Weekend news review: April 27- May 1

U.S. Defense Secretary Carter emphasizes culture change needed to hire fresh tech talent

U.S. Defense Secretary Carter emphasizes culture change needed to hire fresh tech talent

During a speech at Stanford University this past week, U.S. Defense Secretary Ash Carter acknowledged the government's desire to hire young talent for cybersecurity work. <a style="color: #FFFFFF" href="http://www.scmagazine.com/ash-carter-spoke-at-stanford-university/article/411392/" target="_blank">Read more</a>
Angler Exploit Kit pushed in xHamster malvertising campaign

Angler Exploit Kit pushed in xHamster malvertising campaign

The malicious advertisement was spotted on Friday and taken down by the end of Saturday, according to Malwarebytes Labs. <a style="color: #FFFFFF" href="http://www.scmagazine.com/popular-adult-website-impacted-by-malvertising-campaign/article/411379/" target="_blank">Read more</a>
Macro malware makes a comeback with BARTALEX attack

Macro malware makes a comeback with BARTALEX attack

Trend Micro described a new attack as an "outbreak" of spam that's impacting mainly U.S. companies. <a style="color: #FFFFFF" href="http://www.scmagazine.com/trend-micro-details-new-attack-using-dropbox/article/411654/" target="_blank">Read more</a>
Report: SSDP reflection attacks spike, and other Q1 2015 DDoS trends

Report: SSDP reflection attacks spike, and other Q1 2015 DDoS trends

The largest distributed denial-of-service attack ever detected by Arbor Networks systems was observed in the first quarter of this year. <a style="color: #FFFFFF" href="http://www.scmagazine.com/largest-ddos-detected-in-q1-report-says/article/411648/" target="_blank">Read more</a>
Representatives question FBI and point out fallacies during default encryption hearing

Representatives question FBI and point out fallacies during default encryption hearing

The U.S. Committee on Oversight & Government Reform met on Wednesday to hear arguments on default encryption and didn't let law enforcement off easy. <a style="color: #FFFFFF" href="http://www.scmagazine.com/committee-on-oversight-government-reform-hosts-encryption-hearing/article/411928/" target="_blank">Read more</a>
Several vulnerabilities identified in TheCartPress WordPress plugin

Several vulnerabilities identified in TheCartPress WordPress plugin

High-Tech Bridge identified multiple vulnerabilities in TheCartPress eCommerce shopping cart plugin for WordPress websites. <a style="color: #FFFFFF" href="http://www.scmagazine.com/local-php-file-inclusion-xss-improper-access-control-plague-wordpress-plugin/article/411927/" target="_blank">Read more</a>
Flaw makes Trendnet, D-Link routers vulnerable to remote attack

Flaw makes Trendnet, D-Link routers vulnerable to remote attack

A security alert issued Friday warns of an unfixed bug in D-Link and Trendnet routers. <a style="color: #FFFFFF" href="http://www.scmagazine.com/malware-can-be-delivered-remotely-through-router-bug/article/412164/" target="_blank">Read more</a>
Malicious docs submitted to CareerBuilder job listings distribute malware

Malicious docs submitted to CareerBuilder job listings distribute malware

Proofpoint researchers observed attackers submitting weaponized Microsoft Word documents to job postings listed on the CareerBuilder website. <a style="color: #FFFFFF" href="http://www.scmagazine.com/weaponized-word-docs-submitted-to-job-site-in-sneaky-social-engineering-type-op/article/412155/" target="_blank">Read more</a>
Linux malware 'Mumblehard' has spamming feature, backdoor component

Linux malware 'Mumblehard' has spamming feature, backdoor component

Mumblehard remained undetected for more than five years, according to a researcher at ESET. <a style="color: #FFFFFF" href="http://www.scmagazine.com/linux-malware-mumblehard-has-spamming-feature-backdoor-component/article/412561/" target="_blank">Read more</a>
Vulnerability enables downgrading of MySQL SSL/TLS connections

Vulnerability enables downgrading of MySQL SSL/TLS connections

A researcher with Duo Security identified the vulnerability, which exists in MySQL client libraries, as well as forks such as MariaDB and Percona. <a style="color: #FFFFFF" href="http://www.scmagazine.com/vulnerability-enables-downgrading-of-mysql-ssltls-connections/article/412558/" target="_blank">Read more</a>

A hearing on default device encryption took place this week while more Wordpress vulnerabilities were discovered. For a closer look at these articles, click here to visit our news section.

More Slideshows

Topics:

You must be a registered member of SC Media US to post a comment.