Don't-Miss Security Stories

atm cash machine money

Authorities dismantle criminal gang that used malware to steal cash from ATMs

Law enforcement authorities from Romania and Republic of Moldova dismantled a gang of criminals that stole 200,000 euros from ATMs in the E.U. and Russia after infecting them with a malware program.

ProPublica joins the Dark Web with .onion version of news site

ProPublica is now the biggest news site on the Dark Web. The independent news organization recently launched its own .onion address.

St Basils Cathedral, Moscow Russia

Russian group suspected to be linked to Ukraine power station cyberattack

A cyberattack that knocked out power in the Ukraine last month is believed to have been initiated by a hacking group with strong Russian interests.

Security online

Android-powered smart TVs targeted by malicious apps

Smart TVs running older versions of Android are being targeted by several websites offering apps containing malware, according to Trend Micro.

drupal7

Drupal sites at risk due to insecure update mechanism

The update mechanism of the popular Drupal content management system is insecure in several ways, allowing attackers to trick administrators into installing malicious updates.

Digital Key

Continued support for MD5 endangers widely used cryptographic protocols

Researchers from the INRIA institute in France have devised several attacks which prove that the continued support for MD5 in cryptographic protocols is much more dangerous than previously believed.

Uber app in Boston

Uber to pay $20,000 in settlement on privacy issues with New York attorney general

Uber has agreed to pay a penalty of US$20,000 in a settlement with New York Attorney General Eric T. Schneiderman for delaying in reporting to drivers the data breach of their personal information in 2014.

SSL padlock icon

Malvertising campaign used a free certificate from Let's Encrypt

Cybercriminals are taking advantage of an organization that issues free digital certificates, sparking a disagreement over how to deal with such abuse.

Digital Key

Third try is no charm for failed Linux ransomware creators

Researchers found a flaw that allows them to decrypt files affected by a new version of Linux.Encoder, a file-encrypting ransomware program that infects Linux Web servers.

ADT

ADT to extend its professional security-monitoring service to third-party hardware

The security provider says it plans to offer its services for a variety of devices including wearables and connected home platforms like Samsung's SmartThings and Wink Hubs.

Security online

Exploit broker places $100k bounty on bypassing Flash Player's latest defenses

Exploit acquisition firm Zerodium is offering up to $100,000 for exploits that bypass Flash Player's latest heap isolation protection.

150817 google marshmallow 03

Google fixes dangerous rooting vulnerabilities in Android

Media processing and kernel privilege escalation flaws were patched in the January Android security update.

Danalock

The Danalock gets a price cut for CES, as its manufacturer demos a new keypad, fob, and garage-door controller

Poly-Control will reduce the price of its Danalock to $129 starting February 15, and the smart deadbolt's new price will be $149 following the temporary promotion.

Web attack silently modifies DNS configurations in routers

BlackEnergy cyberespionage group adds disk wiper and SSH backdoor to its arsenal

A cyberespionage group focused on companies and organizations from the energy sector has recently updated its arsenal with a destructive data-wiping component and a backdoored SSH server.

anonaboxpro

Anonabox launches three new privacy-protecting devices to hide your online activities

With the Kickstarter controversy behind it, Anonabox is back with three new products for easily routing your web traffic over the Tor network or a VPN.