SymmetricalDataSecurity: March 2016

Thursday, March 31, 2016

US, Canada issue alert on ransomware

Following a surge in ransomware attacks, the United States and Canada have issued a joint warning against falling victim to ransomware.

from Latest topics for ZDNet in Security http://ift.tt/1SDHoQZ

Reddit warrant canary disappears from transparency report

The popular link-sharing site is no longer prepared to say that it has never received a US National Security Letter.

from Latest topics for ZDNet in Security http://ift.tt/1MXZE3d

Data61, Cyber London sign security partnership

Data61 and Cyber London have signed an agreement to develop programs that will support and accelerate 'cyber innovation' in Australia and the United Kingdom.

from Latest topics for ZDNet in Security http://ift.tt/1SqpFtF

Singapore probes distributed analytics for IoT limitations

Local researchers are looking at technologies that can enable data to be analysed more efficiently within the limitations of Internet of Things, as Singapore aims to take the lead in the emerging market.

from Latest topics for ZDNet in Security http://ift.tt/1Vd5EM7

1,400 Flaws Found in Common Drug-Dispensing Machine

The computer-controlled dispensing cabinets are installed in hospitals and pharmacies around the world.

from http://ift.tt/1TlZskZ

Wells Fargo to Pay $8.5Mn in Privacy Suit

It will also pay $500,000 to the Privacy Rights Clearinghouse and the Consumer Protection Trust Fund—but no money will go directly to victims.

from http://ift.tt/1SpYUFG

Insider Threats Are Ubiquitous and Undetected

In most cases, insiders took advantage of granted, trusted access to data, rather than trying to directly hack in to databases and files.

from http://ift.tt/1TlZt8m

Pentagon Launches Month of Bug Finding

The Department of Defense is to launch a pilot program that will allow qualified participants to “Hack the Pentagon”.

from http://ift.tt/1q6DNCa

Cybercriminals are overcoming language and timezone barriers to cooperate on making malware more dangerous

Kaspersky researchers say Russian and Brazilian cybercriminals are trading tools and techniques to target their respective local victims

from Latest topics for ZDNet in Security http://ift.tt/1ooQ5Ut

Vulnerability Spotlight: Lhasa Integer Underflow Exploit

Talos is disclosing the discovery of vulnerability TALOS-2016-0095 / CVE-2016-2347 in the Lhasa LZH/LHA decompression tool and library. This vulnerability is due to an integer underflow condition. The software verifies that header values are not too large, but does not check for a too small header length. Decompressing a LHA or LZH file containing an […]

from Security – Cisco Blog http://ift.tt/1q5WLsx

Black Hat Asia: Decentralise security, devalue cyberattacks

Rather than deter hackers by making it difficult and costly to launch attacks, a more effective strategy involves deflating the value of successful breaches and decentralising security.

from Latest topics for ZDNet in Security http://ift.tt/1ValzdY

Bugtraq: Trend Micro (SSO) - (Backend) SSO Redirect & Session Vulnerability

Trend Micro (SSO) - (Backend) SSO Redirect & Session Vulnerability

from SecurityFocus Vulnerabilities http://ift.tt/25ypBBO

Bugtraq: Dorsa Web CMS - Multiple SQL Injection Vulnerabilities

Dorsa Web CMS - Multiple SQL Injection Vulnerabilities

from SecurityFocus Vulnerabilities http://ift.tt/1RNeI4L

Bugtraq: Docker UI v0.10.0 - Multiple Persistent Vulnerabilities

Docker UI v0.10.0 - Multiple Persistent Vulnerabilities

from SecurityFocus Vulnerabilities http://ift.tt/25ypE0E

Bitdefender releases crypto-vaccine for popular ransomware infections

The free tool can be used to clean systems locked by CTB-Locker, Locky and TeslaCrypt.

from Latest topics for ZDNet in Security http://ift.tt/1MVSxbB

Nine in Ten UK Consumers Worried About Smart Home Privacy

Data could be hacked and used against them, according to Intel Security research

from http://ift.tt/1TkSKvv

Four Security Solutions Not Stopping Third-Party Data Breaches

By Philip Marshall, Director of Product Marketing, Cryptzone A new breed of cyberattack is on the rise. Although it was practically unheard of a few years ago, the third-party data breach is rapidly becoming one of the most infamous IT security trends of modern times: Target, Home Depot, Goodwill, Dairy Queen, Jimmy John’s and Lowes are […]

The post Four Security Solutions Not Stopping Third-Party Data Breaches appeared first on Cloud Security Alliance Blog.

from Cloud Security Alliance Blog http://ift.tt/1UEJrs3