Monday, February 27, 2017
           (757) 873-6707                     Monday - Friday, 9 am - 5:30pm
Rook Security on Online Extortion Mat Gangwer, CTO, and Tom Gorup, Security Operations Lead, at Rook Security talk to Mike Mimoso about the aggressive rise in online extortion and how it threatens not only data but physical safety.
Windows Botnet Spreading Mirai Variant A Windows-based botnet is spreading a Mirai variant that is also capable of spreading to Linux systems under certain conditions, Kaspersky Lab researchers said.
Squirrels, Not Hackers, Pose Biggest Threat to Electric Grid According to Marcus Sachs, CSO with the North American Electric Reliability Corporation, doomsday fears of a cyberattack against the U.S. electric grid are overblown.
Schneier Brings Campaign for IoT Regulation to RSA Citing IoT insecurity, Bruce Schneier called on technologists to get involved with IoT policy at RSA.

Latest News

Researchers Uncover New Leads Behind Shamoon2

Researchers from Arbor Networks' Security Engineering and Response Team (ASERT) say they have unearthed fresh leads on the tools and techniques used in the most recent wave of Shamoon attacks.

Threatpost News Wrap, February 24, 2017

Mike Mimoso and Chris Brook recap RSA and discuss the news of the week including the impact of Cloudflare's \\"Cloudbleed\\" bug, Google breaking SHA-1, and more.

Cloudflare Bug Leaks Sensitive Data

Cloudflare has fixed an issue where its customer traffic was leaking memory that included sensitive information including authentication cookies, POST data and more.

Policy Experts Push To Make Vulnerability Equities Process Law

By making the Vulnerability Equities Process law, advocates of the idea argue there would be more reliability, transparency and accountability in the process of government vulnerability disclosure.

First Practical SHA-1 Collision Attack Arrives

Researchers unveiled the first-ever practical collision attack the cryptographic hash function SHA-1.

Impact of New Linux Kernel DCCP Vulnerability Limited

Existing mitigations and limitations around a newly disclosed Linux kernel vulnerability in the DCCP module mute the potential impact of local attacks.

Java, Python FTP Injection Attacks Bypass Firewalls

Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses.

Publicly Disclosed Windows Vulnerabilities Await Patches

Microsoft's delayed release of its February security bulletins leaves users exposed to a pair of already publicly disclosed vulnerabilities.

Criminals Monetizing Attacks Against Unpatched WordPress Sites

Sites still vulnerable to a REST API endpoint flaw in WordPress are now being targeted by attackers trying to turn a profit.

Google Upspin Secure File-Sharing Released to Open Source

New file-sharing protocols and interfaces called Upspin have been released to open source. Built by Google, Upspin returns access control and data security to the user.