Post

Visualizzazione dei post da 2016

Russia Hysteria Infects WashPost Again: False Story About Hacking U.S. Electric Grid

https://theintercept.com/2016/12/31/russia-hysteria-infects-washpost-again-false-story-about-hacking-u-s-electric-grid/

Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say

https://www.washingtonpost.com/world/national-security/russian-hackers-penetrated-us-electricity-grid-through-a-utility-in-vermont/2016/12/30/8fc90cc4-ceec-11e6-b8a2-8c2a61b0436f_story.html

GRIZZLY STEPPE – Russian Malicious Cyber Activity

https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY%20STEPPE-2016-1229.pdf

Watch a drone hack a room full of smart lightbulbs from outside the window

http://www.theverge.com/2016/11/3/13507126/iot-drone-hack

For two years, criminals stole sensitive information using malware hidden in individual pixels of ad banners

http://boingboing.net/2016/12/07/for-two-years-criminals-stole.html

TalkTalk and Post Office routers hit by cyber-attack - BBC News

http://www.bbc.com/news/technology-38167453

New Mirai Worm Knocks 900K Germans Offline — Krebs on Security

https://krebsonsecurity.com/2016/11/new-mirai-worm-knocks-900k-germans-offline/

Come violare 18app per avere il Bonus Cultura infinito (responsible disclosure)

https://lmilano.blogspot.com/2016/11/come-violare-18app-per-avere-il-bonus.html

Hackers stole Tesla car using App

http://www.ehackingnews.com/2016/11/hackers-stole-tesla-car-using-app.html

Vulnerabilities in McAfee enterprise system gives hacker root access

http://www.ehackingnews.com/2016/12/vulnerabilities-in-mcafee-enterprise.html

Venezuelan Army Website Hacked, Details of 3,000 Accounts Exposed

http://news.softpedia.com/news/venezuelan-army-website-hacked-details-of-3-000-accounts-exposed-510676.shtml

Russian central bank, private banks lose $31 mln in cyber attacks

http://www.reuters.com/article/us-russia-cenbank-cyberattack-idUSKBN13R1TO

PayPal proffers patch for OAuth app hack hole

http://www.theregister.co.uk/2016/11/30/paypal_proffers_patch_for_oauth_app_hack_hole/

Hackers Are Trading Hundreds of Thousands of xHamster Porn Account Details

http://motherboard.vice.com/read/hackers-are-trading-hundreds-of-thousands-of-xhamster-porn-account-details

Saudi Arabia Has Just Suffered a Series of Major Cyber Hack Attacks

https://www.bloomberg.com/news/articles/2016-12-01/destructive-hacks-strike-saudi-arabia-posing-challenge-to-trump

SF’s Transit Hack Could’ve Been Way Worse—And Cities Need to Get Ready

https://www.wired.com/2016/11/sfs-transit-hack-couldve-way-worse-cities-must-prepare/

Hackers accessed personal data of 130.000 US Navy Sailors

http://fortune.com/2016/11/24/hackers-130000-navy-sailors-personal-data/

Switcher: Android joins the ‘attack-the-router’ club - Securelist

https://securelist.com/blog/mobile/76969/switcher-android-joins-the-attack-the-router-club/

Trio charged with $4m insider trading by hacking merger lawyers • The Register

http://www.theregister.co.uk/2016/12/28/trio_charged_with_4m_insider_trading_by_hacking_merger_lawyers/

Energy firm points to hackers after Kiev power outage • The Register

http://www.theregister.co.uk/2016/12/21/ukraine_electricity_outage/

Hacker breaches the US agency that certifies voting machines

https://flipboard.com/@flipboard/flip.it%2FTEMblP-hacker-breaches-the-us-agency-that-cert/f-45de8cf3f3%2Fengadget.com

Researchers find ‘fatal’ security flaws in 10 different medical devices

http://www.digitaltrends.com/computing/fatal-security-medical-devices/

Report: $3-5M in Ad Fraud Daily from ‘Methbot’ — Krebs on Security

https://krebsonsecurity.com/2016/12/report-3-5m-in-ad-fraud-daily-from-methbot/

Home routers under attack in ongoing malvertisement blitz

http://arstechnica.com/security/2016/12/home-routers-under-attack-in-ongoing-malvertisement-blitz/

Evolved DNSChanger malware slings evil ads at PCs, hijacks routers • The Register

http://www.theregister.co.uk/2016/12/20/new_dnschanger_exploit_kit_goes_after_166_types_of_router/

Dear hackers, Ubuntu's app crash reporter will happily execute your evil code on a victim's box • The Register

http://www.theregister.co.uk/2016/12/15/researcher_details_justpatched_pwnage_flaws_in_ubuntu/

Insurers handling 'hundreds' of breach claims - BBC News

http://www.bbc.com/news/technology-38346427

Slovak Chamber of Commerce and Industry Hacked

http://news.softpedia.com/news/slovak-chamber-of-commerce-and-industry-hacked-511094.shtml?utm_content=buffer40c76&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

Another Canadian uni hit by ransomware, students told to keep Windows PCs away

http://www.theregister.co.uk/2016/11/29/canadian_uni_prey_to_ransomware/

Carleton University computers being held hostage for bitcoin

http://www.cbc.ca/news/technology/ransomware-carleton-university-computers-bitcoin-infects-1.3872702

BlackEnergy power plant hackers target Ukrainian banks • The Register

http://www.theregister.co.uk/2016/12/15/ukraine_banks_apt/

Security! experts! slam! Yahoo! management! for! using! old! crypto! • The Register

http://www.theregister.co.uk/2016/12/15/yahoos_password_hash/

Yahoo!, scoperta la falla informatica più grande di sempre: "Oltre un miliardo di utenti a rischio"

http://www.repubblica.it/tecnologia/sicurezza/2016/12/15/news/yahoo_scoperta_una_falla_enorme_oltre_un_miliardo_di_utenti_a_rischio_-154131833/

Infosec bods: This is a backdoor in Skype for Macs. Microsoft: No. • The Register

http://www.theregister.co.uk/2016/12/14/skype_mac_backdoor_fears/

P0wnographer finds remote code exec bug in McAfee enterprise • The Register

http://www.theregister.co.uk/2016/12/13/boffin_dishes_10_mcafee_enterprise_bugs_for_chained_rce_root_death/

US-CERT's top tip: Hack your crap Netgear router before miscreants arrive • The Register

http://www.theregister.co.uk/2016/12/13/netgear_r7000_r6400_r8000_security/

Netgear routers have gaping remote access hole Naked Security

https://nakedsecurity.sophos.com/2016/12/12/netgear-routers-have-gaping-remote-access-hole/

Kentucky pried chicken: Fried grease chain's loyalty club hacked • The Register

http://www.theregister.co.uk/2016/12/12/why_did_the_chicken_cross_the_road_cos_kfcs_been_hacked/

Microsoft Edge's malware alerts can be faked, researcher says • The Register

http://www.theregister.co.uk/2016/12/12/microsoft_edges_malware_alerts_can_be_faked/

'I found a bug that let anyone read anyone's Yahoo! Mail and all I got was this $10k check' • The Register

http://www.theregister.co.uk/2016/12/09/yahoo_mail_bug_bounty/

Fatal flaw found in PricewaterhouseCoopers SAP security software • The Register

http://www.theregister.co.uk/2016/12/09/fatal_flaw_in_pricewaterhousecoopers_sap_software/

Mirai variant turns TalkTalk routers into zombie botnet agents • The Register

http://www.theregister.co.uk/2016/12/08/talktalk_routers_may_be_botnet_imperva_says/

Real deal: Hackers steal steelmaker trade secrets • The Register

http://www.theregister.co.uk/2016/12/08/hackers_steal_steelmaker_secrets/

Sigh... 'Hundreds of thousands' of... sigh, web CCTV cams still at risk of... sigh, hijacking • The Register

http://www.theregister.co.uk/2016/12/07/ip_cameras_unpatched/

Need Xmas ideas? Try CVE-2015-7645, a Flash gift that keeps on giving • The Register

http://www.theregister.co.uk/2016/12/08/need_xmas_ideas_try_cve20157645_a_flash_gift_that_keeps_on_giving/

Argentinian Government Site Suffers Major Breach, Personal Information Exposed

http://news.softpedia.com/news/argentinian-government-site-suffers-major-breach-personal-information-exposed-510780.shtml

The Medical Reports Of 43, 000 People, Including HIV Patients, Were Accidentally Released Online

https://www.buzzfeed.com/pranavdixit/the-medical-reports-of-43000-people-including-hiv-patients-w

Access Denied

http://www.us-cert.gov/ncas/alerts/TA16-336A

Fatal flaws in ten pacemakers make for Denial of Life attacks • The Register

http://www.theregister.co.uk/2016/12/01/denial_of_life_attacks_on_pacemakers/

GET pwned: Web CCTV cams can be hijacked by single HTTP request • The Register

http://www.theregister.co.uk/2016/11/30/iot_cameras_compromised_by_long_url/

Android-rooting Gooligan malware infects 1 million devices • The Register

http://www.theregister.co.uk/2016/11/30/gooligan_android_malware/

Hackers reuse passwords to access 26,500 National Lottery accounts – Naked Security

https://nakedsecurity.sophos.com/2016/11/30/hackers-reuse-passwords-to-access-26500-national-lottery-accounts/

Hackers crack Liechtenstein banks, demand ransoms • The Register

http://www.theregister.co.uk/2016/11/29/liechtenstein_bank_breaches/

'Mirai bots' cyber-blitz 1m German broadband routers – and your ISP could be next

http://www.theregister.co.uk/2016/11/28/router_flaw_exploited_in_massive_attack/

Newly discovered router flaw being hammered by in-the-wild attacks

http://arstechnica.com/security/2016/11/notorious-iot-botnets-weaponize-new-flaw-found-in-millions-of-home-routers/

San Francisco Rail System Hacker Hacked — Krebs on Security

https://krebsonsecurity.com/2016/11/san-francisco-rail-system-hacker-hacked/

Hackers Hold SFMTA's Computer Network Hostage For $73k Ransom | Hoodline

http://www.hoodline.com/2016/11/hackers-hold-sfmta-s-computer-network-hostage-for-73k-ransom

Japan investigating defence network break-in • The Register

http://www.theregister.co.uk/2016/11/28/japan_investigating_defence_network_breakin/

Passengers ride free on SF Muni subway after ransomware hits 2,100 systems, demands $73k • The Register

http://www.theregister.co.uk/2016/11/27/san_francisco_muni_ransomware/

Microsoft update servers left all Azure RHEL instances hackable • The Register

http://www.theregister.co.uk/2016/11/28/microsoft_update_servers_left_all_azure_rhel_instances_hackable/

Poison .JPG spreading ransomware through Facebook Messenger • The Register

http://www.theregister.co.uk/2016/11/25/selfharming_jpg_hack_hole_may_be_key_to_lockys_fb_spread/

Irish Law Firms Suffer 50 percent Rise in Cyber Crimes

http://www.ehackingnews.com/2016/11/irish-law-firms-suffer-50-percent-rise.html

Attackers use ancient zero-day to pop Asian banks, govts • The Register

http://www.theregister.co.uk/2016/11/24/attackers_use_yearsold_software_zero_day_to_pop_asia_pac_banks_govts/

Men overboard! US Navy spills data on 134k sailors • The Register

http://www.theregister.co.uk/2016/11/24/in_the_navy_we_sink_thanks_hpe_in_the_navy_we_lose_data_with_ease/

Malware that turns PCs into eavesdropping devices demonstrated by Ben-Gurion U.

https://www.eurekalert.org/pub_releases/2016-11/aabu-mtt112216.php

WordPress auto-update server had flaw allowing anyone to add anything to websites worldwide • The Register

http://www.theregister.co.uk/2016/11/23/wordpress_auto_update_flaw/

Comcast is the honey badger of ISPs – injects pop-ups into browsers, doesn't give a fsck • The Register

http://www.theregister.co.uk/2016/11/23/comcast_shrugs_off_critique_of_injected_notifications/

Un grupo de ‘hackers’ ataca cajeros para que expulsen billetes de forma remota

http://tecnologia.elpais.com/tecnologia/2016/11/22/actualidad/1479829002_717742.html

La tasadora del Santander denuncia la entrada de piratas informáticos en su web

http://economia.elpais.com/economia/2016/11/22/actualidad/1479845903_707278.html

The Capgemini leak of Michael Page data via publicly facing database backup

https://www.troyhunt.com/the-capgemini-leak-of-michael-page-data-via-publicly-facing-database-backup/

Surprise! Another insecure web-connected CCTV cam needs fixing • The Register

http://www.theregister.co.uk/2016/11/21/surprise_another_insecure_cctv_camera/

Office Depot halts PC Health Checks amid bogus infection claims • The Register

http://www.theregister.co.uk/2016/11/22/office_depot_halts_pc_health_checks_fraud_claims/

Surveillance camera compromised in 98 seconds

http://www.theregister.co.uk/2016/11/18/surveillance_camera_compromised_in_98_seconds/

Secret Back Door in Some U.S. Phones Sent Data to China, Analysts Say

http://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html

Hacker Breaks into Italian Government Website, 45,000 Users Exposed

http://news.softpedia.com/news/hacker-breaks-into-italian-government-website-45-000-users-exposed-510332.shtml

Wickedly clever USB stick installs a backdoor on locked PCs

https://www.wired.com/2016/11/wickedly-clever-usb-stick-installs-backdoor-locked-pcs/

Major Linux security hole gapes open | ZDNet

http://www.zdnet.com/article/major-linux-security-hole-gapes-open/

Three Mobile's database hacked, data of millions at risk

http://www.ehackingnews.com/2016/11/three-mobiles-database-hacked-data-of.html

Millions of brand-new Android phones come with a massive built-in security flaw

http://bgr.com/2016/11/21/ragentek-android-backdoor-malware/

More Androids carry phone-home firmware • The Register

http://www.theregister.co.uk/2016/11/20/more_androids_carry_phonehome_firmware/

Bucato sito della Funzione Pubblica: 17enne ruba oltre 9mila credenziali

http://www.repubblica.it/tecnologia/sicurezza/2016/11/19/news/attacco_hacker_al_sito_funzione_pubblica-152363893/

Cybercriminals can steal all your passwords from thin air with this $25 Wi-Fi hack

http://www.ibtimes.co.uk/cybercriminals-can-steal-all-your-passwords-thin-air-this-25-wi-fi-hack-1591458

Adult FriendFinder users get their privates exposed... again – reports • The Register

http://www.theregister.co.uk/2016/11/14/adultfriendfinder_alleged_leak/

Paraguay Embassy website hacked in Taiwan

http://www.ehackingnews.com/2016/11/paraguay-embassy-website-hacked-in.html

Google Pixel pwned in 60 seconds • The Register

http://www.theregister.co.uk/2016/11/11/google_pixel_pwned_in_60_seconds/

Self-Propagating Smart Light Bulb Worm - Schneier on Security

https://www.schneier.com/blog/archives/2016/11/self-propagatin.html

El Paso city bungs $3.2m to email crooks pretending to be bosses

http://www.theregister.co.uk/2016/11/04/el_paso_loses_32m_to_email_scammers/

Seven websites of Indian Embassy hacked, database leaked

http://www.ehackingnews.com/2016/11/seven-websites-of-indian-embassy-hacked.html?m=1

Un malware Android era in grado di scaricarsi su una SD in maniera silente

http://www.tuttoandroid.net/virus-android/malware-android-scaricarsi-sd-silente-427390/

Police arrested a hacker who triggered a DDoS attack on the 911 emergency call system

https://flipboard.com/@flipboard/flip.it%2FbLqLl3-police-arrested-a-hacker-who-triggered-/f-7c8d70bc3a%2Ftheverge.com

Finns chilling as DDoS knocks out building control system • The Register

http://www.theregister.co.uk/2016/11/09/finns_chilling_as_ddos_knocks_out_building_control_system/

Huge embarrassment over fisting site data breach

http://www.theregister.co.uk/2016/05/11/embarassing_data_breach/

Arizona man arrested for hacking email accounts at universities

http://www.reuters.com/article/us-usa-cyber-universities-idUSKBN12X2MG

Google to patch Chrome mobile hole after bank trojan hits 318k users • The Register

http://www.theregister.co.uk/2016/11/08/google_to_patch_chrome_mobile_hole_after_bank_trojan_hits_318k_users/

Android's Hover feature is a data HOOVER • The Register

http://www.theregister.co.uk/2016/11/08/androids_hover_/

Cerber ransomware menace now targeting databases • The Register

http://www.theregister.co.uk/2016/11/07/cerber_ransomware_menace_up_ante_now_targeting_businesses/

Password reset warrior arrested for popping 1050 student accounts

http://www.theregister.co.uk/2016/11/07/password_reset_warrior_arrested_for_popping_1050_ny_uni_accounts/

Cisco's job applications site leaked personal data

http://www.theregister.co.uk/2016/11/06/cisco_data_leak/

Tesco Bank: 20,000 customers lose money - BBC News

http://www.bbc.com/news/business-37891742

Nota senza titolo

http://www.theregister.co.uk/2016/11/04/el_paso_loses_32m_to_email_scammers/

BBC News: Why Windows hack is being blamed on Russia-linked group

http://www.bbc.co.uk/news/technology-37847070

Liberia DDoS blamed on Mirai IoT botnet • The Register

http://www.theregister.co.uk/2016/11/04/liberia_ddos/

UK hospitals shut down by malware, advise patients to go somewhere else for the duration

http://boingboing.net/2016/11/03/uk-hospitals-shut-down-by-malw.html

Leaks password, check. Leaks Wi-Fi password, check. Can be spoofed, check. Ding! We have an Internet of S**t winner • The Register

http://www.theregister.co.uk/2016/11/03/iot_cctv_vulnerabilities/

Bookmakers William Hill under siege from DDoS internet flood • The Register

http://www.theregister.co.uk/2016/11/02/william_hill_ddos/

Universal hijack hole turns DIY Wix blogs into botnets • The Register

http://www.theregister.co.uk/2016/11/03/universal_hijack_hole_sees_wix_sht_bricks/

Hackers hustle to hassle un-patched Joomla! sites • The Register

http://www.theregister.co.uk/2016/11/02/hurried_crims_target_30000_sites_to_pop_unpatched_joomla/

Multiple RCE flaws found in Memcached web speed tool • The Register

http://www.theregister.co.uk/2016/11/02/multiple_rce_flaws_found_in_super_popular_memcached_speed_tool/

Teen pleads guilty to creating DDoS tool used in 1.7 million attacks Naked Security

https://nakedsecurity.sophos.com/2016/11/03/teen-pleads-guilty-to-creating-ddos-tool-used-in-1-7-million-attacks/

Freeze ...SCADA! Flaw lets hackers peel away Human Machine Interface • The Register

http://www.theregister.co.uk/2016/11/01/schneider_ics_vuln_again/

Nymaim malware got a major 'upgrade', says Verint • The Register

http://www.theregister.co.uk/2016/11/01/nymaim_malware_got_a_major_upgrade_says_verint/

Docker user? Haven't patched Dirty COW yet? Bad news … • The Register

http://www.theregister.co.uk/2016/11/01/docker_user_havent_patched_dirty_cow_yet_bad_news/

Google drops a zero-day on Microsoft: Web giant goes public with bug exploited by hackers • The Register

http://www.theregister.co.uk/2016/10/31/google_drops_zero_day_on_tardy_microsoft/

Google Online Security Blog: Disclosing vulnerabilities to protect users

http://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html

Appointments on hold as (computer) virus wreaks havoc with NHS trust systems • The Register

http://www.theregister.co.uk/2016/10/31/virus_shuts_down_nhs_trust/

Windows Atom Tables popped by security researchers

http://www.theregister.co.uk/2016/10/28/windows_atom_tables_popped_by_security_researchers/

È stato condannato l'hacker che rubò le foto delle attrici famose - Il Post

http://www.ilpost.it/2016/10/28/hacker-foto-attrici-famose/

The Red Cross Blood Service: Australia's largest ever leak of personal data

https://www.troyhunt.com/the-red-cross-blood-service-australias-largest-ever-leak-of-personal-data/

Contractor behind Australia's biggest-ever data breach revealed

http://www.itnews.com.au/news/contractor-behind-australias-biggest-ever-data-breach-revealed-440339

How Hackers Broke Into John Podesta and Colin Powell’s Gmail Accounts

http://motherboard.vice.com/read/how-hackers-broke-into-john-podesta-and-colin-powells-gmail-accounts

Schneider Electric plugs gaping hole in industrial control kit

http://www.theregister.co.uk/2016/10/27/schneider_plugs_gaping_industrial_control_security_flaw/

Hacking 3D manufacturing systems demonstrated by researchers - Help Net Security

https://www.helpnetsecurity.com/2016/10/21/hacking-3d-manufacturing-systems/

Malicious JPEGs can compromise your iPhone - Help Net Security

https://www.helpnetsecurity.com/2016/10/27/jpegs-compromise-iphone/

How Google's Project Zero made Apple refactor its kernel

http://www.theregister.co.uk/2016/10/27/how_googles_project_zero_made_apple_refactor_its_kernel/

PayPal patches bone-headed two factor authentication bypass

http://www.theregister.co.uk/2016/10/27/paypal_2fa_flaw/

Internet of S**t things claims another scalp: DNS DDoS smashes StarHub

http://www.theregister.co.uk/2016/10/27/starhub_dns_hosed_by_starhubs_customers_infected_kit/

Three LibTIFF bugs found, only two patched • The Register

http://www.theregister.co.uk/2016/10/27/three_libtiff_bugs_found_only_two_patched/

Joomla! squashes critical privileged account creation holes • The Register

http://www.theregister.co.uk/2016/10/27/joomla_squashes_critical_privileged_account_creation_holes/

Adobe emits emergency patch for Flash hole malware is exploiting right this minute • The Register

http://www.theregister.co.uk/2016/10/26/adobe_patches_fresh_flash_zeroday/

This is not a drill: Hackers pop stock Nexus 6P in five minutes

http://www.theregister.co.uk/2016/10/26/hackers_pop_stock_nexus_6p_in_five_minutes/

Webcam richiamate dopo l'attacco hacker a Twitter e Reddit

http://www.repubblica.it/tecnologia/sicurezza/2016/10/25/news/richiamate_le_telecamere_utilizzate_dagli_hacker_per_attaccare_twitter_e_reddit-150531521/

Graduate recruitment site exposed 50,000 CVs sent to Virgin Media UK

http://www.theregister.co.uk/2016/10/25/virgin_media_uk_site_exposed_50000_resumes/

Joomla! readies patch for core vulnerability so critical it isn't talking

http://www.theregister.co.uk/2016/10/25/joomla_readies_patch_for_core_vulnerability_so_critical_it_isnt_talking/

It's nearly 2017 and JPEGs, PDFs, font files can hijack your Apple Mac, iPhone, iPad

http://www.theregister.co.uk/2016/10/24/apple_security_update/

App proves Rowhammer can be exploited to root Android phones – and there's little Google can do to fully kill it

http://www.theregister.co.uk/2016/10/24/rowhammer_android/

Ageing GSM crypto cracked on commodity graphics rig • The Register

http://www.theregister.co.uk/2016/10/24/cracking_2g_gsm/

Every LTE call, text, can be intercepted, blacked out, hacker finds

http://www.theregister.co.uk/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/

Hackers Sell $7,500 IoT Cannon To Bring Down The Web Again

http://www.forbes.com/sites/thomasbrewster/2016/10/23/massive-ddos-iot-botnet-for-hire-twitter-dyn-amazon/

Paypal 2FA Bypass

https://henryhoggard.co.uk/blog/Paypal-2FA-Bypass

Pacemaker maker St Jude faces new security flaw claims from biz short-selling its stock • The Register

http://www.theregister.co.uk/2016/10/22/st_jude_new_security_claims/

Como–D'oh! Infosec duo exploits OCR flaw to nab a website's HTTPS cert • The Register

http://www.theregister.co.uk/2016/10/21/comodoh_researchers_exploit_image_recognition_bug_to_steal_certs/

Chinese hackers targeted US aircraft carrier

https://www.ft.com/content/b03bc7f0-9745-11e6-a1dc-bdf38d484582

VESK coughs up £18k in ransomware attack • The Register

http://www.theregister.co.uk/2016/09/29/vesk_coughs_up_18k_in_ransomware_attack/

And! it! begins! Yahoo! sued! over! ultra-hack! of! 500m! accounts! • The Register

http://www.theregister.co.uk/2016/09/24/yahoo_sued_hack/

College student hacked college system to change grades - E Hacker News

http://www.ehackingnews.com/2016/09/college-student-hacked-college-system.html

www.nytimes.com

http://www.nytimes.com/2016/09/29/technology/yahoo-data-breach-hacking.html?_r=1

D-Link DWR-932 B owner? Trash it, says security bug-hunter • The Register

http://www.theregister.co.uk/2016/09/29/dlink_dwr932_b_owner_trash_it_says_security_bughunter/

152k cameras in 990Gbps record-breaking dual DDoS • The Register

http://www.theregister.co.uk/2016/09/27/152463_hacked_cameras_deliver_990gbps_recordbreaking_dual_ddos/

Source code unleashed for junk-blasting Internet of Things botnet • The Register

http://www.theregister.co.uk/2016/10/03/iot_botnet/

Internet of Things comes back to bite us as hackers spread botnet code

http://www.usatoday.com/story/tech/news/2016/10/03/internet-things-brian-krebs-ddos-attack-distributed-denial-of-service/91481588/

Attenzione al virus xic.graphics che arriva come messaggio di Facebook | Computerworld

http://www.cwi.it/attenzione-al-virus-xic-graphics-arriva-messaggio-facebook_94832/

Revealed: How one Amazon Kindle scam made millions of dollars | ZDNet

http://www.zdnet.com/article/exclusive-inside-a-million-dollar-amazon-kindle-catfishing-scam/

Let's not meet up with JPEG 2000 – researchers find security hole in image codec • The Register

http://www.theregister.co.uk/2016/10/04/jpeg_2000_security_hole/

TalkTalk fined £400K for mistakes that led to 2015 hack

https://www.engadget.com/2016/10/05/talktalk-400-000-ico-hack-fine/

These diabetes pumps obey unencrypted radio commands – which is, frankly, f*%king stupid • The Register

http://www.theregister.co.uk/2016/10/05/animas_diabetes_pump_flaw/

Mac malware lies in wait for YOU to start a vid sesh... • The Register

http://www.theregister.co.uk/2016/10/06/sneaky_mac_webcam_hijack_malware/

Malware diffusi tramite gli avvisi pubblicitari di Spotify su PC e Mac - HDblog.it

http://windows.hdblog.it/2016/10/06/spotify-malware-attacco-pc-mac/

Amazon finds cache of reused passwords: change yours now! Naked Security

https://nakedsecurity.sophos.com/2016/10/11/amazon-finds-cache-of-reused-passwords-change-yours-now/

NHS attacked by ransomware 'dozens' of times - SC Magazine UK

http://www.scmagazineuk.com/nhs-attacked-by-ransomware-dozens-of-times/article/546557/

Four vulnerabilities found in Dell SonicWALL Email Security virtual appliance application - Help Net Security

https://www.helpnetsecurity.com/2016/10/12/sonicwall-email-security-vulnerabilities/

Personal info on more than 58 million people spills onto the web from data slurp biz • The Register

http://www.theregister.co.uk/2016/10/13/us_data_aggregator_megabreach/

Outlook-on-Android alternative 'Nine' leaked Exchange Server creds • The Register

http://www.theregister.co.uk/2016/10/17/outlook_app_slapped_in_maninthemiddle_diddle/

Audit sees VeraCrypt kill critical password recovery, cipher flaws • The Register

http://www.theregister.co.uk/2016/10/18/veracrypt_audit/

Oracle puts out 253 fixes and a request to please apply patches NOW! Naked Security

https://nakedsecurity.sophos.com/2016/10/19/oracle-puts-out-253-fixes-and-a-request-to-please-apply-patches-now/

33 million CLEARTEXT creds for Russian IM site dumped by chap behind Last.FM mess • The Register

http://www.theregister.co.uk/2016/09/12/qipru_breach/

Peccant pwners post 670,000 Pokémon punter MD5 passwords • The Register

http://www.theregister.co.uk/2016/09/12/peccant_pwners_post_670000_pokemon_punter_md5_passwords/

Queensland TAFE suffers security breach, student data accessed | Delimiter

https://delimiter.com.au/2015/11/13/queensland-tafe-suffers-security-breach-student-data-accessed/

Logins for US Navy, NASA's JPL among US gov logins sold on deepweb • The Register

http://www.theregister.co.uk/2016/09/14/nasas_jpl_navy_part_of_thousands_of_us_gov_logins_sold_on_deepweb/

IP telephony biz VoIPtalk quietly admits to possible data breach • The Register

http://www.theregister.co.uk/2016/09/13/voiptalk_suspected_breach/

Researcher reports XSS hole in Google France • The Register

http://www.theregister.co.uk/2016/09/14/google_france_xss/

Cisco drops patch for nasty WebEx remote code execution hole • The Register

http://www.theregister.co.uk/2016/09/16/cisco_webex_patch/

FBI investigating City Hall 'ransomware' attack - News - Sarasota Herald-Tribune - Sarasota, FL

http://www.heraldtribune.com/news/20160824/fbi-investigating-city-hall-ransomware-attack

Medical device cyber attacks on rise - E Hacker News

http://www.ehackingnews.com/2016/09/medical-device-cyber-attacks-on-rise.html

Going, going, done: Trio of prolific auction fraud fraudsters jailed • The Register

http://www.theregister.co.uk/2016/09/20/auction_fraud_trio_jailed/

Mobile review website MoDaCo coughs to data breach • The Register

http://www.theregister.co.uk/2016/09/20/modaco_breach/

Police: Student hacks into Kennesaw State's system changes grades steals personal data - Story | WAGA

http://www.fox5atlanta.com/news/206545219-story

Maker of smart vibrator sued for snooping on customers use Naked Security

https://nakedsecurity.sophos.com/2016/09/20/maker-of-smart-vibrator-sued-for-snooping-on-customers-use/

Security Advisories Relating to Symantec Products - Symantec Decomposer Engine Security Update - 2016-09-19T02:37:38 PDT| Symantec

https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160919_00

BT's Wi-Fi Extender works great – at extending your password to hackers • The Register

http://www.theregister.co.uk/2016/09/21/bt_wifi_booster_fix/

Greybeards beware: Hair dye for blokes outfit Just For Men served trojan • The Register

http://www.theregister.co.uk/2016/09/21/just_for_men_serves_passwordstealing_trojan/

Victoria Police warn of malware-laden USB sticks in letterboxes • The Register

http://www.theregister.co.uk/2016/09/21/letterbox_usb_police_warning/

Pramworld admits mailing list breach • The Register

http://www.theregister.co.uk/2016/09/16/pramworld_breach/

Which voting machines can be hacked through the Internet?

https://freedom-to-tinker.com/2016/09/20/which-voting-machines-can-be-hacked-through-the-internet/

Mozilla wants woeful WoSign certs off the list • The Register

http://www.theregister.co.uk/2016/09/27/mozilla_wants_woeful_wosign_certs_off_the_list/

Patch AGAIN: OpenSSL security fixes now need their own security fixes

http://www.theregister.co.uk/2016/09/26/openssl_patches_last_weeks_patch/

4.5 million web servers have private keys that are publicly known! Naked Security

https://nakedsecurity.sophos.com/2016/09/12/4-5-million-web-servers-have-private-keys-that-are-publicly-known/

Microsoft Patches Zero Day Flaw Used In Two Massive Malvertising Campaigns

http://www.darkreading.com/attacks-breaches/microsoft-patches-zero-day-flaw-used-in-two-massive-malvertising-campaigns/d/d-id/1326908?_mc=sm_dr&hootPostID=24b950465f4f7252b2558e544825d7ab

Indonesian arrested for playing porn on public billboard - E Hacker News

http://www.ehackingnews.com/2016/10/indonesian-arrested-for-playing-porn-on.html?m=1

Hacked Republican website skimmed donor credit cards for 6 months

http://arstechnica.com/security/2016/10/hacked-republican-website-skimmed-donor-credit-cards-for-6-months/

Netflix reminds password re-users to run a reset

http://www.theregister.co.uk/2016/10/16/netflix_reminding_password_reusers_to_run_a_reset/

Cybercrime, Roma tra le città con più 'computer zombie'

http://www.repubblica.it/tecnologia/sicurezza/2016/10/08/news/cybercrime_roma_tra_le_citta_con_piu_computer_zombie_-149349372/

Flaw in Intel chips could make malware attacks more potent

http://arstechnica.com/security/2016/10/flaw-in-intel-chips-could-make-malware-attacks-more-potent/

Researcher says Adult Friend Finder vulnerable to file inclusion vulnerabilities

http://www.csoonline.com/article/3132533/security/researcher-says-adult-friend-finder-vulnerable-to-file-inclusion-vulnerabilities.html

Crims cram credit card details into product shots on e-shops

http://www.theregister.co.uk/2016/10/19/crims_cram_credit_cards_into_retail_product_pics_to_mock_popped_eshops/

Akamai finds longtime security flaw on 2 million Internet of Things devices | WIRED

https://www.wired.com/2016/10/akamai-finds-longtime-security-flaw-2-million-devices/

GlobalSign screw-up cancels top websites' HTTPS certificates

http://www.theregister.co.uk/2016/10/13/globalsigned_off/

Hackers pop 6000 sites on active 18-month carding bonanza

http://www.theregister.co.uk/2016/10/13/hackers_pop_6000_sites_on_active_18month_carding_bonanza/

Telnet, SSH prod of death smashes Cisco broadband boxes offline

http://www.theregister.co.uk/2016/10/12/cisco_security_updates/

Data Breaches In Healthcare Totaled Over 112 Million Records In 2015

http://www.forbes.com/sites/danmunro/2015/12/31/data-breaches-in-healthcare-total-over-112-million-records-in-2015/

Isolated computers hacked by USB drive

http://www.ehackingnews.com/2016/10/isolated-computers-hacked-by-usb-drive.html

Second hacking group targets SWIFT-connected banks

http://www.theregister.co.uk/2016/10/11/swift_bank_hacking_reloaded/

Hungarian bug-hunters spot 130, 000 vulnerable Avtech vid systems on Shodan

http://www.theregister.co.uk/2016/10/12/hungarian_bughunters_spot_130000_vulnerable_avtech_vid_systems_on_shodan/

Germany's Gundremmingen Power Plant Hit By Computer Viruses

http://www.ehackingnews.com/2016/10/germanys-gundremmingen-power-plant-hit.html

Hacker Steals 58 Million User Records from Data Storage Provider

http://news.softpedia.com/news/hacker-steals-58-million-user-records-from-data-storage-provider-509190.shtml?utm_content=buffer9f190&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

IAEA chief: Nuclear power plant was disrupted by cyber attack

http://in.reuters.com/article/nuclear-cyber-idINKCN12A1P1

Rogue proxies hijack HTTPS traffic - E Hacker News

http://www.ehackingnews.com/2016/10/rogue-proxies-hijack-https-traffic.html?m=1

Indonesian arrested for playing porn on public billboard - E Hacker News

http://www.ehackingnews.com/2016/10/indonesian-arrested-for-playing-porn-on.html?m=1

Is this the real life? Is this just fantasy? Spotify serving malware, no escape from reality • The Register

http://www.theregister.co.uk/2016/10/06/spotify_malware_free_music_service/

''Non aprite il link delle chat'', il virus fa paura su Facebook

http://www.repubblica.it/tecnologia/sicurezza/2016/10/04/news/_non_aprite_il_link_delle_chat_il_virus_fa_paura_su_facebook-149103190/

Sad reality: It's cheaper to get hacked than build strong IT defenses

http://www.theregister.co.uk/2016/09/23/if_your_company_has_terrible_it_security_that_could_be_a_rational_business_decision/

SWIFT warns of more 'sophisticated' attacks, readies anti-fraud tool

http://www.theregister.co.uk/2016/09/22/swift_warns_of_more_sophisticated_attacks_readies_antifraud_tool/

Girls’ fashion hangout site leaking millions of plaintext passwords

https://nakedsecurity.sophos.com/2016/09/27/girls-fashion-hangout-site-leaking-millions-of-plaintext-passwords/

Large CCTV Botnet Leveraged in DDoS Attacks

https://blog.sucuri.net/2016/06/large-cctv-botnet-leveraged-ddos-attacks.html

How Hackers Breached Two Gambling Payment Providers To Harvest 'Millions' Of Records

http://www.forbes.com/sites/thomasbrewster/2015/11/05/optimal-payments-hack-investigation/

Attacco hacker a Yahoo: "Rubate chiavi d'accesso a mezzo miliardo di utenti"

http://www.repubblica.it/tecnologia/sicurezza/2016/09/22/news/attacco_hacker_a_yahoo_rubate_chiavi_d_accesso_a_200_milioni_di_utenti_-148310314/

Update: Researchers show off remote attack against Tesla Model S

http://www.computerworld.com/article/3121908/security/researchers-show-off-remote-attack-against-tesla-model-s.html

KrebsOnSecurity Hit With Record DDoS

http://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/

How America’s 911 emergency response system can be hacked

https://www.washingtonpost.com/news/the-switch/wp/2016/09/09/how-americas-911-emergency-response-system-can-be-hacked/

Google Hacker Finds Way To Exploit Yet Another ‘Stagefright’ Bug

http://motherboard.vice.com/read/google-hacker-finds-another-stagefright-bug

Read the damning dossier on the security stupidity that let China ransack OPM's systems

http://www.theregister.co.uk/2016/09/08/opm_hacking_report/

Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years — Krebs on Security

http://krebsonsecurity.com/2016/09/israeli-online-attack-service-vdos-earned-600000-in-two-years/

How one man could have deleted any Facebook page

https://nakedsecurity.sophos.com/2016/09/20/how-one-man-could-have-deleted-any-facebook-page/

Science news journal EurekAlert down after hack

https://nakedsecurity.sophos.com/2016/09/19/science-news-journal-eurekalert-down-after-hack/

Mozilla will patch zero-day Firefox bug to fizzle man-in-the-middle diddle

http://www.theregister.co.uk/2016/09/18/mozilla_tor_flaws/

Someone just lost 324k payment records, complete with CVVs

https://www.troyhunt.com/someone-just-lost-324k-payment-records-complete-with-cvvs/

Cash if you get ransomware on your machine

http://www.scmagazineuk.com/news/cash-if-you-get-ransomware-on-your-machine/article/511786/

6.6 million plaintext passwords exposed as site gets hacked to the bone

http://arstechnica.com/security/2016/09/plaintext-passwords-and-wealth-of-other-data-for-6-6-million-people-go-public/

Hacker russi nel sito Wada: "Atleti Usa dopati". C'è anche la Biles: "Ma ho sempre seguito regole"

http://www.repubblica.it/sport/2016/09/13/news/hacker_wada-147674194/

How one man could have owned GitHub, and what happened next…

https://nakedsecurity.sophos.com/2016/08/31/how-one-man-could-have-owned-github-and-what-happened-next/

GM Recalls Millions of Cars After Critical Bug Found

http://www.infosecurity-magazine.com/news/gm-recalls-millions-of-cars-after/

Cryptocurrency Mining Malware Discovered Targeting Seagate NAS Hard Drives

http://news.softpedia.com/news/cryptocurrency-mining-malware-discovered-targeting-seagate-nas-hard-drives-508119.shtml

Read the damning dossier on the security stupidity that let China ransack OPM's systems

http://www.theregister.co.uk/2016/09/08/opm_hacking_report/

Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years — Krebs on Security

http://krebsonsecurity.com/2016/09/israeli-online-attack-service-vdos-earned-600000-in-two-years/

The Hunt for Lurk - Securelist

https://securelist.com/analysis/publications/75944/the-hunt-for-lurk/

Google Hacker Finds Way To Exploit Yet Another ‘Stagefright’ Bug

http://motherboard.vice.com/read/google-hacker-finds-another-stagefright-bug

How America’s 911 emergency response system can be hacked

https://www.washingtonpost.com/news/the-switch/wp/2016/09/09/how-americas-911-emergency-response-system-can-be-hacked/

Trustpilot hacked and customer database set for sale - Resiport

https://www.resiport.com/trustpilot-hacked-and-customer-database-set-for-sale/

Exile Mod Gaming Forum Hacked; 12,000 Accounts Leaked

https://www.hackread.com/exile-mod-gaming-forum-hacked/

Cisco's Talos & GoDaddy Shut Down Malvertising Campaign - E Hacker News

http://www.ehackingnews.com/2016/09/ciscos-talos-godaddy-shut-down.html?m=1

Mr.Chow's Website Serves Ransomware To Customers - E Hacker News

http://www.ehackingnews.com/2016/09/mrchows-website-serves-ransomware-to.html?m=1

911 could face its own emergency: Hackers - CNET

http://www.cnet.com/news/911-could-face-its-own-emergency-hackers/

Hackers holding school computers hostage | WBTW.com

http://wbtw.com/2016/09/09/hackers-holding-school-computers-hostage-2/

43.7% of cloud-based malware delivers ransomware - Help Net Security

https://www.helpnetsecurity.com/2016/09/09/cloud-based-malware/

Watch How Government Spyware Infects a Computer in This Leaked Demo Video | Motherboard

https://motherboard.vice.com/read/rcs-lab-government-spyware-infects-a-computer-in-this-leaked-demo-video

Gorizia, hacker nel server scolastico. E i “4” sono diventati “10”

http://ilpiccolo.gelocal.it/trieste/cronaca/2016/05/21/news/gorizia-l-attacco-informatico-1.13513088

Read the damning dossier on the security stupidity that let China ransack OPM's systems • The Register

http://www.theregister.co.uk/2016/09/08/opm_hacking_report/

Stealing login credentials from a locked PC or Mac just got easier

http://arstechnica.com/security/2016/09/stealing-login-credentials-from-a-locked-pc-or-mac-just-got-easier/

Mr Chow plates up sticky ransomware • The Register

http://www.theregister.co.uk/2016/09/07/mr_chow_plates_up_sticky_ransomware/

Internet of Sins: Million more devices sharing known private keys for HTTPS, SSH admin • The Register

http://www.theregister.co.uk/2016/09/07/bad_key_security_holes_getting_worse/

Project Zero: Return to libstagefright: exploiting libutils on Android

http://googleprojectzero.blogspot.com/2016/09/return-to-libstagefright-exploiting.html

Network Management Systems are a 'treasure map' for hackers • The Register

http://www.theregister.co.uk/2016/09/07/natwork_magement_vulns/

When you've paid the ransom but you don't get your data back • The Register

http://www.theregister.co.uk/2016/09/07/uk_ransomware_victim_survey/

Spoof an Ethernet adapter on USB, and you can sniff credentials from locked laptops • The Register

http://www.theregister.co.uk/2016/09/07/spoof_an_ethernet_adapter_on_usb_and_you_can_sniff_credentials_from_locked_laptops/

Issue 890 - project-zero - Dashlane: universal XSS in doOnboardingSiteStep API - Monorail

https://bugs.chromium.org/p/project-zero/issues/detail?id=890

Sneaky Gugi banking trojan sidesteps Android OS security barricades • The Register

http://www.theregister.co.uk/2016/09/06/gugi_android_banking_trojan_revamp/

Hacker takes down CEO wire transfer scammers, sends their Win 10 creds to the cops • The Register

http://www.theregister.co.uk/2016/09/06/hacker_hacks_ceo_wire_transfer_scammers_sends_win_10_creds_to_cops/

ASUS Broken API Authentication

https://blog.fletchto99.com/2016/september/asus-disclosure/index.html

Forum for Porn Site Brazzers Compromised in Major Hack | The Daily Dot

http://www.dailydot.com/layer8/brazzers-hack/

98.1 million CLEARTEXT passwords pasted as Rambler.ru rumbled • The Register

http://www.theregister.co.uk/2016/09/06/981_million_cleartext_accounts_leaked_as_ramblerru_rumbled/

More IoT insecurity: the routers that take instructions from anyone – Naked Security

https://nakedsecurity.sophos.com/2016/09/05/more-iot-insecurity-the-routers-that-take-instructions-from-anyone/

Security group OurMine briefly took over Variety earlier today | The Verge

http://www.theverge.com/2016/9/3/12785768/ourmine-security-group-variety-hack

How Spy Tech Firms Let Governments See Everything on a Smartphone - NYTimes.com

http://mobile.nytimes.com/2016/09/03/technology/nso-group-how-spy-tech-firms-let-governments-see-everything-on-a-smartphone.html?smid=tw-share&referer=https://t.co/qDSS256JTb

Apple releases new update after hack flaws - E Hacker News

http://www.ehackingnews.com/2016/09/apple-releases-new-update-after-hack.html?m=1

FairWare Ransomware targets Linux Servers - E Hacker News

http://www.ehackingnews.com/2016/09/fairware-ransomware-targets-linux.html?m=1

Details of BTC-E and BitcoinTalk breach revealed - E Hacker News

http://www.ehackingnews.com/2016/09/details-of-btc-e-and-bitcointalk-breach.html?m=1

New cloud attack takes full control of virtual machines with little effort | Ars Technica

http://arstechnica.com/security/2016/08/new-attack-steals-private-crypto-keys-by-corrupting-data-in-computer-memory/

Patched ColdFusion Flaw Exposes Applications to Attack | Threatpost | The first stop for security news

https://threatpost.com/patched-coldfusion-flaw-exposes-applications-to-attack/120301/

Transmission hijacked to broadcast Mac malware • The Register

http://www.theregister.co.uk/2016/09/01/transmission_booby_trapped_downloads/

Did you stay at any of these 60 Kimpton hotels? Whelp, hackers have your card details • The Register

http://www.theregister.co.uk/2016/09/01/kleptos_clean_careless_klimpton/

Patch now: Apple emits fix for Pegasus spyware bugs in OS X, Safari • The Register

http://www.theregister.co.uk/2016/09/02/macos_safari_security_update/

Lightspeed PoS vendor breached, sensitive database tapped • The Register

http://www.theregister.co.uk/2016/09/02/lightspeed_pos_vendor_breached_sensitive_database_tapped/

Trojan imitates Google Play store user - E Hacker News

http://www.ehackingnews.com/2016/09/trojan-imitates-google-play-store-user.html?m=1

Ransomware attacks Linux servers, demands bitcoins - E Hacker News

http://www.ehackingnews.com/2016/09/ransomware-attacks-linux-servers.html?m=1

Blackhat wannabes proffer probably bogus Linux scamsomware • The Register

http://www.theregister.co.uk/2016/09/01/blackhat_wannabes_proffer_bogus_linux_scamsomware/

Cisco SOHO switches patched for SOHOpeless vuln • The Register

http://www.theregister.co.uk/2016/09/01/cisco_soho_switches_patched_for_sohopeless_vuln/

Malware exposes payment card data at Kimpton Hotels

http://www.cnet.com/news/malware-exposes-payment-card-data-at-kimpton-hotels/

Teenager arrested for hacking president's website

http://www.ehackingnews.com/2016/08/teenager-arrested-for-hacking.html

L'attacco informatico contro i sistemi elettorali di Illinois e Arizona - Il Post

http://www.ilpost.it/2016/08/30/hacker-russi-attacco-arizona-illinois/

Dropbox: 2012 credentials file is real • The Register

http://www.theregister.co.uk/2016/08/31/dropbox_2012_credentials_file_is_real/

More banks plundered through SWIFT attacks • The Register

http://www.theregister.co.uk/2016/08/31/swift_reuters/

More banks plundered through SWIFT attacks • The Register

http://www.theregister.co.uk/2016/08/31/swift_reuters/

OneLogin breached, hacker finds cleartext credential notepads • The Register

http://www.theregister.co.uk/2016/08/31/onelogin_breached_hacker_finds_cleartext_credential_notepads/

71,000 Minecraft World Map accounts leaked online after 'hack' • The Register

http://www.theregister.co.uk/2016/08/30/71000_minecraft_world_map_accounts_leak/

OSX/Keydnap spreads via signed Transmission application

http://www.welivesecurity.com/2016/08/30/osxkeydnap-spreads-via-signed-transmission-application/

FBI: Look out – hackers are breaking into US election board systems • The Register

http://www.theregister.co.uk/2016/08/29/fbi_warns_attacks_on_election_systems/

Russia MP's son found guilty after stealing 2.9 million US credit cards • The Register

http://www.theregister.co.uk/2016/08/29/russia_mps_son_found_guilty_after_stealing_29_million_us_credit_cards/

Chinese CA hands guy base certificates for Github, Florida uni • The Register

http://www.theregister.co.uk/2016/08/29/chinese_ca_hands_guy_base_certificates_for_github_florida_uni/

Equation Group Firewall Operations Catalogue

https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html

Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution

http://www.securityfocus.com/archive/1/526498/30/0/threaded

Apple issues urgent iPhone software update after attempted hack with 'most sophisticated spyware' ever seen

http://www.telegraph.co.uk/technology/2016/08/25/apple-issues-urgent-global-iphone-software-update-after-attempte/

HTTPS and OpenVPN face new attack that can decrypt secret cookies | Ars Technica

http://arstechnica.com/security/2016/08/new-attack-can-pluck-secrets-from-1-of-https-traffic-affects-top-sites/

Intel douses Wildfire ransomware as-a-service Euro menace • The Register

http://www.theregister.co.uk/2016/08/24/wildfire_ransomware_extinguished/

French submarine builder DCNS springs leak: India investigates • The Register

http://www.theregister.co.uk/2016/08/24/indian_submarine_secrets_leaked_after_frances_dcns_/

Opera server breach incident - Opera Security

https://www.opera.com/blogs/security/2016/08/opera-server-breach-incident/

Hackers Steal 12 Million Baht From Thai Bank ATMs - E Hacker News

http://www.ehackingnews.com/2016/08/hackers-steal-12-million-baht-from-thai.html?m=1

IOActive turns up the most SOHOpeless router so far • The Register

http://www.theregister.co.uk/2016/08/22/ioactive_turns_up_the_most_sohopeless_router_so_far/

Four in five Android devices inherit Linux snooping flaw • The Register

http://www.theregister.co.uk/2016/08/22/android_linux_snooping_flaw/

Beauty site lets anyone read customers' personal information • The Register

http://www.theregister.co.uk/2016/08/22/strawberry_net_security_fail/

Nota senza titolo

http://www.theregister.co.uk/2016/08/22/i_got_the_power_over_your_iot_powerpoint/

Healthcare sector hard hit by Locky Ransomware - E Hacker News

http://www.ehackingnews.com/2016/08/healthcare-sector-hard-hit-by-locky.html?m=1

Google Chrome, Firefox Address Bar Spoofing Vulnerability

http://www.rafayhackingarticles.net/2016/08/google-chrome-firefox-address-bar.html

PayPal patches 2FA portal bug • The Register

http://www.theregister.co.uk/2016/08/18/paypal_patches_2fa_portal_bug/

Pokemon Go Ransomware attacks as Windows 10 app - E Hacker News

http://www.ehackingnews.com/2016/08/pokemon-go-ransomware-attacks-as.html?m=1

Cellebrite - Mobile Forensics Products - Extraction

http://www.cellebrite.com/Mobile-Forensics/Products?gclid=CMaUkuOTzs4CFZAW0wod6ZcEiw

'Massive' Locky ransomware campaign targets hospitals | ZDNet

http://www.zdnet.com/article/a-massive-locky-ransomware-campaign-is-targeting-hospitals/

Malware Infected All Eddie Bauer Stores in U.S., Canada — Krebs on Security

http://krebsonsecurity.com/2016/08/malware-infected-all-eddie-bauer-stores-in-u-s-canada/

PGP admins: Kill short keys now, or Alice will become Chuck • The Register

http://www.theregister.co.uk/2016/08/17/pgp_admins_kill_short_keys_now_or_alice_will_become_chuck/

Popular Ransomware Earns $195, 000 In a Month, Report Says | Motherboard

https://motherboard.vice.com/read/cerber-ransomware-earns-195000

White hat pops Windows User Account Countrol with log viewer data • The Register

http://www.theregister.co.uk/2016/08/16/white_hat_pops_windows_uac_via_log_viewer/

Brisbane council loses $500k to scammers • The Register

http://www.theregister.co.uk/2016/08/16/brisbane_councillors_lose_500k_to_scammers/

Yet Another Government-Sponsored Malware - Schneier on Security

https://www.schneier.com/blog/archives/2016/08/yet_another_gov.html?utm_source=twitterfeed&utm_medium=twitter

Google AdSense abused to distribute Android spyware • The Register

http://www.theregister.co.uk/2016/08/15/android_trojan_abuses_google_adsense/

Russian being prosecuted for $170 million fraudulent credit-card purchases

http://www.ehackingnews.com/2016/08/russian-being-prosecuted-for-170.html

Cisco security crew uncovers bug in industrial control kit • The Register

http://www.theregister.co.uk/2016/08/15/industrial_control_vuln/

Secure Boot snafu: Microsoft leaks backdoor key, firmware flung wide open [Updated] | Ars Technica UK

http://arstechnica.co.uk/security/2016/08/microsoft-secure-boot-firmware-snafu-leaks-golden-key/

Three Romanians Caught Stealing Lakhs From Kerala ATM - E Hacker News

http://www.ehackingnews.com/2016/08/three-romanians-caught-stealing-lakhs.html?m=1

Sage data hacked affecting 280 UK businesses - E Hacker News

http://www.ehackingnews.com/2016/08/sage-data-hacked-affecting-280-uk.html?m=1

Visa Alert and Update on the Oracle Breach — Krebs on Security

http://krebsonsecurity.com/2016/08/visa-alert-and-update-on-the-oracle-breach/

Stealthy malware infects digitally-signed files without altering hashes

http://www.theregister.co.uk/2016/08/08/stealthy_malware_infects_digitallysigned_files_without_altering_hashes/

What your hacked account is worth on the Dark Web

https://nakedsecurity.sophos.com/2016/08/09/what-your-hacked-account-is-worth-on-the-dark-web/

Pakistani hacker defaced Canara Bank website - E Hacker News

http://www.ehackingnews.com/2016/08/pakistani-hacker-defaced-canara-bank.html?m=1

We watched RedTeam Security hack into a power company

http://www.techinsider.io/red-team-security-hacking-power-company-2016-4

Gorizia, hacker nel server scolastico. E i “4” sono diventati “10”
- Cronaca - Il Piccolo

http://m.ilpiccolo.gelocal.it/trieste/cronaca/2016/05/21/news/gorizia-l-attacco-informatico-1.13513088?ref=fbfpi

Issue 820 - project-zero - Symantec/Norton Antivirus ASPack Remote Heap/Pool memory corruption Vulnerability CVE-2016-2208 - Monorail

https://bugs.chromium.org/p/project-zero/issues/detail?id=820

Celebrity gossip site PerezHilton.com serves up malicious ads to its visitors

http://www.scmagazine.com/celebrity-gossip-site-perezhiltoncom-serves-up-malicious-ads-to-its-visitors/article/495360/

High-Severity OpenSSL Vulnerability allows Hackers to Decrypt HTTPS Traffic

http://thehackernews.com/2016/05/openssl-vulnerability.html?m=1

Dental Assn Mails Malware to Members — Krebs on Security

http://krebsonsecurity.com/2016/04/dental-assn-mails-malware-to-members/

The Vigilante Who Hacked Hacking Team Explains How He Did It | Motherboard

http://motherboard.vice.com/read/the-vigilante-who-hacked-hacking-team-explains-how-he-did-it

Hijacking the PC Update Process - Schneier on Security

https://www.schneier.com/blog/archives/2016/06/hijacking_the_p.html?utm_source=twitterfeed&utm_medium=twitter

uTorrent Forums Hacked, Passwords Compromised - TorrentFreak

https://torrentfreak.com/utorrent-forums-hacked-passwords-compromised-160608/

Wi-Fi hack disables Mitsubishi Outlander's theft alarm – white hats • The Register

http://www.theregister.co.uk/2016/06/06/mitsubishi_outlander_hack/

$587.24 – Your Bitcoin Wallet May Be At Risk: Safenet HSM Key-Extraction Vulnerability – Gemini

https://gemini.com/blog/your-bitcoin-wallet-may-be-at-risk-safenet-hsm-key-extraction-vulnerability/

Slicing Into a Point-of-Sale Botnet — Krebs on Security

http://krebsonsecurity.com/2016/06/slicing-into-a-point-of-sale-botnet/

Shriram Life Insurance Servers Hacked? - InfoRiskToday

http://www.inforisktoday.in/shriram-life-insurance-servers-hacked-a-9231

25,000 malware-riddled CCTV cameras form network-crashing botnet • The Register

http://www.theregister.co.uk/2016/06/28/25000_compromised_cctv_cameras/

South African ISP suffers massive password leak online

http://mybroadband.co.za/news/security/169341-south-african-isp-suffers-massive-password-leak-online.html

Kiwis hack into cyber sex toys, reveal frisky risks

http://m.nzherald.co.nz/lifestyle/news/article.cfm?c_id=6&objectid=11692549

Hacking Your Computer Monitor - Schneier on Security

https://www.schneier.com/blog/archives/2016/08/hacking_your_co.html?utm_source=twitterfeed&utm_medium=twitter

Twitter CEO Jack Dorsey's account was compromised by hackers

https://www.engadget.com/2016/07/09/jack-dorsey-ceo-twitter-hacked/

Ubuntu Linux Forums Hacked -- IP Address, Username, Email of 2M Accounts Compromised - Slashdot

http://m.slashdot.org/story/313727

A Chinese Ad Firm Is Using Malware to Get More Clicks | Motherboard

http://motherboard.vice.com/read/chinese-ad-firm-yingmob-is-using-hummingbad-malware-to-get-more-clicks

Hackers stole more than 30 Jeeps - E Hacker News

http://www.ehackingnews.com/2016/08/hackers-stole-more-than-30-jeeps.html?m=1

'Webcam hackers caught me wanking, demanded $10k ransom' - Hack - triple j

http://www.abc.net.au/triplej/programs/hack/webcam-hackers-catch-man-wanking-demand-ransom/7668434

New attack bypasses HTTPS protection on Macs, Windows, and Linux | Ars Technica

http://arstechnica.com/security/2016/07/new-attack-that-cripples-https-crypto-works-on-macs-windows-and-linux/

Garda Computer Systems Hacked In Zero-Day Cyber Attack - E Hacker News

http://www.ehackingnews.com/2016/08/garda-computer-systems-hacked-in-zero.html?m=1

R7-2016-10: Multiple OSRAM SYLVANIA Osram Light... | Rapid7 Community

https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059

A New Wireless Hack Can Unlock 100 Million Volkswagens | WIRED

https://www.wired.com/2016/08/oh-good-new-hack-can-unlock-100-million-volkswagens/

Fake QR code app gets hacker into luxury airport lounges for free Naked Security

https://nakedsecurity.sophos.com/2016/08/09/fake-qr-code-app-gets-hacker-into-luxury-airport-lounges-for-free/

Good news: Teen hacker gets 1-million-air-miles bug bounty reward. Bad news: It's United • The Register

http://www.theregister.co.uk/2016/08/09/bug_hunter_wins_million_air_miles/

Web pages, Word docs, PDF files, fonts – behold your latest keys to infecting Windows PCs • The Register

http://www.theregister.co.uk/2016/08/09/august_2016_patch_tues/

Internet of Car...rikey what the hell just happened to my car? • The Register

http://www.theregister.co.uk/2016/08/09/vehicle_security_research/

Big Red alert: Oracle's MICROS payment terminal biz hacked • The Register

http://www.theregister.co.uk/2016/08/08/oracle_cops_to_micros_pos_breach/

The Risks Digest Volume 29: Issue 67

http://catless.ncl.ac.uk/Risks/29.67.html#subj10

PCs’ PCs pwned: Irish cops probe mystery malware attack • The Register

http://www.theregister.co.uk/2016/08/08/irish_police_malware_attack/

Latest Androids have 'god mode' hack hole, thanks to Qualcomm • The Register

http://www.theregister.co.uk/2016/08/08/latest_androids_have_god_mode_hack_hole/

Brit network O2 hands out free Windows virus with USB pens • The Register

http://www.theregister.co.uk/2016/08/08/o2_sent_customers_a_windows_virus_on_usb_pens/

Video surveillance recorders riddled with zero-days • The Register

http://www.theregister.co.uk/2016/08/07/nuuo_netgear_surveillance_recorders_riddled_with_0days/

Hackers unleash smart Twitter phishing tool that snags two in three users

http://www.theregister.co.uk/2016/08/05/hackers_unleash_smart_twitter_phishing_tool_that_snags_two_in_three_users/

How the HTTPS-snooping, email addy and SSN-raiding HEIST JavaScript code works

http://www.theregister.co.uk/2016/08/05/javascript_heist_attack_https/

Smart TVs, satellites, and billboards all hacked in Ukrainian war • The Register

http://www.theregister.co.uk/2016/08/04/smart_tvs_satellites_and_billboards_all_hacked_in_ukrainian_war/

Oops, they did it again: Cisco finds new vulns in kit it patched in June • The Register

http://www.theregister.co.uk/2016/08/04/cisco_issues_multiple_patches/

Forget card skimmers, chip-card shimmers will be your next nightmare • The Register

http://www.theregister.co.uk/2016/08/03/card_shimmers_wave_of_the_future/

The Jeep hackers return to ditch a car going 60 mph Naked Security

https://nakedsecurity.sophos.com/2016/08/03/the-jeep-hackers-return-to-ditch-a-car-going-60-mph/

$67M in bitcoin stolen as hacking typhoon lashes Hong Kong's Bitfinex • The Register

http://www.theregister.co.uk/2016/08/03/67m_in_bitcoin_stolen_as_hacking_typhoon_lashes_hong_kongs_bitfinex/

Two first-gen flaws carried over to HTTP/2, warn security bods • The Register

http://www.theregister.co.uk/2016/08/03/http2_flaws/

Black Hats control Jeep's steering, kill brakes • The Register

http://www.theregister.co.uk/2016/08/02/black_hat_hacks_jack_jeep_in_wired_attack_feat/

Android's latest patches once again remind us: It's Nexus or bust if you want decent security The Register

http://www.theregister.co.uk/2016/08/02/android_august_patch_bundle/

Intel's Crosswalk open source dev library has serious SSL bug • The Register

http://www.theregister.co.uk/2016/07/31/intels_crosswalk_open_source_dev_library_has_serious_ssl_bug/

Cyberattack Compromises Unknown Number of Voter Records in Illinois

http://www.govtech.com/security/Cyberattack-Compromises-Unknown-Number-Voter-Records-Illinois.html

A Famed Hacker Is Grading Thousands of Programs — and May Revolutionize Software in the Process

https://theintercept.com/2016/07/29/a-famed-hacker-is-grading-thousands-of-programs-and-may-revolutionize-software-in-the-process/

Researchers Find Easy Way to Hack Wireless Keyboards

http://www.pcmag.com/news/346556/researchers-find-easy-way-to-hack-wireless-keyboards

Ecommerce, il racconto: "Come mi hanno rubato 2000 euro sulla carta di credito. E come li ho recuperati"

http://www.repubblica.it/tecnologia/sicurezza/2016/07/28/news/carte_di_credito_come_mi_hanno_rubato_2_mila_euro_sulla_carta_di_credito_e_come_li_ho_recuperati-144983105/

Argos changes 150 easily guessed drop-off system passwords • The Register

http://www.theregister.co.uk/2016/07/29/argos_revamps_password_regime/

Zero-day hole can pwn millions of LastPass users, all that's needed is a malicious site

http://www.theregister.co.uk/2016/07/27/zero_day_hole_can_pwn_millions_of_lastpass_users_who_visit_a_site/

TechCrunch defaced by self-professed 'white hat' hackers • The Register

http://www.theregister.co.uk/2016/07/26/techcrunch_hacked/

It's 2016 and your passwords can still be sniffed from wireless keyboards • The Register

http://www.theregister.co.uk/2016/07/26/keysniffer_wireless_keyboard_vuln/

PHP flaws allowed God mode access to top smut site • The Register

http://www.theregister.co.uk/2016/07/24/two_php_zero_day_flaws_found/

Former Air India employee held for hacking

http://www.ehackingnews.com/2016/07/former-air-india-employee-held-for.html

Avast researchers spoof Wi-Fi and hack RNC attendees to prove a point about cyber security | Cyber security | The Drum

http://www.thedrum.com/news/2016/07/20/avast-researchers-spoof-wi-fi-and-hack-rnc-attendees-prove-point-about-cyber

GOP delegates suckered into connecting to insecure Wi-Fi hotspots • The Register

http://www.theregister.co.uk/2016/07/21/gop_wifi_privacy_fail/

Bosses at UK infosec biz Quadsys confess to hacking rival reseller • The Register

http://www.theregister.co.uk/2016/07/21/quadsys_five_sentencing_scheduled/

The Risks Digest Volume 29: Issue 62

http://catless.ncl.ac.uk/Risks/29.62.html#subj9

The Risks Digest Volume 29: Issue 62

http://catless.ncl.ac.uk/Risks/29.62.html#subj6

‘Warframe’ Hacked, Details on 775,000 Players Traded

http://motherboard.vice.com/read/gaming-site-warframe-hacked

Five million Danish ID numbers sent to Chinese firm

http://www.thelocal.dk/20160720/five-million-danish-id-numbers-sent-to-chinese-firm-by-mistake

Reminder! If You Haven't yet, Turn Off Windows 10 Keylogger Now

http://thehackernews.com/2015/09/windows10-keylogger-security.html

Firefox to banish hidden Flash files – and kill off sneaky ad snoopers • The Register

http://www.theregister.co.uk/2016/07/20/firefox_blocking_flash/

Update now: Macs and iPhones have a Stagefright-style bug! Naked Security

https://nakedsecurity.sophos.com/2016/07/20/update-now-macs-and-iphones-have-a-stagefright-style-bug/

Flaws found in security products from AVG, Symantec and McAfee • The Register

http://www.theregister.co.uk/2016/07/20/hooks_cooked_hackers_crack_tonnes_of_security_apps_for_new_cloak_yoke/

Apple kills eavesdrop bug in FaceTime • The Register

http://www.theregister.co.uk/2016/07/19/apple_patches_july2016/

Guilt by ASN: Compiler's bad memory bug could sting mobes, cell towers • The Register

http://www.theregister.co.uk/2016/07/19/asn_objective_systems_asn_compiler_memory_bug/

15-year-old security hole HTTPoxy returns to menace websites – it has a name, logo too • The Register

http://www.theregister.co.uk/2016/07/18/httpoxy_hole/

Hackers steal millions from ATMs using 'just their smartphones' • The Register

http://www.theregister.co.uk/2016/07/15/taiwan_atm_hack/

Kaspersky Lab Battles 'Darkhotel' Malware that Targets Business Execs

http://www.ibtimes.co.uk/new-android-banking-malware-stops-victims-contacting-banks-cancelling-fraudulent-payments-1570805

Cisco gives you two nasty bugs to fix before the weekend • The Register

http://www.theregister.co.uk/2016/07/15/borg_bashes_bandages_router_dosndross_bugs/

Adwind: Malware-as-a-Service Platform that Hit more than 400, 000 Users and Organizations Globally | Kaspersky Lab

http://www.kaspersky.com/about/news/virus/2016/Adwind

Oklahoma police and bank exposed by leaky database Naked Security

https://nakedsecurity.sophos.com/2016/07/14/oklahoma-police-and-bank-exposed-by-leaky-database/

Critical remote code execution holes reported in Drupal modules • The Register

http://www.theregister.co.uk/2016/07/14/critical_remote_code_execution_holes_reported_in_drupal_modules/

US govt bank insurer 'covered up China hack to protect top boss' • The Register

http://www.theregister.co.uk/2016/07/13/congress_accuses_fdic_of_hiding_chinese_hack/

Generous Fiat Chrysler offers $1,500 for car security bugs – or two minutes of annual profit • The Register

http://www.theregister.co.uk/2016/07/13/fiat_chrysler_bug_bounty/

It's 2016 and Windows lets crims poison your printer drivers

http://www.theregister.co.uk/2016/07/13/windows_printer_driver_flaw_patch_asap/

Webpages, Word files, print servers menacing Windows PCs, and disk encryption bypasses – yup, it's Patch Tuesday • The Register

http://www.theregister.co.uk/2016/07/12/july_windows_microsoft_patch_tuesday_adobe/

FCA to offer rewards to hackers who help it find security flaws

http://www.reuters.com/article/us-fiat-chrysler-cyber-idUSKCN0ZT0AI

Nasty session stealing hole filled in WordPress All in One SEO plugin • The Register

http://www.theregister.co.uk/2016/07/12/nasty_session_stealing_hole_filled_in_wordpress_all_in_one_seo_plugin/

Pokemon Go on, gissus your Google Gmail, Drive files, photos?

http://www.theregister.co.uk/2016/07/11/pushy_pokemon_go_criticized/

Omni-shambles! Card-stealing malware checks into US hotel chain • The Register

http://www.theregister.co.uk/2016/07/11/strike_omni_from_list_of_safe_hotels/

Amazingly insecure industrial control systems + internet = Cupful of nope • The Register

http://www.theregister.co.uk/2016/07/11/ics_vuln_internet_exposed/

Lurk trojan takedown also took out Angler exploit kit • The Register

http://www.theregister.co.uk/2016/07/11/lurk_trojan_angler_exploit_links/

CVE-2016-4324 - Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrar - CVE-Search

https://cve.circl.lu/cve/CVE-2016-4324

White hat banned for revealing vulns in news sites used by London councillors • The Register

http://www.theregister.co.uk/2016/07/11/flayed_london_neighbour_web_attic_bans_white_hats_account/

New Mac malware tries to hook your webcam up to the Dark Web Naked Security

https://nakedsecurity.sophos.com/2016/07/08/new-mac-malware-tries-to-hook-your-webcam-up-to-the-dark-web/

BMW web portal vulns pose car hack risk – researchers • The Register

http://www.theregister.co.uk/2016/07/08/bmw_vulns/

Baton Rouge database of police details exposed over killing of Alton Sterling Naked Security

https://nakedsecurity.sophos.com/2016/07/08/baton-rouge-database-of-police-details-exposed-over-killing-of-alton-sterling/

Twitter, hackerato profilo Nasa Keplero: spunta un lato b

http://www.repubblica.it/tecnologia/social-network/2016/07/08/foto/twitter_profilo_nasa_hackerato_al_posto_di_giove_spunta_il_lato_b-143685877/

Malaysia-based credit card fraud ring broken, 105 arrested • The Register

http://www.theregister.co.uk/2016/07/08/credit_card_fraud_ring_busted/

Thieves using laptops to hack into and steal cars

https://nakedsecurity.sophos.com/2016/07/08/thieves-using-laptops-to-hack-into-and-steal-cars/

414,949 D-Link cameras, IoT devices can be hijacked over the net

http://www.theregister.co.uk/2016/07/08/414949_dlink_cameras_iot_devices_can_be_hijacked_over_the_net/

1 in 20 Wendy's burger joints hacked? No, make that 1 in 3 – 1,025 in total • The Register

http://www.theregister.co.uk/2016/07/07/wendys_breach_worse_than_thought/

Cafe killer remote code execution affects 140 million MIUI Androids

http://www.theregister.co.uk/2016/07/07/cafe_killer_remote_code_execution_affects_140_million_miui_androids/

New Mac malware discovered in the wild installing backdoors

http://www.cnet.com/news/new-mac-malware-discovered-in-the-wild-installing-backdoors/

⌘+c malware smacks Macs, drains keychains, pours over Tor • The Register

http://www.theregister.co.uk/2016/07/07/c_malware_smacks_macs_drains_keychains_pours_over_tor/

Millions of Android devices have flawed full disk encryption

https://www.engadget.com/2016/07/01/android-qualcomm-security-flaw-encryption/

Word hole patched in 2012 is 'unchallenged' king of Office exploits • The Register

http://www.theregister.co.uk/2016/07/05/magento_vulns/

Researcher pops locks on keylogger, finds admin's email inbox

http://www.theregister.co.uk/2016/07/05/trustwave_reversing_hawkeye_keylogger_inbox/

Vuln drains energy sector control kit

http://www.theregister.co.uk/2016/07/05/vuln_drains_energy_sector_control_kit/

Klepto Zepto could steal millions in looming ransomware wave

http://www.theregister.co.uk/2016/07/04/klepto_zepto_could_steal_millions_in_looming_ransomware_wave/

Lenovo scrambling to get a fix for BIOS vuln

http://www.theregister.co.uk/2016/07/04/lenovo_scrambling_to_get_a_fix_for_bios_vuln/

700,000 Muslim Match dating site private messages leaked online • The Register

http://www.theregister.co.uk/2016/07/01/muslim_match_data_breach/

Hackers are making $500k off mobile trojans they deployed, research shows

http://www.androidauthority.com/hackers-making-500k-off-mobile-trojans-deployed-research-shows-701091/

Universities Become New Target for Ransomware Attacks - The ICT Scoop

http://www.theictscoop.com/2016/06/10/universities-become-new-target-ransomware-attacks/

Cracking Android's full-disk encryption is easy on millions of phones – with a little patience • The Register

http://www.theregister.co.uk/2016/07/01/turns_out_breaking_android_fulldisk_encryption_is_easy_with_the_right_code/

Chinese gambling site served near record-breaking complex DDoS • The Register

http://www.theregister.co.uk/2016/07/01/470_gbps_multivector_chinese_gambling/

400 million Foxit users need to catch up with patched-up reader • The Register

http://www.theregister.co.uk/2016/07/01/foxit_patches_756/

WA government still hopeless at infosec • The Register

http://www.theregister.co.uk/2016/06/30/wa_government_still_hopeless_at_infosec/

Finding an ATM Skimmer: It pays to be paranoid!

https://www.linkedin.com/pulse/finding-atm-skimmer-pays-paranoid-benjamin-tedesco-gcih-pmp

Crypto Ransomware Jumped 500%

http://catless.ncl.ac.uk/Risks/29.59.html#subj16

Ransomware bites NASCAR team: lessons learned fast Naked Security

https://nakedsecurity.sophos.com/2016/06/28/ransomware-bites-nascar-team-lessons-learned-fast/

Big Blue finds big green in derailing transport

http://www.theregister.co.uk/2016/06/30/big_blue_finds_big_green_in_derailing_transport/

25,000 malware-riddled CCTV cameras form network-crashing botnet • The Register

http://www.theregister.co.uk/2016/06/28/25000_compromised_cctv_cameras/

US hospitals hacked with ancient exploits • The Register

http://www.theregister.co.uk/2016/06/28/medjack/

Zero-interaction remote wormable hijack hole blasts Symantec kit • The Register

http://www.theregister.co.uk/2016/06/29/symantec_enterprise_endpoint_project_zero/

SWIFT hackers nick $10m from Ukraine bank • The Register

http://www.theregister.co.uk/2016/06/28/swift_victim_ukraine/

NASCAR team red-flagged by ransomware attack • The Register

http://www.theregister.co.uk/2016/06/24/nascar_team_redflagged_by_ransomware_attack/

Look into our network, not around our network... you're under • The Register

http://www.theregister.co.uk/2016/06/24/deception_tech_start_up/

Online backup firm Carbonite targeted in password reuse attack

https://www.grahamcluley.com/2016/06/online-backup-firm-carbonite-targeted-password-reuse-attack/

​Hackers hit central banks in Indonesia and South Korea | ZDNet

http://www.zdnet.com/article/hackers-hit-central-banks-in-indonesia-and-south-korea/

It’s not all about ransomware – keyloggers are still alive and well!

https://nakedsecurity.sophos.com/2016/06/21/its-not-all-about-ransomware-keyloggers-are-still-alive-and-well/

Is the Angler exploit kit dead?

https://nakedsecurity.sophos.com/2016/06/16/is-angler-exploit-kit-dead/

Hackers are using this nasty text-message trick to break into people's accounts

http://uk.businessinsider.com/hackers-are-spoofing-text-messages-to-steal-two-factor-authentication-codes-2016-6

BadTunnel: a vulnerability all Windows users need to patch

https://nakedsecurity.sophos.com/2016/06/16/badtunnel-a-vulnerability-all-windows-users-need-to-patch/

Man In The Browser attacks scare banking world

http://securityaffairs.co/wordpress/17538/cyber-crime/man-browser-attacks-scare-banking.html

Tesla Model X autonomously crashes into building, owner claims

http://www.computerworld.com/article/3079807/car-tech/tesla-model-x-autonomously-crashes-into-building-owner-claims.html

Lexus Owners Say Update Bricked Cars’ Navigation Systems

https://consumerist.com/2016/06/08/lexus-owners-say-update-bricked-cars-navigation-systems/

Watch As Hackers Hijack WhatsApp Accounts Via Critical Telecoms Flaws - Forbes

http://www.forbes.com/sites/thomasbrewster/2016/06/01/whatsapp-telegram-ss7-hacks/

Hackers Can Steal Your Facebook Account With Just A Phone Number - Forbes

http://www.forbes.com/sites/thomasbrewster/2016/06/15/hackers-steal-facebook-account-ss7/

Sofacy NotSoGood: Time to switch up our Trojan-slinging tactics • The Register

http://www.theregister.co.uk/2016/06/15/hackers_switch_tactics/

Cybercrooks are pimping out pwned RDP servers • The Register

http://www.theregister.co.uk/2016/06/15/hacked_server_market/

Infecting Systems by Typosquatting Programming Language Libraries - Schneier on Security

https://www.schneier.com/blog/archives/2016/06/infecting_syste.html?utm_source=twitterfeed&utm_medium=twitter

Johns Hopkins scientists show how easy it is to hack a drone and crash it

http://hub.jhu.edu/2016/06/08/hacking-drones-security-flaws

BBC News: Huge spam and malware network goes offline

http://www.bbc.co.uk/news/technology-36519044

Telegram crammed: Hackers find way to send massive messages

http://www.theregister.co.uk/2016/06/14/telegram_crammed_hackers_find_way_to_send_massive_messages/

Inter-bank system SWIFT on security? User manual needs 'revamp’

http://www.theregister.co.uk/2016/05/16/swift_security_control_need_revamp/

Business Email Compromise (spear phishing FBI)

http://www.ic3.gov/media/2015/150827-1.aspx#fn1

Digital Attack on German Parliament: Investigative Report on the Hack of the Left Party Infrastructure in Bundestag | netzpolitik.org

https://netzpolitik.org/2015/digital-attack-on-german-parliament-investigative-report-on-the-hack-of-the-left-party-infrastructure-in-bundestag/

Kernel Backdoor found in Gadgets Powered by Popular Chinese ARM Maker

http://thehackernews.com/2016/05/android-kernal-exploit.html

BBC News: TalkTalk profits halve after cyber attack

http://www.bbc.co.uk/news/business-36273449

BBC News: US Congress 'bans members' Yahoo Mail'

http://www.bbc.co.uk/news/technology-36275537

BBC News: Second bank cyber-attack detected by Swift after Bangladesh raid

http://www.bbc.co.uk/news/technology-36284446

Benchmarking the Use of QR Code in Mobile Promotion

https://www.researchgate.net/profile/Shintaro_Okazaki/publication/237050000_Benchmarking_the_Use_of_QR_Code_in_Mobile_Promotion_Three_Studies_in_Japan/links/0a85e539f4cb0a6414000000.pdf

SS7 spookery on the cheap allows hackers to impersonate mobile chat subscribers

http://www.theregister.co.uk/2016/05/10/ss7_mobile_chat_hack/

Malware scan stalled misconfigured med software, mid-procedure

http://www.theregister.co.uk/2016/05/09/malware_scan_stalled_misconfigured_med_software_midprocedure/

TLS proxies: insecure by design say boffins • The Register

http://www.theregister.co.uk/2016/05/05/tls_proxies_are_insecure/

Daisy-chained research spells malware worm hell for power plants and other utilities • The Register

http://www.theregister.co.uk/2016/05/05/daisychained_research_spells_malware_worm_hell_for_utilities/

US telly stations fling malware-tipped web ads at unsuspecting surfers • The Register

http://www.theregister.co.uk/2016/05/04/self_serving_malvertising_scam/

Server-jacking exploits for ImageMagick are so trivial, you'll scream

http://www.theregister.co.uk/2016/05/04/imagemagick_exploits_in_the_wild/

A 10-Year-Old Made $10K For Discovering An Instagram Bug

http://www.refinery29.com/2016/05/109921/ten-instagrand

Researchers say there are serious security problems in Samsung’s SmartThings | The Verge

http://www.theverge.com/2016/5/2/11540246/samsung-smart-things-security-study-critical-flaw-apps

Security breach in Israeli-made Waze lets hackers stalk users

http://www.timesofisrael.com/security-breach-in-israeli-made-waze-lets-hackers-stalk-users/

Adware from French runs away and hides on 12M machines

http://www.theregister.co.uk/2016/04/28/shameless_software_run_on_12m_machines_outed_as_belilgerent_backdoor/

Time for a patch: six vulns fixed in NTP daemon

http://www.theregister.co.uk/2016/04/28/time_for_a_patch_six_vulns_fixed_in_ntp_daemon/

Google can't hold back this malware running riot in its Play store

http://www.theregister.co.uk/2016/04/26/android_malware_whack_a_mole/

Why cybercriminals attack healthcare more than any other industry

https://nakedsecurity.sophos.com/2016/04/26/why-cybercriminals-attack-healthcare-more-than-any-other-industry/

Hook, like and sinker: Facebook serves up its own phish | Netcraft

http://news.netcraft.com/archives/2016/04/22/hook-like-and-sinker-facebook-serves-up-its-own-phish.html

Website extortionists rake in over $100,000 without lifting a finger

http://www.theregister.co.uk/2016/04/25/extortionists_rake_in_100000_easy/

BAE Systems Threat Research Blog: Two bytes to $951m

http://baesystemsai.blogspot.it/2016/04/two-bytes-to-951m.html?m=1

Flaw allowed anyone to modify & take control over ANY .as domain – InfoSec Guy

https://isecguy.wordpress.com/2016/04/25/flaw-allowed-anyone-to-modify-take-control-over-any-as-domain/

Backdoor In Wordpress Plugin Steal Admin Credential In Clear Text

http://blog.hackersonlineclub.com/2016/03/backdoor-in-wordpress-plugin-steal.html

Osama almanna's blog: StartSSL Domain validation (Vulnerability discovered).

http://oalmanna.blogspot.com/2016/03/startssl-domain-validation.html

How Pirates And Hackers Worked Together To Steal Millions Of Dollars In Diamonds

http://www.buzzfeed.com/josephbernstein/how-pirates-and-hackers-worked-together-to-steal-millions-of

Carders cash out hundreds of millions before USA adopts EMV

http://www.theregister.co.uk/2016/04/22/fin6_carders_cash_out_hundreds_of_millions_as_us_slowly_moves_to_emv/

Commonly used strategy for website protection is not waterproof – KU Leuven

http://www.kuleuven.be/english/news/2016/commonly-used-strategy-for-website-protection-is-not-waterproof

VXers pass stolen card data over DNS

http://www.theregister.co.uk/2016/04/20/vxers_pass_stolen_card_data_over_dns/

VNC Roulette Hack millions of devices with 0 skills!

http://hahasecurity.blogspot.com/2016/03/hack-millions-of-devices-with-0-skills.html

X-ray scanners, CCTV cams, hefty machinery ... let's play: VNC Roulette!

http://www.theregister.co.uk/2016/03/25/vnc_roulette/

Google Search Technique Aided N.Y. Dam Hacker in Iran

http://www.wsj.com/articles/google-search-technique-aided-n-y-dam-hacker-in-iran-1459122543

Airbus boarded by 12 nation-state, crimeware 'breaches' every year

http://www.theregister.co.uk/2016/04/13/airbus_has_12_nationstate_crimeware_breaches_a_year/

Massive malvertising attack poisons 288 sites

https://nakedsecurity.sophos.com/2016/04/12/massive-malvertising-attack-poisons-288-sites/

How to not get pwned on Windows: Don't run any virtual machines, open any web pages, Office docs, hyperlinks ...

http://www.theregister.co.uk/2016/04/12/microsoft_patch_tuesday_12apr16/

Sweden secretly blames Russian hackers – not solar flares – for taking out air traffic control

http://www.theregister.co.uk/2016/04/12/sweden_suspects_russian_hackers_hit_air_traffic_control/

Gogo Inflight Internet is Intentionally Issuing Fake SSL Certificates

http://www.symantec.com/connect/blogs/gogo-inflight-internet-intentionally-issuing-fake-ssl-certificates