In This Section


Category: Hacking

December 30, 2016
The Weird and Wild Stories of 2016
There are any number of adjectives one could employ to describe 2016, most of which can’t be printed here. One of the gentler descriptors we can use is “interesting”. This year was nothing if not interesting. There were data breaches of epic proportions, companies getting owned in new and creative ways, and all kinds of really unusual…
Read More →
December 29, 2016
FDA Sets Guidance on Medical Device Security
The Food and Drug Administration has published new recommendations for both manufacturers and regulators on how to deal with security for medical devices, including implantable devices. Calling device security a shared responsibility, the FDA guidance focuses on the postmarket cybersecurity issues, such as vulnerability response and remediation. The new document is not a set of regulations, but…
Read More →
December 28, 2016
New Leet Botnet Generating Huge DDoS Floods
A new botnet that is capable of some of the larger DDoS attacks ever seen has emerged in the last few days, launching floods of up to 650 Gbps and using a unique payload that researchers say is effective at evading security systems. The network came to light on Dec. 21 when researchers at Imperva…
Read More →
December 27, 2016
Critical Vulnerability Haunts Popular PHP Library
There’s a critical security vulnerability in the PHPMailer library, a flaw that could allow an attacker to execute arbitrary code. The bug can be exploited remotely and a researcher already has released proof-of-concept exploit code for it. The PHPMailer library is used in a large number of web applications and open source projects, including WordPress and…
Read More →
December 21, 2016
On the Wire Podcast: Michael Tiffany
Cybercriminals depend upon the income they generate from their schemes to fund further operations, and one of the main ways that they extract money from victims is through ad fraud. This week, researchers at White Ops disclosed the existence of the Methbot ad fraud network, which is using a sophisticated worldwide infrastructure and custom browsers…
Read More →
December 20, 2016
Massive Methbot Ad Fraud Network Steals Millions Per Day
Cybercriminals are using a sophisticated botnet operation to impersonate both websites and visitors in order to steal as much as $5 million in ad revenue per day from publishers, according to new research into the network, known as Methbot. The botnet is enmeshed in the online ad infrastructure and has its own elaborate support system,…
Read More →
December 19, 2016
Hailstorm Spam Campaigns Being Used to Evade Defenses
In an effort to get past anti-spam and anti-malware systems and put their garbage in front of potential victims, some spammers are avoiding the traditional strategy of sending huge volumes of mail for long periods of time in favor of sending large bursts of spam in a very short timeframe. This technique, known as hailstorm…
Read More →
December 16, 2016
70 Percent of Enterprise Ransomware Victims Paid Up, Data Shows
Ransomware gangs have been targeting businesses in the last few months, seeking bigger paydays than what they can extract from consumers. The plan has been highly successful, according to new data, which shows that 70 percent of businesses infected with ransomware have paid the ransom to get their data back. Researchers at IBM Security’s X-Force…
Read More →
December 15, 2016
Yahoo Data Breach Highlights Defender’s Disadvantage
For the second time in less than three months, Yahoo has disclosed a massive data breach, and this is one for the record books. The company said more than one billion accounts are affected by the breach, and Yahoo officials still aren’t exactly sure how the attackers got in. On Wednesday evening, Yahoo CISO Bob…
Read More →
December 14, 2016
Beta Firmware Update Available for Vulnerable Netgear Routers
With exploit code publicly available and details of the vulnerability widely known, Netgear has released a beta version of new firmware to fix a bug in several of its routers that attackers can use to execute arbitrary code on the devices. The Netgear router vulnerability affects several of the company’s home router models, including the R6250, R6400,…
Read More →
2019 Voice Intelligence Webinar Series – where voice, not touch is the main interface for customers.