MonthOctober 2017

Apple putties Krack in macOS, iOS

Apple on Tuesday patched both macOS and iOS against serious vulnerabilities in the Wi-Fi Protected Access II (WPA2) protocol used to secure wireless networks.

Information about the flaws, dubbed "Krack" by their Belgian discoverer, made news earlier in the month when security researcher Mathy Vanhoef announced weaknesses in WPA2 that could allow criminals to read information transmitted over a Wi-Fi network thought to be encrypted.

Krack, said Vanhoef, stood for "Key Reinstallation Attacks."

The macOS 10.13.1 and iOS 11.1 updates addressed the Krack vulnerabilities, as well as a slew of others. The Mac update fixed a whopping 148 flaws, while the iPhone and iPad update quashed 20 bugs. The bulk of the macOS patches - 90 of the total - plugged holes in "tcpdump," an open-source network packet analyzer that's baked into the operating system.

To read this article in full or to leave a comment, please click here

North Korea Faces Accusations of Hacking Warship Builder Daewoo

North Korea suspected by South Korea of stealing warship blueprints from Daewoo Shipbuilding & Marine Engineering.

North Korea Faces Accusations of Hacking Into Warship Builder Daewoo

North Korea suspected by South Korea of stealing warship blueprints from Daewoo Shipbuilding & Marine Engineering.

Office 365 Missed 34,000 Phishing Emails Last Month

Nearly 10% of emails delivered to Office 365 inboxes were spam, phishing messages, and known or zero-day malware.

Who Says Brilliant Security Engineers Can’t Be Amazing People Managers?

Don't let mid-career stagnation be an exit ramp from the cybersecurity industry. Use it as an opportunity to explore, and to deepen your enthusiasm.

Trump Administration to Craft New Cybersecurity Plan

Strategy will mirror President Trump's cybersecurity Executive Order.

How to Make a Ransomware Payment – Fast

Paying ransom in a ransomware attack isn't recommended, but sometimes, it's necessary. Here's how to pay by cryptocurrency.

10 Scariest Ransomware Attacks of 2017

A look back at WannaCry, NotPetya, Locky, and other destructive ransomware campaigns to infect the world this year.

Stop Counting Vulnerabilities & Start Measuring Risk

When security teams report on real risk, executive teams can gain a much better understanding of the company's security posture.

Phishing Kits Regularly Reused by Cybercriminals

In 27% of cases, a phishing kit is re-used on more than one host.