The vulnerability allows for local privilege escalation on Linux and *BSD systems, and potentially for remote execution as well. You'll want to patch asap.
Take a look at Qualys' blogpost here.
An analyst at security firm Upguard found an unsecured S3 bucket holding the information of 198 million voters.
The EU released a draft proposal which also, among other things, would forbid EU nations to try and backdoor encrypted traffic.
A Dutch researcher called Guido Vranken found four vulnerabilities (different ones than OpenVPN's audit turned up last month), which he disclosed privately until the patches were out.
SMBv1 will be removed from Windows 10, starting with the upcoming RedStone 3 update due in September. They say this has been the plan for a long time, and not a reaction to WannaCry. Still, good news.
This is the fourth installment in a set of research papers by Google on how they moved from a VPN-based model to a zero-trust network, which they call 'BeyondCorp'. In this setup you get access to services based on who you are and what machine you use, no matter where you are.
Started this summer all European banks will have to reveal all incidents to the ECB, in an effort to map how many breaches occur and how they occur.
They missed the production of about 1000 scheduled cars, but were back up and running a few days later.
A South Korean hosting firm paid over a million in ransom to regain access to its 153 Linux servers, which were encrypted by a Linux variant of the Erebus malware.
Very interesting article on how researchers teamed up with Paypal to impede the DDoS-for-hire subscription service vDOS. The service was responsible for launching about 915.000 DDoS attacks, and at its peak earned its creators $42,000 per month.
Fun and short introduction to reverse engineering, by taking a look from a beginner point of view at both a static and dynamic analysis tool.
Week-long conference based in the amazing city of Barcelona that peeks into the web of tomorrow. Serverless, blockchain, WebVR, distributed web, progressive web apps, and more. Use the code SECNEWS for a 10% discount.