Weekend news review: January 5-9 | Gallery & slideshow | SC Media

Weekend news review: January 5-9


  • Google publishes Windows 8.1 flaw details before patch is issued

    Google's "Project Zero" team discovered an elevation of privilege flaw in Windows 8.1 and detailed the vulnerability online, 90 days after alerting Microsoft. Read more

  • Morgan Stanley employee fired for stealing data on 350K clients, reports say

    Morgan Stanley discovered account names, numbers and transaction data for more than 900 clients posted on the internet, according to reports. Read more

  • AOL advertising network used to distribute malware

    Malware is being distributed to visitors of The Huffington Post website, as well as several other sites, via malicious advertisements served over the AOL advertising network. Read more

  • Gogo caught using fake Google SSL certificates

    On a recent flight, a Google engineer discovered that SSL certificates were being signed by Gogo, not Google. Read more

  • Stealthy 'XOR.DDoS' trojan infects Linux systems, installs rootkit

    The newly discovered 'XOR.DDoS trojan infects Linux systems to possibly build an army of devices to be used in distributed denial-of-service (DDoS) attacks. Read more

  • Variant of Emotet banking malware used in spam campaign

    German-language speakers are the primary target of a spam campaign that involves a variant of the Emotet banking malware. Read more

  • FTC chairwoman warns of IoT security and privacy risks

    FTC chairwoman Edith Ramirez talked at the Consumer Electronic Show about the Internet of Things and the inherent privacy and security risks that come with the technology development. Read more

  • New versions of OpenSSL released, eight vulnerabilities addressed

    Altogether eight vulnerabilities are addressed, two of which can lead to a denial-of-service attack and are deemed moderate in severity. Read more

  • FBI shares info on Sony hack, but doubt in N. Korea theory lingers

    The FBI director said that attackers failed to use proxy servers to conceal their whereabouts when sending threatening emails to Sony employees. Read more

  • Microsoft's Patch Tuesday preview will no longer be made public

    There are still options to receive advanced information, but Microsoft will no longer be issuing a public blog post to preview what is to come on Patch Tuesday. Read more

This week started out with a elevation of privilege flaw in Windows 8.1 being detailed online before a patch was issued. Later in the week, Gogo, a provider of inflight WiFi, was caught using fake Google SSL certificates. The week closed with a warning from FTC chairwoman Edith Ramirez on security and privacy issues surrounding Internet of Things (IoT) devices.For a closer look at these articles, click here to visit our news section.