Twitter-Based System to Provide Alerts on BGP Hijacks, Outages

detectionn
Cloud-delivered security provider OpenDNS is preparing to launch a new alert system designed to warn users when Border Gateway Protocol (BGP) incidents are discovered on the Internet. The new tool, named “BGP Stream,” is powered by data collected by BGPmon, a network and routing monitoring services company acquired...
Continue reading »

Eaton Patches TCP/IP Stack Flaw Affecting Controls, Relays

alarms_screenshot_arrow
Power management solutions provider Eaton has released software updates to address a vulnerability affecting the Cooper Power Series Form 6 recloser control and Idea/IdeaPLUS relay protection platforms. Power grid operators from across the world use the Form 6 control and Idea/IdeaPLUS relay protection platforms to apply protection and...
Continue reading »

Google Play Checks Bypassed by Hacking Team Android Backdoor

android-5-0-lollipop
An Android backdoor developed by the Italian surveillance software maker Hacking Team is capable of bypassing the Google Play screening process. The threat is designed to allow the company’s customers to install spyware on smartphones, Trend Micro reports. Researchers continue to analyze the 400GB of data leaked as...
Continue reading »

Chinese APT Group Uses Hacking Team’s Flash Player Exploit

scanbox-CS
The Adobe Flash Player exploit stolen by hackers from spyware maker Hacking Team has been leveraged by advanced persistent threat (APT) groups, according to security solutions provider Volexity. One of the groups observed leveraging CVE-2015-5119, which Adobe patched on Wednesday morning, is known as Wekby, APT 18, Dynamite...
Continue reading »

OpenSSL Patches Serious Certificate Forgery Vulnerability

os-12002
The developers of OpenSSL have released versions 1.0.2d and 1.0.1p to address a high severity vulnerability that can be exploited by an attacker to bypass certain untrusted certificate checks and issue invalid certificates. The issue, described by OpenSSL as an alternative chain certificate forgery flaw (CVE-2015-1793), was introduced...
Continue reading »