One day after announcing Rep. Will Hurd, R-Texas, as its keynoter, organizers of the 2019 Black Hat security conference promptly revoked the invitation. “Black Hat has chosen to remove U.S. Representative Will Hurd, as our 2019 Black Hat USA keynote,” conference leadership said in a statement posted on the event’s website. “We misjudged the separation of technology and politics. We…
A newly discovered variant of Echobot, an offshoot of the Mirai family of Internet of Things botnet malware, was found to contain a whopping 26 different exploits for infecting victim machines. This revelation is the latest in a string of research reports detailing Mirai-related malwares with increasingly large exploit totals. In a company blog post…
Medical tech company Becton, Dickinson and Company (BD) has advised users of its Alaris Gateway Workstation – a smart connectivity and integration solution for infusion pump devices – to update their firmware, following the discovery of a highly critical remote code execution vulnerability. CyberMDX researcher Elad Luz found that multiple versions of the workstation –…
Google’s Project Zero vulnerability hunting team has publicly disclosed an unpatched bug in the SymCrypt cryptography library for Windows, which could create a denial of service condition when the user initiates any function that requires cryptography. Project Zero researcher Tavis Ormandy said in a June 11 tweet that even though the problem is of “relatively…
Telegram pointed the finger at Chinese state-sanctioned actors yesterday after a distributed denial of service (DDoS) attack overwhelmed its servers as protests were taking place in Hong Kong. “We’re currently experiencing a powerful DDoS attack, Telegram users in the Americas and some users from other countries may experience connection issues,” the encrypted messaging service said…
A company’s recent analysis of credential abuse activity over a 17-month period uncovered roughly 55 billion credential stuffing attack attempts against various online services, roughly 12 billion of which targeted the gaming industry. Researchers at Akamai Technologies revealed the data in their latest State of the Internet/Security report, which specifically focuses on web attacks and…
Text editor programs Vim and Neovim both received security updates late last month after was was found to contain a remote code execution vulnerability. Designated CVE-2019-12735, the flaw was discovered by security researcher Armin Razmjou and assigned an 8.6 HIGH CVSS base score. According to an analysis of the vulnerability that was published last week,…
The English rock band Radiohead has decided to sell some of its unreleased recording materials after a hacker stole them and threatened to leak them in an extortion scheme. The proceeds will go toward Extinction Rebellion, an environmentalist movement that relies on nonviolent resistance to generate awareness and advance its causes. In a tweet today,…
The U.S. House of Representatives yesterday passed its own version of the DHS Cyber Incident Response Teams Act of 2019, which would require the Department of Homeland Security to permanently maintain cyber hunt and incident response teams that help prevent and mitigate attacks on federal agencies and the private sector. Designated H.R.1158, the bill serves…
An Auburn, Washington-based food bank that provides meals to individuals in need has reportedly been victimized in a ransomware attack, leaving staff members unable to access files and emails. A report from the Auburn Examiner says the June 5 attack on The Auburn Food Bank has reduced the charitable organization to one working computer, currently…
