Microsoft published its Patch Tuesday advance notification, advising IT shops to be ready for nine bulletins, including three critical patches.
Tag Archives: Web Security
Rovnix Variant Surfaces With New DGA
Researchers have unearthed a new version of the Rovnix malware that has a couple of additional features, including a new domain generation algorithm and a secure transmission channel for communicating with the command-and-control servers. Rovnix is a malware variant that often has been distributed by other kinds of malware. Last year Microsoft warned users about a […]
Shellshock Exploits Spreading Mayhem Botnet Malware
Researchers at Malware Must Die published a report that hackers are spreading Mayhem botnet malware in exploits targeting the Shellshock vulnerability in Bash.
Wyden: Surveillance is a ‘Clear and Present Danger’ to the Digital Economy
The pervasive dragnet surveillance of Americans revealed by the Edward Snowden documents has caused serious damage to the trust that enterprises and citizens had in the United States government and unless that trust is repaired, it could have serious effects on the Internet economy, a panel of prominent technology executives said. In a town hall meeting […]
Google Fixes 159 Flaws in Chrome
Google updates its Chrome browser on a very aggressive timeline, often a couple of times a month. Usually, each update includes a handful of security fixes, maybe 12 or 15. On Tuesday, the company released Chrome 38, which patched a staggering 159 vulnerabilities. The huge majority of those patches–113 of them–fix minor vulnerabilities in the […]
Arbor: DDoS Attacks Getting Bigger as Reflection Increases
New reflected distributed denial of service attack techniques are increasing the volume of each attack as well as the overall frequency of large-scale DDoS attacks.
Twitter Files Suit Over Government Restrictions on National Security Letter Data
Twitter has filed a lawsuit in federal court asking that the United States Department of Justice’s prohibitions on publishing the number and kind of government requests for data the company receives be declared unconstitutional. The suit claims that the rules infringe on Twitter’s right to free speech by requiring that the company “engage in speech […]
Yahoo Confirms Infected Servers Unrelated to Shellshock
Yahoo CISO Alex Stamos confirmed that three servers had been infected with malware by hackers looking for machines vulnerable to Shellshock.
Bugzilla Vulnerability Puts Bug Collections in Harm’s Way
A vulnerability in the account creation process in Bugzilla, bug-tracking software developed and licensed by Mozilla, exposes vulnerabilities collected by the system. Mozilla is expected to patch the vulnerability today.
Experts Laud Changes to iPhone, Android Encryption
The changes that both Google and Apple have made to their mobile operating systems to encrypt the data on users’ devices have generated praise from the security and privacy communities and vitriol and criticism from the law enforcement and political worlds in equal measure.