Security News > 2017 > November

Stealthy in-browser cryptomining continues even after you close window
2017-11-30 21:39

In-browser cryptocurrency mining is, in theory, a neat idea: make users’ computers “mine” Monero for website owners so they don’t have to bombard users with ads in order to earn money....

Police vs Privacy: US Supreme Court Looks at Cell Phone Tracking
2017-11-30 20:27

Where do we go? Who do we talk to? What do we read about? Our mobile phones are troves of personal, private information, and the US Supreme Court weighed Wednesday how easily police should be able...

Cisco Patches Critical Playback Bugs in WebEx Players
2017-11-30 19:22

A Cisco Systems security advisory is urges users of its WebEx platform to patch six vulnerabilities that could allow attackers to execute remote code.

UK shipbroker Clarksons refuses to pay hackers ransom for stolen data
2017-11-30 19:14

London-based shipbroking firm Clarksons has suffered a data breach and refuses to pay the attackers to prevent the stolen data from being publicly released. About the Clarksons data breach “Our...

Patch of Dirty COW Vulnerability Incomplete, Researchers Claim
2017-11-30 18:28

The “Dirty COW” vulnerability (CVE-2016–5195) discovered last year in Linux was incompletely patched, Bindecy researchers say. read more

Trust Your Security Vendor, 'They Have Access to Everything You Do,' Says F-Secure Research Chief
2017-11-30 17:03

The DHS ban on government agencies using Kaspersky Lab's security products has reverberated around the security industry. The concern is not simply whether the Moscow-based security firm has...

RAT Distributed Via Google Drive Targets East Asia
2017-11-30 17:02

Researchers say a new remote access Trojan dubbed UBoatRAT is targeting individuals or organizations linked to South Korea or video games industry.

Start with the Threat to Prioritize Patching
2017-11-30 16:15

By Starting With the Threat You Can Easily Prioritize Vulnerabilities and “Embrace the Grey” read more

Richard Ford: A physicist’s strange journey to become an infosec scientist
2017-11-30 15:15

Many of today’s information security professionals started their path towards a career in the industry by becoming frustrated gamers. Richard Ford, Chief Scientist at Forcepoint, is one of them....

Triggered via malicious files, flaws in Cisco WebEx players can lead to RCE
2017-11-30 15:04

Cisco has plugged six security holes in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files that could be exploited by remote attackers...