Dennis Fisher


Dennis Fisher is a journalist with more than 13 years of experience covering information security.

Dutch Police Arrest Alleged CoinVault Ransomware Authors

Ransomware has emerged as major threat to consumers and businesses in recent years, and law enforcement agencies and security researchers have taken note. Authorities last year disrupted the Cryptolocker ransomware operation and now Dutch police have arrested two young men they believe are involved in the CoinVault ransomware. The arrests came Monday in the Netherlands […]

Scan of IPv4 Space for ‘Implanted’ Cisco Routers Finds Fewer Than 100

A day after researchers detailed a technique that attackers are using to upload malicious firmware images to Cisco routers, academic researchers say they have scanned the entire IPv4 address space and discovered a total of 79 likely compromised routers. The researchers at the University of Michigan used their Zmap tool, which can scan the Internet in about […]

Bug in iOS and OSX Allows Writing of Arbitrary Files Via AirDrop

There is a major vulnerability in a library in iOS that allows an attacker to overwrite arbitrary files on a target device and, when used in conjunction with other techniques, install a signed app that the device will trust without prompting the user with a warning dialog. The vulnerability lies in a library in both […]

Cisco routers are built into the fabric of the Internet and enterprise networks, a fact that makes them highly attractive targets for attackers. Researchers at FireEye have come across attacks recently in which hackers have been modifying the firmware of Cisco routers and using that foothold to maintain persistence on the victim’s network. Such a technique […]

The maintainers of Debian have released new packages to fix several vulnerabilities, including a number of bugs in PHP and an unspecified flaw in Oracle’s VirtualBox application. Among the patches is one for the VirtualBox bug, which is difficult to describe, because Oracle no longer publishes any security information on VirtualBox. “This update fixes an unspecified […]

The Tor Project recently started a program to help libraries install Tor relays as a way to protect the privacy of patrons and other Internet users. The program didn’t get too far, however, as the first library to install a relay had to turn it off after town police officials were contacted by Department of Homeland […]

There is a series of stack buffer overflows in nearly 20 ICS products manufactured by Japanese vendor Yokogawa that can lead to remote code execution.  The bugs affect a long list of the company’s products, which are used in a variety of industries around the world. The Yokogawa products are mainly control systems, plant-management systems, event-analysis […]

A pair of modules included in the Drupal content management system have been updated to fix access bypass vulnerabilities that could allow an attacker to take actions on the behalf of some users. One of the modules fixed is the Twitter module, which allows users to take a variety of actions, including pulling in public […]

Excellus BlueCross BlueShield, a large health care provider in New York state, says it was hit by an attack that began in 2013 and wasn’t discovered until last month, resulting in the compromise of members’ personal information, including Social Security numbers, addresses, financial and account information. The company did not specify how many people potentially […]