Who’s Really to Blame for the ‘Ukraine Did It’ Conspiracy Theory?
Who’s Really to Blame for the ‘Ukraine Did It’ Conspiracy Theory?
VPN Connection Hijacking Vulnerability Affects Linux, Unix Systems
A vulnerability that can be exploited to determine if a user is connected to a VPN and hijack active TCP connections in a VPN tunnel has been found to affect various Linux and Unix operating systems. read more
US Indicts ‘Evil Corp’ Hackers With Alleged Russian Intelligence Ties
A Lamborghini-driving Moscow hacker who called his operation Evil Corp and has ties to the FSB Russian intelligence service was indicted by US authorities Thursday for the cybertheft of tens of millions of dollars. read more
Microsoft Warns of Persistent Windows Hello for Business Orphaned Keys
Microsoft this week issued guidance regarding Windows Hello for Business (WHfB) public keys that persist even after the devices they are tied to are removed from Active Directory. read more
Cookie-stealing malware wants to know your Facebook ad budget
The AdKoob malware that sneakily peeks at how much you're spending on ads is back.
iCloud-hacking politician to be sentenced on Christmas eve
Former Dutch city council member Mitchel van der K invaded hundreds of iCloud accounts “frequently and repeatedly”.
Huawei Asks Court to Throw Out US Telecom Funds Ban
Chinese tech giant Huawei is asking a U.S. federal court to throw out a rule that bars rural phone carriers from using government money to purchase its equipment on security grounds. read more
Machine-raiding Python libraries squashed by community
Python developers have once again fallen victim to malicious software libraries lurking in their favourite package manager.
Critical DoS messaging flaw fixed in December Android update
Android’s December 2019 updates arrived this week, patching a small list of system and Qualcomm flaws across the operating system’s two patch levels.
OpenBSD Hit with Authentication, LPE Bugs
The authentication bypass (CVE-2019-19521) is remotely exploitable.
Yodel parcel tracking app blabs about other people’s parcels
Yodel's mobile parcel delivery app was leaking people's delivery data to others using the app, a security researcher discovered.
Implementing Cyber Best Practices Requires a Security-First Approach
Competing in today's digital marketplace requires that organizations be cyber-savvy. End users and customers need organizations to understand things like web application development, digital shopping and other online transactions, the effective use of social media, and using digital tools to get and keep customers. read more
Cisco Talos Releases Open Source Dependency Build Automation Tool
Cisco Talos this week released a new tool designed to make it easier to create complex applications that have lengthy dependency chains. Called Mussels, the cross-platform, general-purpose dependency build automation tool allows software developers to easily download, build, and assemble app dependencies. read more
Moxa Addresses Industrial AP Vulnerabilities Several Months After Disclosure
Moxa Urges Users to Replace Discontinued Industrial AP Filled With Security Holes read more