Category Archives: Risk Assessment

iOS 10.3.1 includes bug fixes and improves the security of your iPhone or iPad

Posted on April 3, 2017 by Andrew Cunningham

Bugs? Fixed ’em. Security? Improved it. Continue reading iOS 10.3.1 includes bug fixes and improves the security of your iPhone or iPad→

Wikileaks releases code that could unmask CIA hacking operations

Posted on April 2, 2017 by Sean Gallagher

“Marble” libraries include code used to obfuscate—and unscramble— CIA malware. Continue reading Wikileaks releases code that could unmask CIA hacking operations→

Smart TV hack embeds attack code into broadcast signal—no access required

Posted on March 31, 2017 by Dan Goodin

Demo exploit is inexpensive, remote, scalable—and opens door to more advanced hacks. Continue reading Smart TV hack embeds attack code into broadcast signal—no access required→

How many NSA spy hubs are scooping up your Internet data? I counted 7

Posted on March 30, 2017 by Sebastian Anthony

Not that knowing NSA’s sigint locations will actually help you much… Continue reading How many NSA spy hubs are scooping up your Internet data? I counted 7→

Someone is putting lots of work into hacking Github developers

Posted on March 30, 2017 by Dan Goodin

Dimnie recon trojan has flown under the radar for three years … until now. Continue reading Someone is putting lots of work into hacking Github developers→

Potent LastPass exploit underscores the dark side of password managers

Posted on March 28, 2017 by Dan Goodin

Developers are scrambling to fix flaw that allows theft, malicious code execution. Continue reading Potent LastPass exploit underscores the dark side of password managers→

Ransomware scammers exploited Safari bug to extort porn-viewing iOS users

Posted on March 28, 2017 by Dan Goodin

Apple fixes flaw attackers used to trick uninformed users into paying a fine. Continue reading Ransomware scammers exploited Safari bug to extort porn-viewing iOS users→

Doxed by Microsoft’s Docs.com: Users unwittingly shared sensitive docs publicly

Posted on March 27, 2017 by Sean Gallagher

Microsoft pulled search bar from site after security researchers raised red flags. Continue reading Doxed by Microsoft’s Docs.com: Users unwittingly shared sensitive docs publicly→

Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs [updated]

Posted on March 23, 2017 by Dan Goodin

Chrome to immediately stop recognizing EV status and gradually nullify all certs. Continue reading Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs [updated]→

New WikiLeaks dump: The CIA built Thunderbolt exploit, implants to target Macs

Posted on March 23, 2017 by Sean Gallagher

“Sonic Screwdriver” leveraged a now-patched vulnerability. Continue reading New WikiLeaks dump: The CIA built Thunderbolt exploit, implants to target Macs→