Security Alerts & News
by Tymoteusz A. Góral

History
#856 Hackers find bugs, extort ransom and call it a public service
Crooks breaking into enterprise networks are holding data they steal for ransom under the guise they are doing the company a favor by exposing a flaw. The criminal act is described as bug poaching by IBM researchers and is becoming a growing new threat to businesses vulnerable to attacks.

According to IBM’s X-Force researchers, the new tactic it is a variation on ransomware. In the case of bug poaching, hackers are extorting companies for as much as $30,000 in exchange for details on how hackers broke into their network and stole data. More conventional ransomware attacks, also growing in number, simply encrypt data and demand payment for a decryption key.

Researchers say once the intruders steal the data, there’s no explicit threat that they will break in again or release data if companies don’t pay. Instead, attackers release a simple statement demanding payment in exchange for details on how to fix the vulnerability, said John Kuhn, senior threat researcher for IBM Managed Security Services.
Read more
#867 The impossible task of creating a “Best VPNs” list today
#866 Ransomware is working, and the cybercrooks know it
#865 Outlook and Hotmail flooded by spam
#864 Samsung: Don't install Windows 10. REALLY
#863 Out-of-the-box exploitation possible on PCs from top 5 OEMs
#862 Tor Browser 6.0: Ditches SHA-1 support, uses DuckDuckGo for default search results
#861 Crypto-ransomware attacks Windows 7 and later, scraps backward compatibility
#860 Millions of PCs ship with bloatware riddled with security flaws, say researchers
#859 Got $90,000? A Windows 0-Day could be yours
#858 Flaw in popular WordPress plug-in Jetpack puts over a million websites at risk
#857 SSL/TLS and PKI timeline
#856 Hackers find bugs, extort ransom and call it a public service
#855 SandJacking attack puts Apple iOS devices at risk to rogue apps
#854 PayPal to pull out of Turkey following license denial
#853 US court says no warrant needed for cellphone location data
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12