Hackers reroute Amazon Web Services DNS traffic using BGP routing weakness

Security Digest Information security news and advice from TechTarget's network| May 2, 2018 FEATURED STORY BGP routing security flaw caused Amazon Route 53 incident by Peter Loshin, Site Editor A BGP routing security flaw enabled unknown threat actors to steal cryptocurrency by hijacking internet routing and rerouting traffic to a phishing site in Russia. (SearchSecurity.com) Advertisement NEWS   Attackers seek Oracle WebLogic vulnerability after faulty patch The combination of a broken Oracle WebLogic vulnerability and available proof of concept exploit code has led threat actors to search for any servers that are at risk. (SearchSecurity.com)   Keycard vulnerability threatens millions of hotel rooms News roundup: Researchers found a keycard vulnerability that enabled them to enter millions of hotel rooms worldwide. Plus, Yahoo has been fined $35 million by the SEC, and more. (SearchSecurity.com)   Risk & Repeat: Hacking back, GDPR and more from RSAC In this week's Risk & Repeat podcast, SearchSecurity editors discuss some of the major themes and debates from RSA Conference, from hacking back to GDPR compliance. (SearchSecurity.com)   Microsoft releases Spectre variant 2 microcode patches Microsoft released new fixes that include the Intel microcode patches for Spectre variant 2 to help protect users on Windows 10 and Windows Server 2016. (SearchSecurity.com)   SentinelOne CEO: Endpoint security market full of 'noise and confusion' In part two of the interview with SentinelOne CEO Tomer Weingarten, he discusses how niche products and venture capital investments have affected the endpoint security space. (SearchSecurity.com)   DDoS-for-hire website taken down by law enforcement Webstresser.org, a popular DDoS-for-hire website, was taken down by several law enforcement agencies across the globe. Details are sparse, but arrests have reportedly been made. (SearchSecurity.com) EXPERT ADVICE   How the BloodHound tool can improve Active Directory security Auditing Active Directory can be made easier with tools like the open source BloodHound tool. Expert Joe Granneman looks at the different functions of the tool and how it can help. (SearchSecurity.com)   What is included in the mPOS security standard from PCI SSC? The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.