Popular ‘Circle with Disney’ Parental Control System Riddled With 23 Vulnerabilities

A popular parental monitoring system, called Circle with Disney, receives 23 patches for a wide range of serious vulnerabilities.

from Threatpost | The first stop for security news http://ift.tt/2yiMFwM
via https://ifttt.com/ IFTTT

Apple Patches KRACK Vulnerability in iOS 11.1

Apple has patched the KRACK vulnerability in iOS and elsewhere in its product line, closing a key re-installation vulnerability in the WPA2 protocol implemented used by its software.

from Threatpost | The first stop for security news http://ift.tt/2iQGJUZ
via https://ifttt.com/ IFTTT

Meet MBR-ONI, Bootkit Ransomware Used as a Targeted Wiper

Earlier this year a new ransomware, dubbed ONI, was discovered in Japan. It is described as a sub-species of the GlobeImposter ransomware. Researchers blogged in July, "When it infects it, it encrypts the file, assigns the extension .oni to the filename, and asks for payment to decrypt it."

read more

from SecurityWeek RSS Feed http://ift.tt/2zml0ep
via https://ifttt.com/ IFTTT

Firefox Bolsters Privacy, Pulls Plug on Browser Canvas Fingerprinting

Firefox is to stop using the privacy-busting canvas-based browser fingerprinting that allows websites to track users’ online activities.

from Threatpost | The first stop for security news http://ift.tt/2hrnvSg
via https://ifttt.com/ IFTTT

Emergency Oracle Patch Closes Bug Rated 10 in Severity

Oracle released an emergency patch for a remote code execution vulnerability in Oracle Identity Manager rated a 10 out of 10 in severity.

from Threatpost | The first stop for security news http://ift.tt/2zmjYz5
via https://ifttt.com/ IFTTT

Сертификаты для подписи кода стоят дороже оружия в дарквебе

Исследователи обнаружили, что сертификаты для подписи цифрового кода продаются на черных рынках в Сети дороже оружия. Такие сертификаты являются фундаментальным способом обеспечения легитимности программного обеспечения и приложений. Однако если они скомпрометированы, их можно использовать для установки вредоносной программы, избежав при этом обнаружения.

from Новости информационной безопасности - Anti-Malware.ru http://ift.tt/2lytMjn
via https://ifttt.com/ IFTTT

Francisco Partners Acquires Comodo CA

Tech-focused private equity firm Francisco Partners announced on Tuesday that it has acquired Comodo CA Limited, Comodo’s certificate authority business, for an undisclosed amount.

read more

from SecurityWeek RSS Feed http://ift.tt/2iidxCp
via https://ifttt.com/ IFTTT

Google to Remove Support for PKP in Chrome

Google is planning to deprecate and eventually completely remove support for public key pinning (PKP) from the Chrome web browser.

read more

from SecurityWeek RSS Feed http://ift.tt/2xF3WMj
via https://ifttt.com/ IFTTT

Firefox to Block Canvas-based Browser Fingerprinting

Firefox will soon provide users with increased privacy by blocking browser fingerprinting performed through the HTML5 canvas element.

read more

from SecurityWeek RSS Feed http://ift.tt/2z6iCHI
via https://ifttt.com/ IFTTT

ЕС приравняет кибератаки к началу войны

Государства-члены Европейского союза разработали документ, в котором говорится, что серьезные кибератаки других государств могут быть истолкованы как военный акт. Как утверждается, этот документ был разработан в качестве сдерживающего фактора провокаций со стороны России и Северной Кореи.

from Новости информационной безопасности - Anti-Malware.ru http://ift.tt/2zn4VFe
via https://ifttt.com/ IFTTT

Троян Silence атакует российские банки

Первые атаки с использованием трояна Silence были зафиксированы в июле 2017 года, новая волна атак продолжается по сегодняшний день.

from Securitylab.ru http://ift.tt/2xFbMpb
via https://ifttt.com/ IFTTT

Threat Intelligence Firm Recorded Future Raises $25 Million

Threat intelligence provider Recorded Future today announced that it has raised $25 million in a Series E round of funding Led by Insight Venture Partners.

read more

from SecurityWeek RSS Feed http://ift.tt/2z1T7Fo
via https://ifttt.com/ IFTTT

Mozilla Raises Concerns Over DigiCert Acquiring Symantec CA

Mozilla has raised some concerns regarding DigiCert acquiring Symantec’s website security and related public key infrastructure (PKI) solutions after major web browser vendors announced that certificates issued by the security firm would no longer be trusted.

read more

from SecurityWeek RSS Feed http://ift.tt/2yh6FzX
via https://ifttt.com/ IFTTT