Threats & Security Incidents
1.8K views | +0 today
Follow
Threats & Security Incidents
Monitor threat evolution and security incidents to evaluate the effectiveness of your risk posture
Your new post is loading...
Your new post is loading...
Scooped by Cyber Security (app)
Scoop.it!

Heartbleed is about to get worse, and it will slow the Internet to a crawl

Heartbleed is about to get worse, and it will slow the Internet to a crawl | Threats & Security Incidents | Scoop.it
Without a rapid fix, hackers will be able to impersonate Web sites. But the fix itself is problematic.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

New Zero-Day Exploit targeting Internet Explorer Versions 9 through 11 Identified in Targeted Attacks

New Zero-Day Exploit targeting Internet Explorer Versions 9 through 11 Identified in Targeted Attacks | Threats & Security Incidents | Scoop.it
Summary FireEye Research Labs identified a new Internet Explorer (IE) zero-day exploit used in targeted attacks.  The vulnerability affects IE6 through IE11, but the attack is targeting IE9 through IE11.  This zero-day bypasses both ASLR and DEP. Microsoft has assigned CVE-2014-1776…
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

iOS Malware Campaign "Unflod Baby Panda" | SektionEins GmbH

On 17th April 2014 a malware campaign targetting users of jailbroken iPhones has been discovered and discussed by reddit users. This malware appears to have Chinese origin and comes as a library called Unflod.dylib that hooks into all running processes of jailbroken iDevices and listens to outgoing SSL connections.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

Rushed Heartbleed fixes may expose users to more attacks

Rushed Heartbleed fixes may expose users to more attacks | Threats & Security Incidents | Scoop.it
In the race to protect themselves from the Heartbleed vulnerability, enterprises could be opening themselves up to new attacks if they aren't careful.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

Heartbleed shrinks Tor by an eighth

Heartbleed shrinks Tor by an eighth | Threats & Security Incidents | Scoop.it
And that's before they look at all the nodes and what version of OpenSSL they're running
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

Heartbleed hackers steal encryption keys in threat test

Heartbleed hackers steal encryption keys in threat test | Threats & Security Incidents | Scoop.it
Heartbleed can be exploited to allow criminals to steal the private keys that websites rely on to decrypt sensitive information, including passwords and banking details.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

NSA denies report that it knew about Heartbleed from the start [Updated]

NSA denies report that it knew about Heartbleed from the start [Updated] | Threats & Security Incidents | Scoop.it
Bloomberg cites unnamed sources, says agency regularly used it to spy.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

Identify Risk in a Heartbeat - Speaking of Security - The RSA Blog and Podcast

Identify Risk in a Heartbeat - Speaking of Security - The RSA Blog and Podcast | Threats & Security Incidents | Scoop.it
By now, you most likely have heard of the announcement of the Heartbleed vulnerability in versions of OpenSSL. Actually, by this time, your executives, your front line managers and your mother-in-law have probably heard of the Heartbleed vulnerability given it has hit every major new source (WSJ, CNET, CNN) While this ubiquitous software is a foundation for many web applications, most people will relegate this as “someone else’s problem”. However, many companies utilize OpenSSL within their own infrastructures to secure internal applications. Even if you aren’t affected by this specific vulnerability, the noise created by Heartbleed should again prompt you to think about your own vulnerability management program.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

XSS flaw in popular video-sharing site allowed DDoS attack through browsers

XSS flaw in popular video-sharing site allowed DDoS attack through browsers | Threats & Security Incidents | Scoop.it
Attackers exploited a vulnerability in a popular video-sharing site to hijack users' browsers for use in a large-scale distributed denial-of-service attack, according to researchers from Web security firm Incapsula.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

WinRAR spoofing vulnerability being exploited in malware campaign

WinRAR spoofing vulnerability being exploited in malware campaign | Threats & Security Incidents | Scoop.it
A WinRAR vulnerability is being taken advantage of in a malware campaign targeting government and international organizations, as well as Fortune Global 500 companies.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

Zero-day vulnerability in Microsoft Word under active attack

Zero-day vulnerability in Microsoft Word under active attack | Threats & Security Incidents | Scoop.it
People using Word 2010 with Outlook should take immediate action, company warns.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

California DMV investigating possible security breach

The California Department of Motor Vehicles is investigating a possible breach in security of its credit card processing service, sources said Saturday. Officials were quick to add that no immediate evidence exists that the data has been hacked.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

iPhones frozen by hackers demanding ransom - Telegraph

iPhones frozen by hackers demanding ransom - Telegraph | Threats & Security Incidents | Scoop.it
People around the world have found their iPads and iPhones frozen by hackers who are demanding cash ransoms to unlock their devices
more...
Gregory Taylor's curator insight, March 15, 2015 7:58 PM

This a form of Mobile Malware and the affects that it can have on a person. This is the kind of protection that as a company Apple need to be aware of and be trying to prevent otherwise thier reputation can be damaged.

Scooped by Cyber Security (app)
Scoop.it!

Mandiant: Hackers Broke In Using Heartbleed - Digits - WSJ

Mandiant: Hackers Broke In Using Heartbleed - Digits - WSJ | Threats & Security Incidents | Scoop.it
Hackers successfully used the Heartbleed bug to break into a Mandiant customer’s network, the boutique security firm announced Friday.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

Can Heartbleed be used in DDoS attacks?

Can Heartbleed be used in DDoS attacks? | Threats & Security Incidents | Scoop.it
With nearly every major threat to information security, it is not long before security experts ask the question, "Can the threat play a role in distributed denial of service (DDoS) attacks?
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

WhatsApp bug allows for interception of shared locations

WhatsApp bug allows for interception of shared locations | Threats & Security Incidents | Scoop.it
Researchers identified a vulnerability in WhatsApp that could enable an attacker to intercept shared locations.
more...
Denilson Lopes's curator insight, March 15, 2015 7:43 PM

Whatsapp is a very well known app and used a lot by people, hence why attackers are trying to intercept the shared locations as this could allow them access and get information. This also explains why Whatsapps does not work properly sometimes or freezing due to corruption and interception such as this. Users should be more aware and keep their phones secured, on the other hand simply downloading DNS software onto the phone, a good example would be Onavo and this keeps files secure and encrypts your IP address.

Scooped by Cyber Security (app)
Scoop.it!

Federal Websites Avoid Heartbleed Risks, DHS Says

Federal Websites Avoid Heartbleed Risks, DHS Says | Threats & Security Incidents | Scoop.it
But Akamai systems powering the Obamacare website contained the data-leaking vulnerability.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

Private SSL Keys and the Heartbleed OpenSSL Vulnerability | Threatpost | The first stop for security news

Private SSL Keys and the Heartbleed OpenSSL Vulnerability | Threatpost | The first stop for security news | Threats & Security Incidents | Scoop.it
Experts say it's highly unlikely private SSL keys can be stolen by hackers using the Heartbleed OpenSSL bug, but not impossible.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS

NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS | Threats & Security Incidents | Scoop.it
Agency forgets that it exists to protect communications, not just spy on them
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

'Heartbleed' bug in OpenSSL puts encrypted communications at risk

'Heartbleed' bug in OpenSSL puts encrypted communications at risk | Threats & Security Incidents | Scoop.it
Administrators are advised to patch and revoke old private keys
Cyber Security (app)'s insight:

Computer security experts are advising administrators to patch a severe flaw in a software library used by millions of websites to encrypt sensitive communications.

The flaw, nicknamed "Heartbleed," is contained in several versions of OpenSSL

more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

'Anonymous' hackers threaten Israel with cyber-terrorism

'Anonymous' hackers threaten Israel with cyber-terrorism | Threats & Security Incidents | Scoop.it
Group of anti-Israel hackers calls on international band of
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

WinRAR spoofing vulnerability being exploited in malware campaign

WinRAR spoofing vulnerability being exploited in malware campaign | Threats & Security Incidents | Scoop.it
A WinRAR vulnerability is being taken advantage of in a malware campaign targeting government and international organizations, as well as Fortune Global 500 companies.
more...
No comment yet.
Scooped by Cyber Security (app)
Scoop.it!

Philips Smart TVs riddled with security and privacy flaws, researcher reveals

Philips Smart TVs riddled with security and privacy flaws, researcher reveals | Threats & Security Incidents | Scoop.it
A researcher has discovered that so-called Smart TVs from Philips suffer from a number of serious security flaws that could allow hackers to steal information from attached USB sticks, play pornographic movies as a prank, and hackers access viewers' online accounts.
more...
No comment yet.