Moxa Discontinuing Vulnerable Line of ICS Devices
Moxa has opted to discontinue embedded computers that suffer from a vulnerability which can allow remote authenticated users to write to the firmware and render devices unusable.
Chris Brook
About
"Distrust and caution are the parents of security" - Benjamin Franklin
Millions of Stolen MySpace, Tumblr Credentials Being Sold Online
Hackers are selling roughly 427 million passwords belonging to users of MySpace along with information on 65 million Tumblr users.
Threatpost News Wrap, May 20, 2016
Mike Mimoso and Chris Brook discuss the news of the week, including a big LinkedIn breach, TeslaCrypt closing up shop, and a breakthrough in random number generation. The two also recap this week’s Source Conference in Boston.
When it comes to cloud computing, APIs more or less drive everything, but in the eyes of some researchers, existing security controls haven’t kept pace.
Google announced this week that it will begin to disable SSLv3 and RC4 a month from now, on June 16.
Apple on Monday rolled out a series of patches for nearly all of its operating systems, including fixes for March’s DROWN vulnerability in OS X and a lockscreen bypass vulnerability in iOS.
Nulled.IO, an underground forum that helped enable users to share stolen credentials and software cracks was hacked earlier this month, spilling a glut of information on its users.
Mike Mimoso and Chris Brook discuss the news of the week, including zero day vulnerabilities–both in Adobe Flash and Windows, a nasty vulnerability in SAP business applications, Mozilla asking FBI to disclose a Tor exploit, and more.
News of yet another attack involving a bank and SWIFT, the financial network used by thousands of banks to transfer funds, came to light Thursday.
Several vulnerabilities were fixed this week in the file archiver 7-Zip which could have led to arbitrary code execution and file corruption.
