Mirai, Google, and the Future of DDoS

OAKLAND–When the Mirai botnet burst onto the scene last year, it did so in style, with two of the largest DDoS attacks on record. One of the initial targets of its wrath was the site run by reporter Brian Krebs, and the attack set off a chain reaction that not only took the site offline […]

Google Details Scoring System for Potentially Malicious Apps

Google has introduced a number of different layers of security protection for Android devices recently, many of which are invisible to users. One of those protective measures is a scoring system that looks at how often a specific app has been downloaded and how many devices with the app are still checking in with Google’s […]

FTC Files Complaint Against D-Link Over Router, Camera Security

D-Link didn’t “take reasonable software testing and remediation measures” to protect users of its routers and IP-enabled cameras, failed to protect the private keys that sign the software on those devices, and put thousands of consumers at risk of attack, according to a new complaint brought against the technology vendor by the Federal Trade Commission. In […]

FDA Sets Guidance on Medical Device Security

The Food and Drug Administration has published new recommendations for both manufacturers and regulators on how to deal with security for medical devices, including implantable devices. Calling device security a shared responsibility, the FDA guidance focuses on the postmarket cybersecurity issues, such as vulnerability response and remediation. The new document is not a set of regulations, but […]

House Working Group Says Don’t Weaken Encryption

In a year-end report, a key congressional working group on encryption said that any governmental initiative to backdoor encryption systems is against the interests of the country and that there is no clear solution to the battle over encryption right now. The Encryption Working Group, comprised of members of the House Judiciary Committee and House Energy […]

Some Netgear Routers Open to Remote Code Execution

Two models of Netgear home routers contain a vulnerability that can allow a remote attacker to execute arbitrary code. The bug can be exploited with a simple URL and there’s a publicly available exploit for the flaw. The issue affects the Netgear R7000 and R6400 routers and right now there’s no fix available for the […]

More Than a Million Android Devices Rooted by Gooligan Malware

A new version of an existing piece of malware has emerged in some third-party Android app stores and researchers say it has infected more than a million devices around the world, giving the attackers full access to victims’ Google accounts in the process. The malware campaign is known as Gooligan, and it’s a variant of […]

PoisonTap: The Tiny Internet-Hijacking, Cookie-Stealing, Backdoor-on-a-Board

A renowned hardware hacker has released a cheap USB device that, when plugged in to any computer–even password-protected or locked ones–can hijack all of the Internet traffic from the PC, steal web cookies, and install a persistent backdoor that survives after device is removed. Known as PoisonTap, the device is the work of Samy Kamkar, […]

Android Patch Released to Stop Ultrasonic Tracking

The researchers who exposed the ways in which ultrasonic signals can be used to track users across devices have released a patch for Android that helps users protect themselves against the silent tracking. The patch is designed to give users more control of which apps on their devices have access to the ultrasonic spectrum, which […]