Blog: In The News
You are here: Home \ Blog
Threatpost editor Mike Mimoso talks with Sergey Lozhkin, senior researcher at Kaspersky Lab’s Global Research and Analysis Team about medical device security and how he was able to access some devices at his local hospital via WiFi. [embedded content]
It’s been difficult to keep track of all the different strains of ransomware that have plagued users over the last year or two. Unlike many of them the latest to grab headlines is spreading through a decidedly old school vector: document-based macros. Named Locky, the ransomware appears to borrow a technique from the Dridex banking malware. Victims...
Xen Project dropped the ball on two important security patches when it released a maintenance update for its popular hypervisor software on Tuesday. On its company blog today, Xen acknowledged what it called an “oversight” and attempted to explain what went wrong. However, absent from its updated blog, is a date that Xen Project expects to...
Not since Stagefright have we had a vulnerability with the scale and reach of the glibc flaw disclosed on Tuesday. “It’s pretty bad; you don’t get bugs of this magnitude too often,” said Dan Kaminsky, researcher, cofounder and chief scientist at White Ops. “The code path is widely exposed and available, and it yields remote...
As sales of IoT devices continue to see year-over-year double digit growth, security experts are urging the wearable industry to put security front and center when it comes to designing fitness tracker hardware, firmware and backend systems. In a report released Wednesday by the IEEE Center for Secure Design, researchers spotlighted six security red flags...
There have been some strides made in the last year, but for the most part, security around the healthcare industry has remained the consummate laggard. In the eyes of many, including Scott Erven, a medical device security advocate who spoke at last week’s Security Analyst Summit, the healthcare sector is a good 10 to 15...
Apple CEO Tim Cook late Tuesday defiantly challenged a U.S federal magistrate judge’s order that it help the FBI break into an iPhone 5c belonging to one of the shooters involved in last December’s attack in San Bernardino, Calif. Cook released a letter last night expressing his opposition to the court order and called for...
Threatpost editor Mike Mimoso talks to HackerOne chief policy officer Katie Moussouris about the U.S. implementation of the Wassenaar Arrangement rules and where things stand close to seven months after the initial draft was pulled off the table for a rewrite. [embedded content]
Glibc, the GNU C library at the core of last year’s GHOST vulnerability, is vulnerable to another critical flaw affecting nearly all Linux machines, as well as API web services and major web frameworks where the code runs. The vulnerability, discovered independently by researchers at Google and Red Hat, has been patched. The flaw, CVE-2015-7547,...
Mike Mimoso and Chris Brook recap last week’s Security Analyst Summit — including lots of IoT and critical infrastructure talk, how a researcher hacked his hospital, news on APTs like Metel and Poseidon, and more. Download: Reflecting_on_SAS_2016.mp3 Music by Chris Gonsalves
... 226227228229230231232233234 ... 243 ... 252 ... 261 ...