In-brief: The OpenSSL Project is publishing software updates to address a range of security flaws, at least one of them rated “critical.” The update comes amid a comprehensive audit of the OpenSSL code.
Vulnerabilities
Android SDK Flaw Could Enable Dropbox Data Theft
In-brief: IBM researchers say they discovered a flaw in an SDK from the cloud storage firm Dropbox that could result in Android users accidentally sending their data to a Dropbox account controlled by a malicious actor.
SMEs Face Advanced Threat Sophistication Gap
In-brief: Cisco Vice President Scott Harrell says that small and mid-sized organizations are in the crosshairs of sophisticated cyber criminals. Unfortunately, such firms often lack the tools and skills to identify and contain such threats.
Threats in 2014: Bears and Pandas and Malware – Oh My!
In-brief: a report from the firm CrowdStrike finds sophisticated nation-backed hacking groups were very active in 2014, with attacks on governments, pro-democracy advocates as well as banks and retailers.
New Ransomware, FessLeak, Taps Adobe Flash Flaws
In-brief: A new and sophisticated ransomware family dubbed “Fessleak” is spreading in malicious advertising (or “malvertising”) campaigns by exploiting newly disclosed flaws in Adobe’s Flash technology.
