Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
Wireshark version 3.4.7 was released. There's one vulnerability fix (DNP dissector crash) and 3 bug fixes. Didier Stevens Senior handler Microsoft MVP blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Source: SANS storm
Continue ReadingHere’s an overview of some of last week’s most interesting news and articles: Kaseya obtains universal REvil decryptor There’s finally some good news for the MSPs and their customers that have been hit by the REvil ransomware gang via compromised Kaseya VSA software: a universal decryptor has made it available to affected organizations. DDoS attacks […]
Continue Reading
Researchers: Home and Office Connected Devices Vulnerable to AttackWith corporate America beginning to ask employees to come back to their offices in the fall, cybersecurity teams have a huge task before them to ensure their work environment is safe. This is particularly true of IoT devices, as many have been left unprotected for months. Source: […]
Continue Reading
Phew, this was a really bad week for Microsoft (and a lot of reading for all of us). And just when we thought that the fiasco with the SAM hive was over, a new vulnerability popped up, which is much, much more dangerous unfortunately – it allows a user to completely take over a Windows […]
Continue Reading
A few days ago, I found an interesting file delivered by email (why change a winning combination?). The file has a nice extension: “.daa” (Direct Access Archive). We already reported such files in 2019 and Didier wrote a diary[1] about them. Default Windows installation, can’t process “.daa” files, you need a specific tool to open […]
Continue Reading
OIG Audit Shows Consumer Applications Inadequately ProtectedU.S. Customs and Border Protection has not always protected its Mobile Passport Control applications, making travelers’ personally identifiable information vulnerable to exploitation, according to a new report from the Department of Homeland Security’s Office of the Inspector General. Source: Bank Info Security
Continue Reading
Discussion Also Addresses Telecom Security IssuesIn the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the use of commercially available spyware and security risk management in the telecom sector. Source: Bank Info Security
Continue Reading
Senate Bill Would Require CISA to Identify and Respond to ICS ThreatsA bipartisan group of senators is pushing a bill that would require CISA to identify and respond to vulnerabilities and threats that target industrial control systems. The House has already passed a similar measure. Source: Bank Info Security
Continue ReadingAs ransomware continues to pummel organizations, if they do get hit, then from an incident response standpoint, what are the essential steps they should take to smooth their recovery? Veteran ransomware-battler Fabian Wosar, CTO of Emsisoft, shares essential steps and guidance for recovery. Source: Bank Info Security
Continue ReadingThis edition of the ISMG Security Report features an analysis of ongoing investigations into the use of NSO Group’s Pegasus spyware to spy on dissidents, journalists, political rivals, business leaders and even heads of state – and discussion of whether the commercial spyware business model should be banned. Source: Bank Info Security
Continue Reading