Security Alerts & News
by Tymoteusz A. Góral

History
#245 New Open Connectivity Foundation will further innovation of the Internet of Things
The OCF will create a set of open specifications and protocols to enable devices from a variety of manufactures to securely and seamlessly interact with one another. Regardless of the manufacturer, operating system, chipset or transport – devices that adhere to the OCF specifications will simply work together.
#244 Joomla sites join WordPress as TeslaCrypt ransomware target
“The group behind the WordPress ‘admedia’ campaign is now apparently targeting Joomla sites,” said Brad Duncan, security researcher at Rackspace. “We are starting to see the same traffic characteristics in infections that are associated with Joomla sites – as we did with the WordPress campaign,” Duncan said.
#243 Tor: 'Mystery' spike in hidden addresses
Prof Woodward noted there had not been a similar increase in .onion sites in the history of the Tor network.

"Something unprecedented is happening, but at the moment that is all we know," he told the BBC.
#242 Exposed VNC server discovered in comodo gear
Publicly disclosed yesterday on the Google Project Zero site, Ormandy said that a tech support application called GeekBuddy installed with Comodo Internet Security also drags along with it a VNC server that is enabled by default.
#241 AirDroid patches vulnerability exposing Android data
A critical vulnerability impacting 50 million Android users running the popular AirDroid application has been patched. AirDroid, an app that allows you link an Android device to a computer and send SMS messages, run apps and add contacts via a Wi-Fi connected web browser, released the patch Jan. 29.
#240 Christopher Ahlberg on tracking Hackers through patterns across forums (VIDEO)
Threatpost editor Mike Mimoso talks with Christopher Ahlberg, CEO, Recorded Future about tracking cybercriminals through patterns on hacker forums.
#239 How does HSBC's voice recognition banking service work? (VIDEO)
HSBC is taking a big step toward biometric banking by launching voice recognition and touch security in the UK. Ben Thompson has been finding out how the service will work.
#238 Hard Drive Reliability Review for 2015
By the end of 2015, the Backblaze datacenter had 56,224 spinning hard drives containing customer data. These hard drives reside in 1,249 Backblaze Storage Pods. By comparison 2015 began with 39,690 drives running in 882 Storage Pods. We added 65 Petabytes of storage in 2015 give or take a Petabyte or two. Not only was 2015 a year of growth, it was also a year of drive upgrades and replacements. Let’s start with the current state of the hard drives in our datacenter as of the end of 2015 and then
#237 McAfee will break iPhone crypto for FBI in 3 weeks or eat shoe on live TV
In an op-ed for Business Insider titled "I'll decrypt the San Bernardino phone free of charge so Apple doesn't need to place a back door on its product," libertarian presidential candidate and former antivirus developer John McAfee waded into the ongoing battle of words between Apple and the FBI with some choice words of his own.
#236 Hack disarms SimpliSafe’s home wireless security systems
More than a quarter million homes protected by SimpliSafe wireless security systems are vulnerable to hackers who can deactivate the alarm anytime, according to IOActive, a Seattle-based security consulting firm.

IOActive published a proof of concept report on Wednesday that outlines how it disarmed SimpliSafe’s wireless home security systems. The hack, according IOActive researcher Andrew Zonenberg, is able to eavesdrop on wireless transmission between SimpliSafe components and capture PIN e
#235 App vulnerabilities, patching, and ransomware 2016 key security risks: HPE
ccording to Hewlett Packard Enterprise, application vulnerabilities, patching, and malware monetisation are the three key risks a business needs to pay close attention to as 2016 brings more cunning threat actors to the landscape.
#234 Samsung, Oracle to provide updated Apache tools for enterprise developers
Samsung and Oracle are working to give developers an updated Apache Cordova plug-in tool to make cloud-based enterprise solutions as they continue an enterprise alliance that parallels that of Apple and IBM's.
#233 Trojan Cidox, Bebloh used by spammers tailoring spam for Brazil, India and Japan
Japan is the latest country to be targeted with regionalized spam emails used to deliver malware. Symantec has observed several spam email campaigns in recent months targeting countries around the world, including Brazil and two campaigns in India. These campaigns usually feature emails that claim to be from a company or organization from within the targeted country.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12