Wednesday, March 8, 2017

Leaked CIA hacking weapons include iOS, Android zero days

Security Digest
Information security news and advice from TechTarget's network | March 8, 2017
TechTarget
FEATURED STORY
Vault 7 CIA hacking weapons include iOS, Android and Windows zero days
by Michael Heller, Senior Reporter

WikiLeaks released a massive dump of files it claims to be CIA hacking tools, codenamed Vault 7, which includes iOS and Android zero-day exploits. (SearchSecurity.com)

Advertisement
NEWS
 
FBI chooses to protect Tor vulnerability and dismiss child porn case

The Department of Justice dropped a child pornography case in order to avoid disclosing a Tor vulnerability; dozens more cases potentially affected. (SearchSecurity.com)

 
Cloudflare security team calms fears over Cloudbleed bug

Cloudflare security researchers continue investigations as CEO calms fears over potential exposure of sensitive personal data by the Cloudbleed bug, though doubts remain. (SearchSecurity.com)

 
Slack hack threatened to expose user account data and messages
News roundup: A researcher discovers a Slack hack through stolen tokens. Plus, another WordPress flaw puts 1 million users at risk; Necurs botnet does DDoS now; and more. (SearchSecurity.com)
 
 
 

New cybersecurity report gets the hacker perspective

A new cybersecurity report used a hacker survey to offer a perspective on IT that can often be overlooked and found there may not be any easy answers. (SearchSecurity.com)

 
Employees knew about Yahoo security breach years ago, per new SEC filing
A new SEC filing details who knew about the major Yahoo security breach in 2014, but experts are confused by the repercussions of the announcement. (SearchSecurity.com)
 
Risk & Repeat: Cloudflare bug poses incident response challenges
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Cloudflare bug that leaked an undetermined amount of customer data over several months. (SearchSecurity.com)
 
 
 
EXPERT ADVICE
 
Why authorization management is paramount for cybersecurity readiness

After enterprise identities are authenticated, an authorization management system should monitor how resources are being used. Expert Peter Sullivan explains how it can work. (SearchSecurity.com)

 
Microsoft Azure Security Center: Successful or stagnated?
Now that Microsoft's Azure Security Center has been out and in use for a while, expert Ed Moyle takes a look at how successful it is and where it's headed in enterprise use. (SearchCloudSecurity.com)
 
 
 
 

What to consider about signatureless malware detection

Endpoint security is changing into signatureless malware detection and protection. Expert Matthew Pascucci discusses the transition away from signatures. (SearchSecurity.com)

 
SHA-1 certificates: How will Mozilla's deprecation affect enterprises?

Mozilla browser users will encounter 'untrusted connection' errors if they use SHA-1 signed certificates. Expert Michael Cobb explains why, and what enterprises can do. (SearchSecurity.com)

 
About This E-Newsletter
This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for.

TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com

Copyright 2016 TechTarget. All rights reserved.
TechTarget

No comments: