Windows 8 is about to get a lot less secure.
After January 12, Microsoft will stop offering security patches for the three-year-old operating system. Users will have to upgrade to either Windows 8.1 or Windows 10 to keep receiving updates.
Hackers seized control of computers at three banks and a pharmaceutical company about a week ago, then demanded a ransom in bitcoins for the decryption keys to unfreeze them.
The attackers accessed the system by compromising IT administrators' computers, people aware of the matter said. In all four cases, the hackers are said to have used the Lechiffre ransomware.
Juniper Networks has announced its own investigations have found none of the "oops ... how did that code get there" trouble in Junos OS and that it will kill off Dual Elliptic Curve (Dual_EC) encryption in ScreenOS.
The company says it hired a "respected security organization" that "undertook a detailed investigation of ScreenOS and Junos OS® source code."
A new study of a cyberattack last month against Ukrainian power companies suggests malware didn't directly cause the outages that affected at least 80,000 customers.
Instead, the malware provided a foothold for key access to networks that allowed the hackers to then open circuit breakers that cut power, according to information published Saturday by the SANS Industrial Control Systems (ICS) team.
General Motors (GM) has opened a bug bounty program to allow hackers to report vulnerabilities in its vehicles.
Vulnerability reporting guidelines are stringent; GM agrees not to "pursue claims" against researchers if bug hunters do not harm or violate the privacy of GM or its customers, drop a zero day, or breach criminal law.
The bounty launched late last week will be a complex beast for GM given the number of vendors supplying software components to vehicles. Overseeing the program is GM cyber-security boss Jeffrey Massimilla appointed in 2014.