Archive for January, 2019


From in or about February 2016 through in or about March 2017, the defendants and others conspired to enrich themselves through a sophisticated securities fraud scheme that involved h acking into the computer networks of the United States Securities and Exchange Commission (“SEC”) and stealing annual, quarterly and current reports of publicly traded companies before the reports were disseminated to the investing public. Continue reading

The Ethereum Core Developers and the Ethereum Security Community were made aware of the potential Constantinople-related issues identified by ChainSecurity on January 15, 2019. We are investigating any potential vulnerabilities and will follow with updates in this blog post and across social media channels. Continue reading

The upcoming Constantinople Upgrade for the ethereum network introducescheaper gas cost for certain SSTORE operations. As an unwanted side effect, this enables reentrancy attacks when using address.transfer(...) oraddress.send(...) in Solidity smart contracts. Previously these functions were considered reentrancy-safe, which they aren’t any longer. Continue reading

Del Rio, TX – The City of Del Rio was attacked by ransomware earlier today, which led to servers at City Hall being disabled. Continue reading

BERLIN (Reuters) – Germany’s antitrust watchdog plans to order Facebook to stop gathering some user data, a newspaper reported on Sunday. Continue reading

2019-01-14

  • Firefox 64.02 is our current stable release. This point release came out on January 9th and addresses several issues including:

Continue reading

We found that DoD Components implemented many of the agreed-upon corrective actions necessary to improve system weaknesses identified in issued reports summarized in our FY 2017 cybersecurity summary report; however, recently issued cybersecurity reports indicate that the DoD still faces challenges in managing cybersecurity risk to its network. Additionally, as of September 30, 2018, there were 266 open cybersecurity‑related recommendations, dating as far back as 2008. Continue reading

Our objective was to (1) summarize unclassified and classified reports issued and testimonies made from the DoD oversight community and the Government Accountability Office (GAO) between July 1, 2017, and June 30, 2018, that included DoD cybersecurity issues; (2) identify cybersecurity risk areas for DoD management to address based on the five functions of the National Institute of Standards and Technology (NIST), “Framework for Improving Critical Infrastructure Cybersecurity,” April 16, 2018 (Cybersecurity Framework); and (3) identify the open DoD cybersecurity recommendations. Continue reading

Starting in 2007, Pwn2Own has evolved from a small demonstration with prizes averaging around $10,000 per exploit, to one of the most well-known security contests in the industry, with millions of dollars of cash and prizes made available to contestants over the years. The contest serves as more than just an annual check-in on the state of browser and OS security. It also guides researchers as we add new categories and increase cash awards. Continue reading

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. Continue reading