The Northern District of California has announced the indictment of six Chinese nationals, charging them with theft of trade secrets and economic espionage.
Telstra’s Pacnet, a telecom service provider primarily based in China and Singapore, suffered a breach early last month that may wind up affecting thousands of customers.
Dennis Fisher talks with security pioneer Marcus Ranum about writing an early Internet firewall at DEC, the security gold-rush era of the 1990s and early 2000s, why he never patented most of the ideas he has come up with and how he found peace of mind.
What happens when you build a watch that is essentially an absurdly powerful computer that also tells time? You have to patch that watch. And that’s what Apple has done for the first time, releasing a long list of fixes for security problems with the Apple Watch OS. At least one of the vulnerabilities can[…]
Researchers have uncovered a flaw in the way that some servers handle the Diffie-Hellman key exchange, a bug that’s somewhat similar to the FREAK attack and threatens the security of many Web and mail servers. The bug affects all of the major browsers and any server that supports export-grade 512-bit Diffie-Hellman cryptography. The most serious[…]
KCodes NetUSB, a Linux kernel module that provides USB services over IP, contains unpatched vulnerabilities according to an alert from CERT/CC and Sec Consult
The Federal Reserve Bank of St. Louis confirmed this week that it fell victim to a DNS hijack last month that may have redirected users to bogus webpages and exposed customers to phishing, malware and other attacks.
Google has patched a high-risk vulnerability in its Chrome browser that allows an attacker to escape the Chrome sandbox. That vulnerability is one of 37 bugs fixed in version 43 of Chrome. Six of those flaws are rated as high risks and Google paid out more than $38,000 in rewards to researchers who reported vulnerabilities[…]
Researchers from ZScaler have uncovered a new scheme where criminals are using malversting to redirect to pages hosting the Magnitude exploit kit and the CryptoWall ransomware.
There’s an easily exploitable vulnerability in the Android stock browser that enables an attacker to spoof the URL in the address bar and force a victim to visit a malicious site while believing he is visiting a benign one. Security researcher Rafay Baloch discovered the vulnerability and developed the technique for exploiting it. The problem[…]