7 tips to strengthen online security
Credit to Author: Ryan Francis| Date: Wed, 12 Apr 2017 04:00:00 -0700
Hacked Dallas sirens get extra encryption to fend off future attacks
Credit to Author: Matt Hamblen| Date: Tue, 11 Apr 2017 14:37:00 -0700
Dallas city officials have added extra encryption and other security measures to the outdoor warning sirens hacked early Saturday.
The hack also prompted the city to evaluate critical systems for potential vulnerabilities, City Manager T.C. Broadnax said in a statement late Monday. City officials are reviewing security for financial systems, a flood warning system, police-fire dispatch and the 911/311 system.
To read this article in full or to leave a comment, please click here
SSD Advisory – Sentora Web Hosting Control Panel Multiple Vulnerabilities
Credit to Author: noam| Date: Tue, 11 Apr 2017 10:23:24 +0000
Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Sentora Web Hosting Control Panel that lead to remote code execution. Sentora is a free to download and use web hosting control panel developed for Linux, UNIX and BSD based servers or computers. The Sentora software can turn a domestic or commercial server into … Continue reading SSD Advisory – Sentora Web Hosting Control Panel Multiple Vulnerabilities
Read MoreFake News at Work in Spam Kingpin’s Arrest?
Credit to Author: BrianKrebs| Date: Tue, 11 Apr 2017 15:51:46 +0000
Over the past several days, many Western news media outlets have predictably devoured thinly-sourced reporting from a Russian publication that the arrest last week of a Russian spam kingpin in Spain was related to hacking attacks linked to last year’s U.S. election. While there is scant evidence that the spammer’s arrest had anything to do with the election, the success of that narrative is a sterling example of how the Kremlin’s propaganda machine is adept at manufacturing fake news, undermining public trust in the media, and distracting attention away from the real story.
Read MoreBank gets lesson in the security failings of third parties
Credit to Author: Evan Schuman| Date: Tue, 11 Apr 2017 04:00:00 -0700
The most effective cyberattacks turn the tables on the security measures we take to ward off attacks. We’re always countering the attacks that have worked in the past, rarely thinking about the opportunities our countermeasures might open up.
And opportunities always abound. If malware is being delivered via attachments, we put out memos forbidding employees from opening attachments from strangers. Cybercriminals see this, and they come up with phishing — sending out attachments in emails that appear to come from the recipients’ close co-workers. So then we warn employees to not open an attachment unless it was expected. All right, say the attackers; we’ll just wait for an attachment heads up and then launch our attack.
To read this article in full or to leave a comment, please click here
Suspected CIA spying tools linked to hacks in 16 countries
Credit to Author: Michael Kan| Date: Mon, 10 Apr 2017 11:17:00 -0700
The suspected CIA spying tools exposed by WikiLeaks have been linked to hacking attempts on at least 40 targets in 16 countries, according to security firm Symantec.
The tools share “close similarities” with the tactics from an espionage team called Longhorn, Symantec said in a Monday post. Longhorn has been active since at least 2011, using Trojan programs and previously unknown software vulnerabilities to hack targets.
To read this article in full or to leave a comment, please click here
Hack of Dallas emergency sirens prompts more warnings to bolster cybersecurity
Credit to Author: Matt Hamblen| Date: Mon, 10 Apr 2017 09:39:00 -0700
Dallas emergency management officials continue to investigate a hack that activated all 156 emergency tornado sirens citywide for about 90 minutes early Saturday.
The city declared the sirens were activated Friday night in a hack that officials believe came from the Dallas area.
The event was a warning that businesses and organizations, including cities and emergency operations centers, need to guard against similar breaches, whether they may come from disgruntled employees, hackers trying to pull a stunt, or a more nefarious group working for an enemy state, analysts said.
To read this article in full or to leave a comment, please click here
New ransomware demanded high score on anime-style shooter game not bitcoins
Credit to Author: Darlene Storm| Date: Mon, 10 Apr 2017 09:23:00 -0700
Never underestimate what a person can come up with when he or she is bored as was recently highlighted by the accidental release of a ransomware that required victims to reach an astronomically high score on an anime-style shooter game instead of paying an outrageous ransom in bitcoins.
The Malware Hunter Team was surprised to discover Rensenware; they said the ransomware did not ask “for any money, but to play a game until you reach a score – and it’s not a joke.”
Victims who wanted their files decrypted were required to score over 200 million points in the “lunatic” level of the game TH12 ~ Undefined Fantastic Object.
To read this article in full or to leave a comment, please click here