—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 ******************************************************************** Title: Microsoft Security Update Minor Revisions Issued: August 23, 2017 ******************************************************************** Summary ======= The following CVEs and Microsoft security bulletin have undergone a minor revision increment * CVE-2016-7292 * CVE-2017-0167 * MS16-149 Revision Information: ===================== CVE-2016-7292 – Title: CVE-2016-7292 | Windows… Continue reading Microsoft Security Update Minor Revisions Issued: August 23, 2017
Ukrainian Security Firm Warns of Another Massive Global Cyberattack
Malware could attempt to take down networks on August 24 Aug 23, 2017 07:58 GMT · By Bogdan Popa A new wave of cyberattacks could be launched as soon as this week, Ukrainian security firm ISSP warns, pointing out that the main objective would be taking down networks on August 24 when… Continue reading Ukrainian Security Firm Warns of Another Massive Global Cyberattack
Automated Logic Patches Flaws in Building Automation System
By Eduard Kovacs on August 23, 2017 Kennesaw, Georgia-based building automation systems provider Automated Logic has released updates for its WebCTRL product to address several vulnerabilities, including one rated high severity. WebCTRL is a building automation system used worldwide in commercial office buildings, mission-critical facilities, educational institutions, healthcare organizations, hotels, and government facilities.… Continue reading Automated Logic Patches Flaws in Building Automation System
Spyware backdoor prompts Google to pull 500 apps with >100m downloads
Google killed secret plugin download capability after being alerted by researchers. Dan Goodin – 8/22/2017 At least 500 apps collectively downloaded more than 100 million times from Google’s official Play Market contained a secret backdoor that allowed developers to install a range of spyware at any time, researchers said Monday. The… Continue reading Spyware backdoor prompts Google to pull 500 apps with >100m downloads
Sysadmins told to update their software or risk killing the internet
The DNS signing keys are changing for the first time By Kieren McCarthy in San Francisco 22 Aug 2017 The world’s internet providers and sysadmins need to make sure they are running up-to-date software or they risk cutting their customers off from the internet in October, DNS overseer ICANN has warned. Following… Continue reading Sysadmins told to update their software or risk killing the internet
Ropemaker Allows Attackers to Change the Content of an Email—After It’s Delivered
22nd August 2017 by Tara Seals A new email exploit, dubbed Ropemaker, allows a malicious actor to edit the content in an email—after it’s been delivered to the recipient and made it through the necessary filters. For instance, an attacker could swap a benign URL with a malicious one in an email already… Continue reading Ropemaker Allows Attackers to Change the Content of an Email—After It’s Delivered
Neptune Exploit Kit Used to Deliver Monero Miner
By Eduard Kovacs on August 22, 2017 Cybercriminals have been using the Neptune exploit kit to deliver cryptocurrency miners via malvertising campaigns, FireEye reported on Tuesday. Neptune, whose arrival was detailed by researchers in January, is also known as Terror, Blaze and Eris. It was initially considered a variant of the Sundown exploit… Continue reading Neptune Exploit Kit Used to Deliver Monero Miner
DDoS Threat Increases While Mirai Becomes ‘Pay-for-Play’
By Kevin Townsend on August 22, 2017 The DDoS threat is increasing again. Pbot can generate 75 Gbps from just 400 nodes and Mirai has been commoditized. However, despite the growing number of attacks, the overall trend seems to be for more frequent, smaller attacks. These are the primary takeaways from a new Q2… Continue reading DDoS Threat Increases While Mirai Becomes ‘Pay-for-Play’
Android 8.0 ‘Oreo’ official with a focus on battery life and security
August 21, 2017 by Carly Page But you might have to wafer it to arrive GOOGLE HAS OFFICIALLY LAUNCHED Android 8.0, and just as expected, it’s called ‘Oreo’. Oreo, which was launched to coincide with the solar eclipse, ain’t about flashy new features, and Google is instead hoping to improve the Android… Continue reading Android 8.0 ‘Oreo’ official with a focus on battery life and security
Organizations Reminded of DNSSEC Key Signing Key Rollover
By Eduard Kovacs on August 21, 2017 Organizations are being reminded that the Internet Corporation for Assigned Names and Numbers (ICANN) will soon change the root zone key signing key for the Domain Name System Security Extensions (DNSSEC) protocol. Failure to take action could result in users being unable to access the Internet. … Continue reading Organizations Reminded of DNSSEC Key Signing Key Rollover