Three men plead guilty for roles in Mirai botnet empire, court documents show

The defendants, Paras Jha, Josiah White and Dalton Norman, were all labeled co-conspirators by the Department of Justice.

technology news

Researchers find zero-day exploit discovered on DirecTV hardware

by Patrick Howell O'Neill • 1 day ago

Despite being told six months ago, Linksys has yet to fix a zero-day found by Trend Micro researchers.

Here's what the newly signed NDAA means for cybersecurity

by Chris Bing • 2 days ago

President Trump signed the National Defense Authorization Act (NDAA) Tuesday, approving the $700 billion spending bill designed to fund the U.S. military and its various cybersecurity-focused initiatives.

Facebook patches security flaw based on 19-year-old bug; other sites may still be vulnerable

by Zaid Shoorbajee • 2 days ago

Researchers from the U.S. and Germany found a workaround that makes an old bug still applicable to major websites, with the ability to intercept passwords and other private information.

It's easy to fake Extended Validation certificates, research shows

by Patrick Howell O'Neill • 2 days ago

EV certificates — the files that tell a browser to show the little green lock — are supposed to make crystal clear who owns a website. There's a way around it, though.

Atos makes $5 billion bid for Gemalto

by Patrick Howell O'Neill • 2 days ago

Gemalto is the world's largest manufacturer of SIM cards and credit card chips but has posted lower-than-expected profits throughout the year.

Is Mailsploit really a threat to DMARC?

by Shaun Waterman • 3 days ago

A new security testing tool that enables email messages to be faked or spoofed, even if the recipients are protected by best practices, has garnered some strong criticism from email security advocates.

Menlo Security raises $40 million in Series C round

by Greg Otto • 3 days ago

Menlo’s business has grown on the back of its malware isolation platform.

Conficker worm still spreading despite being nearly 10 years old

by Patrick Howell O'Neill • 6 days ago

Approaching its silver anniversary, Conficker tallied over 2.5 million successful infections in 2017.

Hacking group turns Microsoft Office flaw into an exploit in less than a week

by Chris Bing • 6 days ago

APT34 has been especially active since mid-2016, based on publicly available research authored by analysts with FireEye and Kaspersky Lab.

This country's hacking efforts have become too big to ignore

by Chris Bing • 7 days ago

While hackers linked to China, North Korea and Russia earned headlines over the past year, similar groups in Iran have been drawing far less attention.

Critical vulnerability found in Microsoft Malware Protection Engine

by Patrick Howell O'Neill • 7 days ago

The vulnerability was found and reported by an organization under GCHQ.

Stanford U. official ousted after keeping quiet about huge exposure of sensitive data

by Patrick Howell O'Neill • 1 week ago

The data exposure led to controversy about how the school said it dealt out financial aid versus how the process actually worked in practice.

Ethiopia using Israeli spyware to spy on dissidents, journalists

by Patrick Howell O'Neill • 1 week ago

A Citizen Lab researcher, Bill Marczak, was also targeted during the course of the investigation.

Pepsi denies claim that it hacked Russian government watchdog

by Greg Otto • 1 week ago

A strange tale of government bureaucracy comes to light in Russia.

Android developer apps suffered from multiple severe vulnerabilities

by Patrick Howell O'Neill • 1 week ago

One vulnerability allowed for an attacker to execute code remotely on a victim's computer, effectively handing full control over to the hacker.

Roy Moore scandal used for phishing schemes aimed at U.S. law firms

by Chris Bing • 1 week ago

A group loosely connected to China is trying to capitalize on the scandal surrounding the special election in Alabama.

U.K. cyber agency tells government to handle Russian anti-virus software with caution

by Zaid Shoorbajee • 1 week ago

The guidance stops short of banning any software outright, but warns that national agencies should avoid using Russian anti-virus software in the interest of national security.

Watchdog questions DoD about Cyber Command's work with private sector, civilian agencies

by Chris Bing • 1 week ago

The role the military, intelligence community or DHS plays in stopping digital attacks aimed at the U.S. economy can appear blurred at times.

Why Eugene Kaspersky keeps talking about 'Project Sauron'

by Chris Bing • 2 weeks ago

Kaspersky Lab founder and CEO Eugene Kaspersky says he's figured out why the U.S. government hates his company.

Uber security executives leave company amid lawsuit and breach investigation

by Zaid Shoorbajee • 2 weeks ago

Two security employees are resigning, and another is taking medical leave. All three were apparently working at Uber during the October 2016 breach.

Continue to CyberScoop.com