Security News

A recently uncovered attack campaign that stayed under the radar since May 2018 has targeted Microsoft SQL servers with backdoors and crypto-miners, Guardicore Labs reveals. Attacks begin with MS-SQL brute force login attempts and continue with a series of configuration changes to allow command execution.

Crypto systems, in contrast, are often perceived to already be hardened and less vulnerable than software applications. You'll also want to evaluate exposure to attack, the sensitivity of information that is being protected, and whether there's support for crypto agility to determine if the system will need to be replaced by something more agile.

Anti-virus firm Emsisoft on Friday announced that it's developed a free decryptor for PwndLocker ransomware. There's a ransomware which we just call PwndLocker.

In South America many of the governments that were using Crypto machines were engaged in assassination campaigns. I mean, they're using Crypto machines, which suggests that the United States intelligence had a lot of insight into what was happening.

It looks like Switchzilla is moving swiftly to clear up the Krook bug discovered by ESET. Just hours after the researchers delivered their findings in a report, Cisco gave its own advisory on the Wi-Fi data snooping flaw. Missing C++ update opens security hole in Ubuntu 16.04.

British spies are once again stipulating that tech companies break their encryption so life is made easier for state-sponsored eavesdroppers. The head of the domestic spy agency, Sir Andrew Parker, demanded that companies such as Facebook compromise the security of their messaging products so spies could read off the contents of messages at will.

You appear to be a knowledgable individual, however I just think is a disservice to humanity to iterate Donald Rumsfelds saying about unknown unknowns, and so to clarify, it was you that brought along the saying about 'known knows', 'unknowns knowns' and 'unknown unknowns'. A danger here imo, in having this exclusive way of describing things, in thinking that the very things projected in a theory, are real, such that doubts or questions about their existence becomes something of an impossibility because they are not only speculatively assumed, but they presumably become something like an existential, like an tangible emotion or required thinking, a very powerful influencing moment in thinking, because of how such actualizes your understanding of the world, even when confronted with say objections.

Swiss encryption machine company Crypto AG was secretly owned by the CIA and a West Germany spy agency at the height of the Cold War, according to explosive revelations in Swiss and German media today. Although rumours had swirled for decades around Crypto AG and the backdooring of its products by the West - cough, cough, NSA - and not forgetting careless remarks by former US prez Ronald Reagan, today's publications by Swiss broadcaster SRF and German broadcaster ZDF confirm those old suspicions.

The vulnerability is undoubtedly very serious, but in the days since its disclosure I have started to wonder if there is a silver lining to this cloud. First, it appears this vulnerability only affects the latest editions of Windows, including Windows 10, Windows Server 2016, Windows Server 2019 and their derivatives.

Exploits for Citrix ADC and Gateway flaw abound, attacks are ongoingWith several exploits targeting CVE-2019-19781 having been released over the weekend and the number of vulnerable endpoints still being over 25,000, attackers are having a field day. January 2020 Patch Tuesday: Microsoft nukes Windows crypto flaw flagged by the NSAAs forecasted, January 2020 Patch Tuesday releases by Microsoft and Adobe are pretty light: the "Star of the show" is CVE-2020-0601, a Windows flaw flagged by the NSA that could allow attackers to successfully spoof code-signing certificates and use them to sign malicious code or intercept and modify encrypted communications.