Category Archives: Risk Assessment

132 Google Play apps tried to infect Android users with… Windows malware

Posted on March 1, 2017 by Dan Goodin

Researchers suspect developers didn’t intentionally spawn the malicious apps. Continue reading 132 Google Play apps tried to infect Android users with… Windows malware→

Researchers find “severe” flaw in WordPress plugin with 1 million installs

Posted on February 28, 2017 by Dan Goodin

If you use NextGEN Gallery, now would be a good time to update. Continue reading Researchers find “severe” flaw in WordPress plugin with 1 million installs→

Creepy IoT teddy bear leaks >2 million parents’ and kids’ voice messages

Posted on February 28, 2017 by Dan Goodin

Publicly accessible database wasn’t even protected by a password. Continue reading Creepy IoT teddy bear leaks >2 million parents’ and kids’ voice messages→

Google reports “high-severity” bug in Edge/IE, no patch available

Posted on February 27, 2017 by Dan Goodin

String of unpatched security flaws comes after February Patch Tuesday was canceled. Continue reading Google reports “high-severity” bug in Edge/IE, no patch available→

Watershed SHA1 collision just broke the WebKit repository, others may follow

Posted on February 24, 2017 by Dan Goodin

“Please exercise care” with colliding PDFs, researchers advise software developers. Continue reading Watershed SHA1 collision just broke the WebKit repository, others may follow→

Apple deleted server supplier after finding infected firmware in Siri servers

Posted on February 24, 2017 by Sean Gallagher

Report: Siri, internal development servers affected by fake firmware patch. Continue reading Apple deleted server supplier after finding infected firmware in Siri servers→

Serious Cloudflare bug exposed a potpourri of secret customer data

Posted on February 24, 2017 by Dan Goodin

Service used by 5.5 million websites may have leaked passwords and authentication tokens. Continue reading Serious Cloudflare bug exposed a potpourri of secret customer data→

Frank Abagnale, world-famous con-man, explains why technology won’t stop breaches

Posted on February 23, 2017 by Sean Gallagher

The man who once pretended to be a doctor explains identity theft to the health industry at HIMMS. Continue reading Frank Abagnale, world-famous con-man, explains why technology won’t stop breaches→

At death’s door for years, widely used SHA1 function is now dead

Posted on February 23, 2017 by Dan Goodin

Algorithm underpinning Internet security falls to first-known collision attack. Continue reading At death’s door for years, widely used SHA1 function is now dead→

Hacks all the time. Engineers recently found Yahoo systems remained compromised

Posted on February 21, 2017 by Dan Goodin

Company knocks $350 million off its purchase price. Continue reading Hacks all the time. Engineers recently found Yahoo systems remained compromised→