Aware of weaknesses in the early_random() pseudo random number generator used in iOS 6, Apple switched to an entirely new generator in iOS 7. In doing so, however, it weakened rather than strengthened the random number generation that lies at the heart…
LightOut is Latest Cyber Threat to Target Energy Sector
What happens when the energy grid goes down? Well the lights, of course, go out. A fresh advanced persistent threat (APT) targeting the energy sector is thus aptly named LightsOut, and like previous attacks, it used a watering hole method to start its …
Backdoor Found in Samsung Galaxy
A developer working on Replicant, an open-source free mobile operating system designed to replace all proprietary Android components with open-source alternatives, has discovered a backdoor in Samsung Galaxy that provides almost full access to user fil…
Nokia Tackles Carrier Roles in Mobile Security with Berlin-based Cybersecurity Center
With the infiltration of handheld devices into virtually every aspect of our consumer and enterprise lives, mobile networks should be considered critical infrastructure with high impact on public welfare and safety; and cyber-security should be address…
Target May Have Ignored Pre-breach Intrusion Warning
The largest retail breach in history happened at Target stores all over the country during the busy 2013 holiday shopping season, sparking 90+ lawsuits, a Congressional hearing, corporate restructuring and plummeting sales figures for the big-box retai…
ICS Flaws Discovered that Could Affect Thousands of Plant-monitoring Systems
Industrial control systems (ICS) are a notorious weak link when it comes to securing mission-critical infrastructure, but progress in overhauling cyber-practices for this legacy software seems to be moving along at a snail’s pace. Case in point: yet an…
Government ID Theft Ringleader Gets 12 Years in Prison
The leader of an identity theft ring that stole more than 600 identities from US government employees and others has been sentenced to serve 12 years in prison, followed by three years of supervised release.
The NSA’s Botnet of Botnets: an Active SIGINT System
The latest revelations from the Snowden files, published by Glenn Greenwald’s new venture The Intercept, show that NSA thinking has followed the same arguments developed by cybercriminals: if you wish to control a large number of subjects (infected com…
Warning: DDoS Attack Volume Balloons 807.48% in Fresh Spike
While network time protocol (NTP) amplification attacks have been a threat for many years, a new DDoS surge is ringing alarm bells: in just one month, February 2014, the number of NTP amplification attacks increased 371.43%. The average peak DDoS attac…
Worm that Wreaked Havoc for US Military Likely a Progenitor of Red October
More than a year ago, Kaspersky Labs analyzed dozens of modules used by Red October, an extremely sophisticated cyber-espionage operation that has been at work in dozens of high-profile targets. New analysis shows that one of its genetic progenitors is…