Viry a Červi

Your quick guide to hacks, patches and scandal

Roundup  Here's a quick roundup of recent infosec news beyond what we've already reported.…

ASCO is the latest headline-making organization to be hit by ransomware, prompting many companies to consider what to do to minimize their risk.

Attackers continue to push the boundaries with modular trojans and ransomware attacks, a new report found.

Threatpost editors Tara Seals and Lindsey O'Donnell discuss a recent lawsuit against Amazon for its privacy policies, a Telegram DDoS attack and more.

XENOTIME, a destructive APT linked to Russia, has broadened its target set beyond Middle East oil and gas.

Two lawsuits are seeking class-action status, alleging that Amazon records children and stores their voiceprints indefinitely.

Attackers are exploiting a Linux Exim critical flaw to execute remote commands, download crypto miners and sniff out other vulnerable servers.

Traffic analysis sheds light on weekday habits of attackers such as the most likely day for attacks and how malicious infrastructure is shared.

Anyone using it in its unpatched state is at risk not only of a compromise of their Evernote account but, potentially, of third-party accounts too.

Hey, iOS users. Got a spare Android phone lying around? Now, you can use it as a secure access key for online services.

According to a letter it sent to Sen. Richard Blumenthal, that's 31,000 US users, with the rest in India.

A male college student Snapchat-filtered himself into a young girl and went out to catch a predator. The first one he caught was a Californian cop.

Guys, your security hygiene stinks

Akamai Edge World  Players of games like Fortnite and Minecraft have emerged as juicy targets for cybercriminals.…

For FIPS sake!

Yubico is recalling one of its YubiKey lines after the authentication dongles were found to have a security weakness.…

Evernote's web clipper extension for Chrome is vulnerable to a critical flaw that could have exposed the data of more than 4.6 million users.

Uncle Sam sounds alarm after Windows CE SMB left wide open on hospital equipment

Two security vulnerabilities in medical workstations can exploited by scumbags to hijack the devices and connected infusion pumps, potentially causing harm to patients, the US government revealed today.…

The critical bug in a connected medical device can allow an attacker to remotely manipulate hospital pumps, either to withhold meds or dispense too much.

Durov took to Twitter to hint that Beijing tried to take Telegram offline to disrupt the Hong Kong protests.

That Guns N' Roses album* might be out soon... or not

Chat app Telegram has reportedly been DDoS'd, with its downtime coinciding with protests in Hong Kong against repressive new Chinese laws.…

"Whoever controls the data, controls the future," says the evil Zuck, who, according to the platform's current policy, won't be taken down.