Hacking News

More than a hundred security researchers and computer science experts have warned in a letter to lawmakers that not enough is being done to ensure the integrity of state and federal elections. The letter, published Wednesday, argues many US states are “inadequately prepared” to respond to cybersecurity risks with upcoming elections. Read more

Honda, one of the largest automobile manufacturers in the world, announced Wednesday that it was forced to shut down production at one of its Japanese plants after it was hit by the WannaCry ransomware. The manufacturer said it powered down a plant on Monday in Sayama, a city in the Saitama prefecture, roughly an hour

NEW YORK–President Donald Trump’s Cybersecurity Executive Order needs an overhaul, specifically a shift from planning and proposals to the pragmatic. According to Ed Amoroso, former AT&T CSO, there are dire consequences to the U.S. critical infrastructure if the U.S. government pursues its current cybersecurity status quo Read more

Internet telephony company Avaya has patched a high-severity vulnerability in its Aura Application Enablement Services product that put phone call and API data running through the server at risk for interception. Researchers at Digital Defense found a vulnerability where an attacker could, without authentication, abuse Remote Procedure Calls (RPC) into the server and modify input

OpenVPN has this week patched four vulnerabilities, including a critical remote code execution bug, a little more than a month after the results of two security audits of the open source VPN software were published. The patches were released after private disclosures in May and June by researcher Guido Vranken of the Netherlands. Vranken said

If you’ve been following the news, you might have heard about Philando Castile. On July 6, 2016, he was shot and killed by an officer after being pulled over for resembling a suspect in a robbery. The officer, Jeronimo Yanez, asked Castile for his license and registration. While reaching for it (and pulling his arm

More organizations appear to be heeding the advice to implement capabilities for detecting intrusions sooner, at least based on an analysis of data from breach investigations that security vendor Trustwave conducted for clients last year. Trustwave’s analysis showed that the median number of days from an intrusion to initial detection of the compromise fell sharply

I recently interviewed a gentleman, one with a vested interest in Android, and was enlightened on a number of levels. During the interview we hopped onto the thread of security and dove pretty deep into the issue of malware and other Android security issues. Because of this particular aspect of the conversation, my source asked

Router manufacturer TP-Link recently fixed a vulnerability in a discontinued line of routers that if exploited could have been used to execute code on the device. Researchers at Senrio, a firm that specializes in IoT security, uncovered a logic vulnerability in a configuration service present in TP-Link’s PTWR841N V8 router models. Read more

To Mark Loveless, an internet-enabled cordless drill seemed like a perfect recipe for an IoT security nightmare. Duo Security’s senior security researcher confessed that it sounded silly and quite possibly part of a push by the electronics maker to inject “smarts” into devices that ultimately turned them into hackable punching bags for adversaries to exploit. So