Is Your Browser Extension a Botnet Backdoor?

A company that rents out access to more than 10 million Web browsers so that clients can hide their true Internet addresses has built its network by paying browser extension makers to quietly include its code in their creations. This story examines the lopsided economics of extension development, and why installing an extension can be such a risky proposition. Continue reading Is Your Browser Extension a Botnet Backdoor?

Tech Giants Lend WhatsApp Support in Spyware Case Against NSO Group

Google, Microsoft, Cisco Systems and others want appeals court to deny immunity to Israeli company for its alleged distribution of spyware and illegal cyber-surveillance activities. Continue reading Tech Giants Lend WhatsApp Support in Spyware Case Against NSO Group

Cisco Warns of Active Exploitation of Flaw in Carrier-Grade Routers

Multiple flaws in system software that causes errors in packet handling could allow an attacker to consume memory and crash devices. Continue reading Cisco Warns of Active Exploitation of Flaw in Carrier-Grade Routers

Box CEO Aaron Levie says thrifty founders have more control

Once upon a time, Box’s Aaron Levie was just a guy with an idea for a company: 15 years ago as a USC student, he conceived of a way to simply store and share files online. It may be hard to recall, but back then, the world was awash with thumb drives and moving files […] Continue reading Box CEO Aaron Levie says thrifty founders have more control

The Web’s Bot Containment Unit Needs Your Help

Anyone who’s seen the 1984 hit movie Ghostbusters likely recalls the pivotal scene where a government bureaucrat orders the shutdown of the ghost containment unit, effectively unleashing a pent-up phantom menace on New York City. Now, something similar is in danger of happening in cyberspace: Shadowserver.org, an all-volunteer nonprofit organization that works to help Internet service providers (ISPs) identify and quarantine malware infections and botnets, has lost its longtime primary source of funding. Continue reading The Web’s Bot Containment Unit Needs Your Help

Cisco Patches Two High-Severity Bugs in its Small Business Switch Lineup

Vulnerabilities allow unauthenticated remote attackers to access sensitive device information and launch denial of service attacks. Continue reading Cisco Patches Two High-Severity Bugs in its Small Business Switch Lineup

3 Critical Bugs Allow Remote Attacks on Cisco NX-OS and Switches

Cisco patched three authentication bypass bugs tied to its DCNM platform used to manages NX-OS. Continue reading 3 Critical Bugs Allow Remote Attacks on Cisco NX-OS and Switches