Month: December 2016

The Weird and Wild Stories of 2016
Device Security, Hacking

The Weird and Wild Stories of 2016

There are any number of adjectives one could employ to describe 2016, most of which can’t be printed here. One of the gentler descriptors we can use is “interesting”. This year was nothing if not interesting. There were data breaches of epic proportions, companies getting owned in new and creative ways, and […]

FDA Sets Guidance on Medical Device Security
Device Security, Hacking

FDA Sets Guidance on Medical Device Security

The Food and Drug Administration has published new recommendations for both manufacturers and regulators on how to deal with security for medical devices, including implantable devices. Calling device security a shared responsibility, the FDA guidance focuses on the postmarket cybersecurity issues, such as vulnerability response and remediation. The new document is not […]

New Leet Botnet Generating Huge DDoS Floods
Hacking

New Leet Botnet Generating Huge DDoS Floods

A new botnet that is capable of some of the larger DDoS attacks ever seen has emerged in the last few days, launching floods of up to 650 Gbps and using a unique payload that researchers say is effective at evading security systems. The network came to light on Dec. […]

Critical Vulnerability Haunts Popular PHP Library
Hacking

Critical Vulnerability Haunts Popular PHP Library

There’s a critical security vulnerability in the PHPMailer library, a flaw that could allow an attacker to execute arbitrary code. The bug can be exploited remotely and a researcher already has released proof-of-concept exploit code for it. The PHPMailer library is used in a large number of web applications and open […]

On the Wire Podcast: Michael Tiffany
Hacking, Identity, Podcast

On the Wire Podcast: Michael Tiffany

Cybercriminals depend upon the income they generate from their schemes to fund further operations, and one of the main ways that they extract money from victims is through ad fraud. This week, researchers at White Ops disclosed the existence of the Methbot ad fraud network, which is using a sophisticated […]