In its seventh annual Mandiant M-Trends report, FireEye-owned Mandiant said that organizations are improving on the time it takes to detect a security breach.
While the positive news on improved breach detection is exciting in the current days of cyber doom and gloom, Mandiant also found an increase in the number of destructive attacks hitting organizations.
read more
Apple Case Not About Setting Precedent: FBI Chief
FBI Director James Comey on Thursday defended his agency's efforts to force Apple to help unlock an iPhone used by one of the San Bernardino attackers, as he warned of risks of unbreakable encryption.
"The San Bernardino litigation is not about us trying to send a message or establish some kind of precedent," Comey told lawmakers at the House Intelligence Committee.
read more
Cisco Patches Command Injection Flaw in ACE Appliance
Cisco has released software updates for its ACE 4710 appliance to address a high severity command injection vulnerability.
read more
Over 700 Million Data Records Compromised in 2015: Report
Last year, 1,673 data breaches resulted in roughly 707 million data records being compromised worldwide, according to statistics from Gemalto’s Breach Level Index report.
read more
Securely Surfing the IoT Tsunami
The IoT wave is building like a thunderous tsunami, growing larger on the horizon by the day. What is missing from the conversation, however, is how large a role software plays in the IoT equation. Plugging something into the Internet does not make it work — it just makes it vulnerable. Value is created through the associated software. In fact, we have almost reached the point where the actual product or device and the associated software become a single logical unit to the consumer.
read more
University’s Tor Hacking Research Funded by DoD
In response to a motion filed by the defense in the case of an alleged Silk Road 2.0 administrator, a judge has confirmed that US authorities funded Carnegie Mellon University to conduct research on the Tor anonymity network.
read more
OpenSSL Preparing Patches for High Severity Flaws
The OpenSSL Project announced today that it will release versions 1.0.2g and 1.0.1s to patch several vulnerabilities, including ones rated “high severity.”
The updates are scheduled for release on March 1 between 1pm and 5pm UTC, OpenSSL developers informed users.
read more
Critical Drupal Updates Patch Several Vulnerabilities
Drupal has released versions 6.38, 7.43 and 8.0.4 to patch a total of ten vulnerabilities, including one rated critical.
read more
Apple Chief Calls FBI iPhone Case ‘Bad for America’
Apple chief Tim Cook went public Wednesday in his battle with the FBI, saying that unlocking an iPhone in the name of fighting terrorism would be "bad for America."
"I think safety of the public is incredibly important — safety of our kids, safety of our families is very important," Cook said during a television interview with ABC News.
read more
API Flaw Exposes Nissan LEAF Cars to Remote Attacks
read more
Continue reading