Security Alerts & News
by Tymoteusz A. Góral

History
#319 Internet of Things: Finding a way out of the security nightmare
The baby monitors transmitting a live feed onto the internet for all to see -- and the smart teddy bear that could be hijacked. The car that allows hackers to take control of systems remotely. The power grid knocked offline by attackers accessing industrial control systems.

The rise of the Internet of Things (IoT) will bring with it huge benefits to businesses and consumers, but right now it is also creating a security nightmare.
#318 The DROWN vulnerability test page
DROWN allows attackers to break the encryption and read or steal sensitive communications, including passwords, credit card numbers, trade secrets, or financial data. Our measurements indicate 33% of all HTTPS servers are vulnerable to the attack.
#317 More than 11 million HTTPS websites imperiled by new decryption attack
More than 11 million websites and e-mail services protected by the transport layer security protocol are vulnerable to a newly discovered, low-cost attack that decrypts sensitive communications in a matter of hours and in some cases almost immediately, an international team of researchers warned Tuesday. More than 81,000 of the top 1 million most popular Web properties are among the vulnerable HTTPS-protected sites.
#316 Spam offering fake Visa benefits, rewards leads to TeslaCrypt Trojan.Cryptolocker.N ransomware
Spam campaign baits users with Visa Total Rewards emails containing malware that leads to Trojan.Cryptolocker.N infections.
#315 Windows Defender Advanced Threat Protection uses cloud to figure out you’ve been pwned
Microsoft is beefing up Windows Defender, the anti-malware program that ships with Windows 10, to give it the power to tell companies that they've been hacked after it has happened.
#314 CTB-Locker ransomware hits over 100 websites
A new malicious program that encrypts files on Web servers has affected at least 100 websites over the past few weeks, signaling a new trend in ransomware development.
Password entry
Sample password protection policy

The password protection policy of a large financial services institution with more than 5,000 employees.
Read Now

The program, which is written in PHP, is called CTB-Locker, a name also used by one of the most widespread ransomware programs for Windows computers. It's not
#313 Q4 2015 State of the Internet – Security Report
In this report, you will learn detailed statistics about cloud security and DDoS and web application attack trends observed across the Akamai networks for Q4 2015.
#312 Card “verification” now offered “as a service” by brazilian cybercriminals
This is the first time that this capability has been offered “as a service” in Brazil, with access sold for a monthly R$100 fee (approximately US$25). The person behind this service is believed to be a teenager from São
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12