Huge Cryptomining Attack on ISP-Grade Routers Spreads Globally

Carrier-grade MikroTik routers are delivering potentially millions of daily cryptomining pages to a single attacker.

FBI Releases Article on Securing the Internet of Things

Original release date: August 02, 2018 The Federal Bureau of Investigation (FBI) has released an article on the risks associated with internet-connected devices, commonly referred to as the Internet of Things (IoT). FBI warns that cyber threat actors can use unsecured IoT devices as proxies to anonymously pursue malicious cyber activities. As our reliance on IoT becomes an important part of everyday life, being aware of the associated risks is a key part of keeping your information and devices secure. …
Read More »

Podcast: Why Bitcoin Miners Target Critical Infrastructure Networks

Ronen Rabinovich from Cyberbit explains why malicious bitcoin mining malware is increasing on industrial control systems.

HP Offers Up to $10,000 Rewards for Printer Bugs

HP said it has launched the first-ever bug bounty program for printers, with rewards of up to $10,000 for discovered vulnerabilities.

Complex Malvertising Scheme Impacts Multiple Levels of Web Economy

A criminal posing as a legitimate website publisher on the AdsTerra online advertising network is using maliciously gathered traffic to deliver victims to exploit kits.

Jailhouse Tablets Allow Inmates to Steal Thousands of Dollars in Credits

After inmates hacked tablets with security vulnerabilities, a CenturyLink spokesperson told Threatpost the “vulnerability issue has been resolved.”

Connected Car Apps Open Privacy Hole For Used Car Owners

In a resale scenario, a previous owner could continue to have access to the online account – with all the new owner’s information stored within.

SB18-211: Vulnerability Summary for the Week of July 23, 2018

Original release date: July 30, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities …
Read More »

Sen. Wyden Urges Government Ban on Adobe Flash

Senator sends letter to NSA and NIST urging a mandate to stop using Adobe Flash by August 2019.

Bugs in Samsung IoT Hub Leave Smart Home Open To Attack

Researchers found 20 flaws in Samsung’s SmartThings Hub controller – opening up supported third-party smart home devices to attack.