The team behind the free networking software Samba has issued and emergency patch for a remote code execution vulnerability. more
The recent heavy news coverage of WannaCry has overshadowed the latest WikiLeaks release of critical CIA malware documentation: user manuals for two hacking tools named AfterMidnight and Assassin. more
WannaCry, originated firstly in state projects but spread by other actors, has touched upon myriads of infrastructure such as hospitals, telecommunication, railroads that many countries have labelled as critical. IT engineers are hastily presenting patching codes in various localized versions. The other patch needed, however, is more than technical. It is normative and legislative. The coding of that patch for a situation like this is in two layers of dilemma. more
Security researchers are reporting a massive attack today, dubbed "WannaCry", which has reached 45,000 attacks in 74 countries around the world so far, mostly in Russia. more
One thing was clear from a recent presentation by the new leaders of the SF-Bay Internet Society (ISOC) Chapter Working Groups: inclusion and collaboration will be the key to these groups' success. As Dr. Brandie Nonnecke, the Internet Governance Working Group (WG) Chair said, "We haven't yet cracked the code on what 'multistakeholder' means." But that won't stop her and Dr. Jaclyn Kerr, the Data Protection, Privacy, and Security WG Chair, from trying. more
WikiLeaks on Friday released a new set of leaks -- Vault 7 "Grasshopper" -- containing 27 documents from the CIA's Grasshopper framework, a platform used to build customized malware payloads for Microsoft Windows operating systems. more
NANOG 69 was held in Washington DC in early February. Here are my notes from the meeting. It would not be Washington without a keynote opening talk about the broader political landscape, and NANOG certainly ticked this box with a talk on international politics and cyberspace. I did learn a new term, "kinetic warfare," though I'm not sure if I will ever have an opportunity to use it again! more
While conventional cyber attacks are evolving at breakneck speed, the world is witnessing the rise of a new generation of political, ideological, religious, terror and destruction motivated "Poli-Cyber™" threats. These are attacks perpetrated or inspired by extremists' groups such as ISIS/Daesh, rogue states, national intelligence services and their proxies. They are breaching organizations and governments daily, and no one is immune. more
The new year is upon us and it's time for our annual look at CircleID's most popular posts of the past year and highlighting those that received the most attention. Congratulations to all the 2016 participants and best wishes to all in the new year. more
After over four years of investigation, the international criminal infrastructure platform known as 'Avalanche' is reported to have been dismantled via a collaborative effort involving Public Prosecutor's Office Verden and the Lüneburg Police (Germany) in close cooperation with the United States Attorney's Office for the Western District of Pennsylvania, the Department of Justice and the FBI, Europol, Eurojust and global partners. more
Close to a million Deutsche Telekom customers have had trouble getting online since Sunday afternoon which the company on Monday confirmed to be the result of an "outside" attack. more
Several models of Android mobile devices discovered containing firmware that collect sensitive personal data about their users and transmitted this sensitive data to third-party servers without disclosure or the users' consent. more
U.S. Department of Transportation issues Federal guidance to the automotive industry for improving motor vehicle cybersecurity. The guidance covers cybersecurity best practices for all motor vehicles, individuals and organizations manufacturing and designing vehicle systems and software. more
A total of 3.2 million debit cards across 19 banks may have been compromised as a result of a suspected malware attack. The breach, possibly largest of its kind in India, was confirmed by the National Payment Corporation of India (NPCI) in a statement today. more
The source code for the IoT botnet 'Mirai' has been released," warns security expert Brian Krebs whose own website was targeted with the same botnet resulting in the historically large DDoS attack last month. more
A World-Renowned Source for Internet Developments. Serving Since 2002.