The FBI, Europol, Microsoft and others worked together to take down the Andromeda botnet, which served about 80 malware species to an average of 1 million machines per month. Someone suspected of running the botnet was also arrested in Belarus.
It's part of an initiative to bolster the security of open-source projects used by EU institutions. Apache HTTP Server and Keepass were previous beneficiaries. The project is hosted on HackerOne and has a total budget of €60.000.
When turned on, it will ask for a passcode. You can optionally enter an e-mail address in case you forget your passcode.
They critize the fact that the US has too much control over the current DNS system, fearing that it gives them a big edge on cyber warfare.
Not only were they negligent in security, as all data was exposed due to a misconfigured MongoDB instance, but it also seems they were collecting much more information than strictly needed.
TIO is a company that runs utility and bill payment kiosks in North America. The company is owned by Paypal, but their data is separate from Paypal's.
Another week, another s3 bucket. This time with personal information on tens of thousands of people, including driver’s license and Social Security card images, financial reports, and more.
Currently the ticker is at 45 incidents. The creator also conveniently breaks down the root causes of the incidents.
Update all the things \o/
- Apple released a bunch of updates, including one for MacOS that permanently fixes the IAmRoot bug: link
- Google released updates to Android, fixing 47 vulnerabilities of which 10 are rated high, and shipped a separate patch for Pixel and Nexus phones for a vulnerability there: link
- Cisco patched several vulnerabilities in its WebEx suite: link
- HP released firmware patches for its enterprise printers to fix a remote code execution flaw: link
- Two critical vulnerabilities were found and patches in the RSA authentication agent and SDK: link
For those interested, another great Humble Bundle for books on networks and security. Paying $15 (or more) gives you 13 books!
Personal note: started a Hackernews newsletter
This one sends you a daily e-mail with all HN articles over x points.
Feel free to subscribe if that sounds handy :-)
Dieter Van der Stock
Use the dead accurate Netsparker web application security scanner to do the work for you, including eliminating false positives.