There's one edge case for people who frequently troubleshoot and fix Macs, as pointed out by TidBits: old OS X installers downloaded from the Mac App Store before the certificate's expiration date will no longer work. This includes not just installers for El Capitan, but also downloaded installers for Yosemite, Mavericks, Mountain Lion, and Lion—every OS X installer issued using the Mac App Store. It also affects any USB install disks you've created using the downloaded installer.
Brazilian cybercriminals have been “competing” with their Russian-speaking “colleagues” for a while in who makes more Trojan bankers and whose are most effective. A few days ago we found a new wave of different campaigns spreading the initial “Banloader” components in Jar (Java archive), which is very particular by its nature – it’s able to run on Linux, OS X, and of course Windows. Actually, it’s also able to run under certain circumstances even on mobile devices.
In a study that looked at the password strength required to access website account for Wells Fargo, Capital One and 15 other banks, researchers found that 35 percent had significant weaknesses in their password policies, according to University of New Haven Cyber Forensic Research and Education Group.
According to the firm's recent survey, Early Adopters of Internet of Things Poised to Make 2016 the Year of the Customer, the number of businesses planning to adopt some sort of IoT strategy is set to grow by 50 percent this year, a figure which would bring the overall total of businesses with some sort of IoT deployment to 43 percent.
According to Cyber Security: Underpinning the Digital Economy, a report by the Institute of Directors and Barclays bank, companies are keeping quiet about being the victim of a cyberattack, even if their operations were badly affected by such an incident -- as figures suggest was the case for half of respondents.
Malicious advertising, also known as malvertising, has become the best method to distribute malware on a global scale with surgical precision. Simply put, malvertising is a means to expose innocent users visiting legitimate websites to malware. It uses a rogue advertisement (a banner ad) on the website to redirect the victim to a malicious payload, often delivered via an exploit kit.
Experts have stressed this week that DROWN is no Heartbleed, but at some point in the not too distant future, there’s going to be another major Internet vulnerability and developers at OpenSSL claim they’re battle tested.
Putting aside the illegality of hacking back for a second, there are many tentacles to such an action that not only put a company’s legal position and reputation at risk, but also threatens innocent third parties caught in the crossfire.