Google Starts Labeling All HTTP Sites as ‘Not Secure’
Any Chrome user visiting an HTTP website will see an impossible-not-to-notice warning label that the site is “not secure.” Go to Source
Emotet Malware Evolves Beyond Banking to Threat Delivery Service
The Emotet malware is back in full force in 2018 – and is now expanding its capabilities to act as a distributor of threats for other attack groups. Go to Source
Apache, IBM Patch Critical Cloud Vulnerability
The flaw opened a hole in IBM’s serverless Cloud Functions platform, potentially exposing confidential customer data. Go to Source
Bluetooth Bug Allows Man-in-the-Middle Attacks on Phones, Laptops
A high-severity flaw could result in attackers intercepting information, elevation of privilege and/or denial of service. Go to Source
New Spectre-Level Flaw Targets Return Stack Buffer
The most recent Spectre-class flaw targets a component in CPUs called the return stack buffer. Go to Source
Spectre Will Haunt Us For a Long Time
These vulnerabilities have existed for over 20 years, and we are not even close to closing the door on these significant risks. Go to Source
Leaky Backup Spills 157 GB of Automaker Secrets
Ford, Toyota, GM and Tesla among car companies impacted by leaky backup service used by third-party firm. Go to Source
Facebook Suspends Analytics Firm Over Surveillance Concerns
Facebook is launching an investigation into whether Crimson Hexagon’s collection of public user data was a violation of its data policies. Go to Source
ThreatList: Supply-Chain Defenses Need Improvement
Few organizations are prepared to mitigate supply-chain risks, despite a majority of them acknowledging they are a huge cyber threat. Go to Source
Massive Malspam Campaign Finds a New Vector for FlawedAmmyy RAT
Hundreds of thousands of emails are delivering weaponized PDFs containing malicious SettingContent-ms files. Go to Source