It’s patching time again for Windows Server 2016 and Windows 10 Updated Oops! Microsoft has published an advisory on a bug in its Internet Information Services (IIS) product that allows a malicious HTTP/2 request to send CPU usage to 100 per cent.… …
World cybersecurity news
Extortionists are promising salaries of more than a quarter of a million pounds to skilled infosec folk willing to put on a black hat, according to research outfit Digital Shadows. Those salaries are on offer to people willing to blackmail and extort money out of “high net worth individuals” – and at the upper end […]
Apple CEO Tim Cook. Apple isn’t relenting in its attacks on last week’s Bloomberg story claiming that tiny Chinese chips had compromised the security of Apple and Amazon data centers. In a Monday letter to Congress, Apple wrote that the claims in the Bloomberg story were “simply wrong.” Bloomberg’s story, published last Thursday, claimed that […]
Posted by Patrick Mutchler and Meghan Kelly, Android Security & Privacy Team [Cross-posted from the Android Developers Blog] Helping Android app developers build secure apps, free of known vulnerabilities, means helping the overall ecosystem thrive. This is why we launched the Application Security Improvement Program five years ago, and why we’re still so invested in […]
Chance to align security validation capabilities with cloud security compliance gives enterprises a competitive edge SAN FRANCISCO – March 4, 2019 – RSA CONFERENCE 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced STAR […]
A 20-year-old Illinois man has pleaded guilty to running multiple DDoS-for-hire services that launched millions of attacks over several years. The plea deal comes almost exactly five years after KrebsOnSecurity interviewed both the admitted felon and his father and urged the latter to take a more active interest in his son’s online activities. Sergiy P. […]
In recent years, the setting has been criticized as being essentially meaningless. But it might have a crucial role to play in enforcing privacy regulations….
Roughly one year ago, KrebsOnSecurity published a lengthy investigation into the individuals behind Coinhive[.]com, a cryptocurrency mining service that has been heavily abused to force hacked Web sites to mine virtual currency. On Tuesday, Coinhive announced plans to pull the plug on the project early next month. A message posted to the Coinhive blog on Tuesday, […]
A Russian court has handed down lengthy prison terms for two men convicted on treason charges for allegedly sharing information about Russian cybercriminals with U.S. law enforcement officials. The men — a former Russian cyber intelligence official and an executive at Russian security firm Kaspersky Lab — were reportedly prosecuted for their part in an […]
Researchers point a tough-to-fix in some cloud computing setups: hackable firmware….