Chris Brook – WindowsTechs.com

Costin Raiu and Juan Andres Guerrero-Saade on APT Fourth-Party Collection

Posted on October 4, 2017 by Chris Brook

Costin Raiu and Juan Andres Guerrero-Saade talk to Mike Mimoso live from Virus Bulletin in Madrid about APTs leveraging one anothers’ attacks and compromised machines as their own. Continue reading Costin Raiu and Juan Andres Guerrero-Saade on APT Fourth-Party Collection→

Equifax Says 145.5M Affected by Breach, Ex-CEO Testifies

Posted on October 3, 2017 by Chris Brook

The credit bureau Equifax said Monday the information of 145.5M Americans, was implicated in this summer’s breach. Continue reading Equifax Says 145.5M Affected by Breach, Ex-CEO Testifies→

Judge: FBI Can Keep iPhone Crack and Price Secret

Posted on October 2, 2017 by Chris Brook

The FBI can keep details around how much it paid and which company it hired to unlock a terrorist’s iPhone 5C in 2016 secret, the court ruled over the weekend.
Continue reading Judge: FBI Can Keep iPhone Crack and Price Secret→

Gary McGraw on BSIMM8 and Software Security

Posted on October 2, 2017 by Chris Brook

Software security pioneer Gary McGraw talks to Mike Mimoso about the latest iteration of the Building Security In Maturity Model (BSIMM) report. Continue reading Gary McGraw on BSIMM8 and Software Security→

Siemens Patches Improper Access Vulnerability in Ruggedcom Protocol

Posted on September 29, 2017 by Chris Brook

Industrial manufacturer Siemens is encouraging users running devices that use its Ruggedcom protocol to apply firmware updates this week. The updates resolve a serious and remotely exploitable vulnerability that could let an attacker carry out administ… Continue reading Siemens Patches Improper Access Vulnerability in Ruggedcom Protocol→

Threatpost News Wrap, September 29, 2017

Posted on September 29, 2017 by Chris Brook

The macOS Keychain attack, Signal’s new private contact discovery service, the Deloitte hack, and a handful of mobile stock trading app vulnerabilities are discussed. Continue reading Threatpost News Wrap, September 29, 2017→

Civil Liberties Activists Hit By Phishing Campaign

Posted on September 28, 2017 by Chris Brook

Digital civil liberty activists with Fight for the Future and Free Press were hit with a phishing emails designed to steal business credentials earlier this summer. Continue reading Civil Liberties Activists Hit By Phishing Campaign→

Signal Testing New Private Contact Discovery Service

Posted on September 27, 2017 by Chris Brook

Signal is testing out a new private contact discovery service that will let the app determine if a user has Signal contacts in their address book, but forbid its servers from accessing the users’ address book. Continue reading Signal Testing New Private Contact Discovery Service→

Oracle Patches Apache Struts, Reminds Users to Update Equifax Bug

Posted on September 26, 2017 by Chris Brook

Oracle released fixes for a handful of recently patched Apache Struts 2 vulnerabilities late last week. Continue reading Oracle Patches Apache Struts, Reminds Users to Update Equifax Bug→

Deloitte: ‘Very Few Clients’ Impacted by Cyber Attack

Posted on September 25, 2017 by Chris Brook

Deloitte, one of the “big four” global accounting firms, admitted it fell victim to a cyber attack last year but downplayed the incident on Monday saying it only affected a few of its high profile clients.

Continue reading Deloitte: ‘Very Few Clients’ Impacted by Cyber Attack→