Friday, May 26, 2017
           (757) 873-6707                     Monday - Friday, 9 am - 5:30pm
Android Overlay and Accessibility Features Leave Millions at Risk Researchers warn two features, not flaws, in Android can be used together to open devices up to attack.
Twitter Flaw Could Have Allowed Attacker to Tweet From Any Account Twitter fixed a flaw in its Twitter Ads service could have allowed an attacker to tweet as any user.
Malware Network Communication Provides Better Early Warning Signal An academic paper to be presented today at IEEE posits that analysis of network signals provides a better early warning of malware than infections than current practices.
WordPress Fixes CSRF, XSS Bugs, Announces Bug Bounty Program WordPress fixed six vulnerabilities with version 4.7.5 and announced a bug bounty program with HackerOne this week.

Latest News

Rash Of Phishing Attacks Use HTTPS To Con Victims

Phishing sites are deploying freely available TLS certificates in order to dupe victims into thinking they're visiting a safe site.

Keybase Extension Brings End-to-End Encrypted Chat To Twitter, Reddit, GitHub

A recently released extension for Chrome, developed by the public key crypto database Keybase, brought end-to-end encrypted messaging to several apps this week.

Revised Active Defense Bill Allows Victims to Recover or Destroy Stolen Data

Rep. Tom Graves has revised a draft of the Active Cyber Defense Certainty Act with new provisions that include mandatory notification and permission to recovery or destroy stolen data on the attacker’s computer.

WannaCry Ransom Note Written by Chinese, English Speaking Authors

A linguistics analysis of the 28 ransom notes included with WannaCry indicate that native Chinese and English speakers wrote the original note, Flashpoint said.

Samba Patches Wormable Bug Exploitable With One Line Of Code

The Samba Team has patched a severe bug that leaves computers vulnerable to wormable exploit.

Subtitle Hack Leaves 200 Million Vulnerable to Remote Code Execution

Attackers can remotely execute code on targeted systems via specially crafted subtitle files for videos.

Google Elevates Security in Android O

Android O, due in the third quarter, figures to elevate the security of the mobile OS with new features focused on improved third-party patching, a new permission model and hardening of existing features.

Yahoo Retires ImageMagick After Bugs Leak Server Memory

Researcher Chris Evans reported a new bug and showed how also used a previously known flaw in ImageMagick to leak Yahoo server data and steal images and authentication secrets.

Apple Receives First National Security Letter, Reports Spike in Requests for Data

Apple revealed this week that it received at least one National Security Letter from the U.S. government for user data during the last six months of 2016