Sunday, June 25, 2017
           (757) 873-6707                     Monday - Friday, 9 am - 5:30pm
Say Goodbye to SMBv1 in Windows Fall Creators Update The SMBv1 file-sharing protocol abused by the NSA’s EternalBlue exploit to spread WannaCry ransomware is being disabled in the upcoming Windows Fall Creators Update, or Redstone 3.
FIN10 Extorting Canadian Mining Companies, Casinos A string of data thefts targeting North American mining companies and casinos are extorting as much as $620,000 from victims.
Mexican Journalists, Lawyers Focus of Government Spyware Dozens of Mexican journalists, lawyers, and even a child, were hit with Pegasus, commercially-produced spyware, as part of a campaign believed to be carried out by the nation’s government.
Nigerian BEC Scams Hit 500 Companies in 50 Countries A Kaspersky Lab report on Thursday said an especially potent Nigerian Business Email Compromise campaign has stolen sensitive data from over 500 companies in 50 countries.

Latest News

Siemens Patches Vulnerabilities in SIMATIC CP, XHQ

Siemens patched two vulnerabilities in products, SIMATIC CP and XHQ, commonly found in industrial control system setups this week

Few Victims Reporting Ransomware Attacks to FBI

The FBI's Internet Crime Complaint Center (IC3) identified ransomware as one of 2016's top threats, but a relatively small number of attacks were reported.

Threatpost News Wrap, June 23, 2017

Mike Mimoso and Chris Brook discuss the news of the week, including Citizen Lab's latest report, WannaCry hitting Honda, GhostHook, and Fireball.

NSA Advocates Data Sharing Framework

Fighting attackers needs a new approach that leverages a public-private data sharing framework, enabling immediate and collective responses.

Cisco Patches XXE, DOS, Code Execution Vulnerabilities

Cisco patched three vulnerabilities in three products this week that if exploited, could have resulted in a denial of service, crash and in some instances, arbitrary and remote code execution.

Cisco Patches XXE, DOS, Code Execution Vulnerabilities

Cisco patched three vulnerabilities in three products this week that if exploited, could have resulted in a denial of service, crash and in some instances, arbitrary and remote code execution.

Average Cost of Breach Goes Down For the First Time Ever

The good news is the cost of a data breach is down double-digits, the bad news the size and scope of breaches is creeping up.

Microsoft Says Fireball Threat ‘Overblown’

Check Point has toned down its initial estimates on the number of Fireball malware infections from 250 million machines and 20 percent of corporate networks to 40 million computers.

Drupal Patches Three Vulnerabilities in Core Engine

Developers with Drupal patched three vulnerabilities, one critical, one being exploited in the wild, in Drupal’s core engine on Wednesday.

GhostHook Attack Bypasses Windows 10 PatchGuard

Researchers at CyberArk have developed a bypass for Windows PatchGuard that leverages Intel's Processor Trace (Intel PT) technology to execute code at the kernel.