Category Archives: Security News

US tech giants say they didn’t do Yahoo-style email spying

Yahoo’s program may have been spying on hundreds of millions of users’ accounts

The Yahoo sign in front of the company’s campus in Sunnyvale, Calif.

Credit: Yahoo

Reports of a secret Yahoo program to search through customers’ incoming emails has spurred other tech companies to deny ever receiving a similar request from the U.S. government.

The program, reportedly created last year through a classified U.S. order, involves Yahoo searching through hundreds of millions of user accounts at the behest of the National Security Agency or FBI.

Smart device malware behind record DDoS attack is now available to all hackers

The Mirai trojan enslaved over 380,000 IoT devices, its creator claims.

Credit: Stephen Lawson
The source code for a trojan program that infected hundreds of thousands of internet-of-things devices and used them to launch distributed denial-of-service attacks has been published online, paving the way for more such botnets.

The code for the trojan, which its creator calls Mirai, was released Friday on an English-language hackers’ forum, cybersecurity blogger Brian Krebs reported over the weekend. Krebs’ website was the target of a record DDoS attack two weeks ago that was launched from the Mirai botnet.

Meet Apache Spot, a new open source project for cybersecurity

The effort taps big data analytics and machine learning for advanced threat detection

The Apache Spot project was announced at Strata+Hadoop World on Wednesday, Sept. 28, 2016.

Credit: Katherine Noyes

Hard on the heels of the discovery of the largest known data breach in history, Cloudera and Intel on Wednesday announced that they’ve donated a new open source project to the Apache Software Foundation with a focus on using big data analytics and machine learning for cybersecurity.

Emergency Flash Player patch fixes actively exploited vulnerability

The new updates address a total of 18 critical flaws.

Flash Player patch
Adobe Systems released new versions of Flash Player in order to fix 18 critical vulnerabilities that could be exploited to take over computers, including one flaw that’s already targeted by attackers.”Adobe is aware of a report that an exploit for CVE-2016-1010 is being used in limited, targeted attacks,” the company said in a security advisory. The flaw stems from a heap overflow condition and was reported to Adobe by researchers from antivirus firm Kaspersky Lab.

Microsoft patches flaws that let attackers control your PC over the Web

Thirty-nine vulnerabilities fixed in 13 security bulletins

Microsoft patches flaws in Windows, Office, IE, and Edge
Outside Building 99 in Microsoft’s Redmond, Washington, campus.

Credit: Microsoft

Microsoft has fixed 39 vulnerabilities in multiple Windows components, Internet Explorer, Edge, Office and .NET Framework, many of which allow for remote code execution.

The patches are grouped in 13 security bulletins, five of which are rated critical and the rest as important.