Dear etechnews today,
Your weekly security newsletter from theregister.co.uk
for the week ending 28th April 2014
Advertisement
CISSP Live OnLine Training
Get the Official (ISC)2 instructor-led training from the convenience of your computer. Course available from July 15 to September 4 and includes Exam voucher, classroom manual and (ISC)2 study guide.
Click here http://reg.cx/2ajj
*** Security News ***
Oops, we did it again! Microsoft warns of new and nasty IE zero day
Remote code execution vulnerability impacts all IE versions from 6 to
11
http://www.theregister.co.uk/2014/04/27/oops_we_did_it_again_microsoft_warns_of_ie_zero_day/
Yes, there is now BITCOIN-MINING MALWARE for Android
No, it doesn't really work
http://www.theregister.co.uk/2014/04/25/yes_there_is_now_bitcoinmining_malware_for_android/
Innocent surfers drafted into ZOMBIE ARMY by sneaky XSS vuln
Javascript snafu turned 22,000 bods into unwitting DDoSers
http://www.theregister.co.uk/2014/04/25/video_surfers_bit_by_website_zombie_bug/
UK bank heist-by-KVM gang sent down for 24 years after nicking £1.2m
Canny crooks lived high life with flash watches and Macs, say cops
http://www.theregister.co.uk/2014/04/25/kvm_crooks_jailed/
Bevy of tech behemoths aim to plug the next Heartbleed with DOLLARS
Web, IT goliaths to pour gold into more open-source code
http://www.theregister.co.uk/2014/04/24/linux_foundation_core_infrastructure/
LulzSec's Sabu hacked foreign gov sites while under FBI control – NYT
'Bank records to login information' dumped on feds' server, it's
claimed
http://www.theregister.co.uk/2014/04/24/fbi_snitch_tied_to_foreign_gov_hacking/
Reg probe bombshell: How we HACKED mobile voicemail without a PIN
Months after Leveson inquiry, your messages are still not secure
http://www.theregister.co.uk/2014/04/24/voicemail_still_easy_to_hack/
Bank of England seeks 'HACKERS' to defend vaults against e-thieves
Report: 20 major cash-holders to be probed by white hats
http://www.theregister.co.uk/2014/04/24/ethical_hackers_drafted_to_probe_banks/
AuDA starts final round of DNSSEC tests
August go-live
http://www.theregister.co.uk/2014/04/24/auda_starts_final_round_of_dnssec_tests/
Researchers slurp unencrypted Viber messaging data with ease
Images, videos, location and other data easily exposed, they claim
http://www.theregister.co.uk/2014/04/24/rakuten_viber_unencrypted_data_flaws/
Cisco: Hey, IT depts. You're all malware hosts
Security report also notes skills shortage
http://www.theregister.co.uk/2014/04/24/cisco_youre_ialli_malware_hosts/
Apple stabs Heartbleed bug in AirPort Extreme, Time Capsule gear
Don't worry, everything else is still safe ... we think
http://www.theregister.co.uk/2014/04/24/apple_posts_updates_for_heartbleed_flaw_in_airport/
Apple splats 'new' SSL snooping bug in iOS, OS X - but it's no
Heartbleed
Triple-handshake flaw stalks Macs and iThings
http://www.theregister.co.uk/2014/04/23/apple_ssl_update/
Sat comms kit riddled with backdoors for hackers – researcher
Right, shipmate, identify yourself. LOL? What's your meaning?
http://www.theregister.co.uk/2014/04/23/sat_comm_vulns/
Think-tank to infosec: You're doing it wrong
Cyber risks 'similar to 2008 crash'
http://www.theregister.co.uk/2014/04/23/thinktank_to_infosec_youre_doing_it_wrong/
Japan airport staff dash to replace passcodes after security cock-up
Haneda employee drops key codes ahead of Obama visit
http://www.theregister.co.uk/2014/04/23/tokyo_haneda_passcode_loss_obama/
Cisco kicks off security kit/software/cloud combo
Realtime protection, apparently
http://www.theregister.co.uk/2014/04/23/cisco_kicks_off_security_kitsoftwarecloud_combo/
Kill dodgy RNG says NIST
But you already knew that, right?
http://www.theregister.co.uk/2014/04/23/kill_dodgy_rng_says_nist/
AOL Mail locks down email servers to deal with spam tsunami
Security problems like it's 1995
http://www.theregister.co.uk/2014/04/23/aol_mail_locks_down_email_servers_to_deal_with_tsunami_of_spam/
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
http://www.theregister.co.uk/2014/04/22/apple_ios_7_1_1_os_x_security_updates/
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
http://www.theregister.co.uk/2014/04/22/openssl_fork_libressl/
Despite your fancy-schmancy security tech, passwords still weakest link
in IT defences
So concludes Verizon's new global data-breach probe
http://www.theregister.co.uk/2014/04/22/verizon_breach_report/
Fixing OpenSSL's Heartbleed flaw will take MONTHS, warns Secunia
The bug that keeps on giving
http://www.theregister.co.uk/2014/04/22/heartbleed_repairs_may_take_months/
Google to refund buyers of 'fake' anti-virus app
Here's a little chocolate...
http://www.theregister.co.uk/2014/04/22/google_to_refund_buyers_of_fake_antivirus_app/
Google boffins beat own Captchas
The StreetView numbers game
http://www.theregister.co.uk/2014/04/22/google_boffins_beat_own_captchas/
*** Whitepaper ***
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
http://whitepapers.theregister.co.uk/d/ca9/9e7f3/71f/73842d38?td=week_sec_e
------------------------------------------------------------------------
This email was sent to garn14.tech@blogger.com
To change your email or your email subscriptions
http://account.theregister.co.uk/login/
To unsubscribe from all The Register newsletters
http://account.theregister.co.uk/unsubscribe/649203/acc978a1
The Register and its contents are Copyright © 2014 Situation Publishing.
All rights reserved.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.