News

Salted Hash Ep 17: Spectre and Meltdown, a vehicle that no one is using

Welcome to another episode of Salted Hash. This week, Salted Hash is joined by our new Staff Writer, J.M. Porup, to talk about some recent developments related to Spectre and Meltdown, including patch fixes, future mitigations, and a...

steal theft hacker crime laptop firewall

3 leaked NSA exploits work on all Windows versions since Windows 2000

The EternalSynergy, EternalRomance, and EternalChampion exploits have been reworked to work on all vulnerable Windows versions: Windows 2000 -- Server 2016.

fingerprint scan biometric security system

Baltimore Police to use fingerprint scanning to combat overtime fraud

In light of the Baltimore Police Department’s Gun Trace Task Force scandal, the police will use fingerprint scans to clock in and out of work.

network security primary2

The Qubes high-security operating system gains traction in the enterprise

Qubes OS defends at-risk enterprise users from targeted attacks, as well as drive-by malware and the Meltdown exploit.

scareware example

Microsoft to delete software that scares users into buying upgrades

Windows Defender and other Microsoft security products will detect and remove "unwanted" programs that use coercive messages to scare users into buying premium versions of free programs.

cisco

Cisco VPN remote code execution flaw rated 10 out of 10 for severity

Cisco devices running Adaptive Security Appliance software have a remote code execution and denial of service bug. And it's as bad as it gets -- rated 10 out of 10 for severity.

pile of credit cards financial tech

Using better data to fight credit card fraud

Galileo Processing uses artificial intelligence to more accurately identify fraudulent credit card transactions. It's an example of how AI can be a powerful security technology.

meltdown spectre

Microsoft releases Windows patch to disable Intel's buggy Spectre fix

Microsoft released an emergency Windows patch to disable Intel's buggy Spectre fix that could cause reboots, instability issues and 'data loss or corruption.'

dsc04854

Buggy Malwarebytes protection update wreaks havoc for users

Malwarebytes pushed out a protection update that gobbled up memory and CPU resources and turned off web protection; the first fix still left users with unusable or crashing computers, but the latest release resolved the issue.

business merger

Cybersecurity M&A deal flow: List of 200 transactions in 2017

Rising tide of mergers and acquisitions in the trillion-dollar cybersecurity market.

17 open source table laptop group

Are the BSDs dying? Some security researchers think so

To few eyeballs on code is a security issue. Can FreeBSD, OpenBSD, and NetBSD survive?

ransomware data laptop

Hackers lure victims with fake cryptocurrency SpriteCoin

Beware of the SpriteCoin double whammy: The fake cryptocurrency installs ransomware and more malware if the ransom is paid.

Diablo III: Reaper of Souls

Hackers could have exploited flaw in all Blizzard games

Blizzard stopped talking with the Google security researcher who discovered the flaw and bungled the silently deployed patch to stop hackers from hijacking millions of PCs.

cyber attack virus meltdown

How bad are Meltdown and Spectre?

Some people aren't taking hardware vulnerabilities like Meltdown and Spectre seriously. Here's a point-by-point rebuttal to their arguments.

security training ts

Are bad analogies killing your security training program?

Humans make irrational decisions under pressure. Security training needs to focus on changing behavior, not just raising awareness. Using effective analogies can help.

amazon go

Amazon Go grocery store: No checkout lines, ‘just grab and go’

Amazon opened its first high-tech grocery store in Seattle. With no human or self-service checkouts, cameras and sensors track what you take off the shelves.

salted hash cms hero th3

Salted Hash Ep 15: The state of security now and the not too distant future

This week, Salted Hash is joined by Rob Lee, faculty fellow at the SANS Technology Institute, to talk about preventable IT security and the state of the industry as 2018 gets underway.

medical records laptop doctor

Allscripts recovering from ransomware attack that has kept key tools offline

Allscripts, the billion-dollar electronic health record (EHR) company headquartered in Chicago, IL said they were still working to recover from a ransomware attack that left several applications offline after data centers in Raleigh...

Android mobile phone

Dark Caracal: Hacking group targets Android smartphones

An advanced persistent threat (APT) group named Dark Caracal used Android spyware to steal hundreds of gigabytes of sensitive data from more than 21 countries.

oneplus 5t dual camera

OnePlus says up to 40,000 customers affected by credit card breach

OnePlus, the company behind a popular line of Android devices, said on Friday that up to 40,000 customers might be at risk after a malicious script compromised payment card data during the checkout process.

Load More