It was 4am in London on Tuesday morning when a leet white hat hacker going by the name Zemnmez found the flaw on the new website for Mr Robot, the hit USA Network show. It could have given him an easy way to pwn fans of the show, tricking them into giving over much of their Facebook FB -0.81% information. But, shortly after a quick note to Mr Robot writer Sam Esmail, the vulnerability was closed off.
Security researchers have discovered that an ongoing botnet campaign is specifically targeting scientists, academics, engineering firm employees, government employees and members of international non-governmental organisations (NGO).
Forcepoint Security Labs says in its latest report that the Jaku botnet has so far claimed an estimated 19,000 unique victims, 42% of which are located in South Korea, while 31% are located in Japan, 9% in China and 6% in US. The remaining 12% are located in 130 other countries.
Coming out of an invite-only mode for the first time, Pornhub has opened up its bug bounty programme and is now offering up to $25,000 (£17,000) to anyone who can penetrate its security systems.
To do so, the popular adult website has partnered with HackerOne which is a bug-reporting platform used by a variety of large firms and technology companies including Yahoo, Twitter, Uber and Adobe. To date, the service claims to have facilitated the payout of over $7m to nearly 3,000 responsible hackers and security researchers.
Unusual credit card activity is off the menu at Wendy's.
Wendy's, the burger chain that made "Where's the beef?" a thing in 1984, said Wednesday it was able to "eradicate" malware on point-of-sales systems at around 300 restaurants. The malware led to unusual credit card activity beginning in autumn 2015.
Remember Microsoft's WiFi Sense? One of its cornerstones is the ability to share password-protected WiFi networks with contacts, saving them the hassle of logging in when they visit. Unfortunately, though, there weren't many people enamored with the idea.
For the first time, Linus Torvalds has spoken at an embedded Linux conference, the Linux Foundation's 2016 Embedded Linux Conference & OpenIoT Summit.
It's not that embedded Linux hasn't been important before. Your DVRs and Wi-Fi routers almost certainly run Linux. What has changed is that the Internet of Things (IoT) is transforming embedded Linux from being a topic only programmers could love to one everyone will be using soon.
Some of the world's biggest security and software vendors will be rushing to patch holes in implementations of the popular 7-zip compression tool to stop attackers gaining full control of customer machines.
Cisco security researcher Jaeson Schultz found and reported the holes to the maintainers of the open source 7-Zip platform who kindly cooked up a fix.
Mozilla has asked a court that it should be provided information on a vulnerability in the Tor browser ahead of it being provided to a defendant in a lawsuit, as the browser is based in part on Firefox browser code.
“At this point, no one (including us) outside the government knows what vulnerability was exploited and whether it resides in any of our code base,” wrote Denelle Dixon-Thayer, chief legal and business officer at Mozilla, in a blog post Wednesday.
L33tdawg: Interested in SAP security? You might like to attend this 2-day training at #HITB2016AMS
More than 36 organizations—some in the gas, telecommunications, and steel manufacturing industries—have been breached by attackers exploiting a vulnerability in older SAP business applications that gives them remote access to highly confidential data, the US government-sponsored CERT warned Wednesday.
Microsoft has fixed a critical security vulnerability affecting all supported versions of Windows.
The company said in a security advisory that all users of Windows 10 and earlier should patch as soon as possible to prevent attackers from exploiting a flaw in how the operating system handles graphics and fonts.
The patch fixes four separate vulnerabilities -- the worst of which could let an attacker install malware on an affected computer. The flaw is not thought to have been actively exploited in the wild, the company said.
