook video player, instead deploying a video player built around HTML5.

Spotlight

Flaw in Comcast's home security system lets burglars in without triggering alarm | 6 January 2016. |

EFF: T-Mobile breaks net neutrality rules with Binge On service | 6 January 2016. |

Cyber security guidelines for the shipping industry | 6 January 2016. |

Study: Global cost of cyber crime | 6 January 2016. |

Editor's choice