Under Armour has notified users of its MyFitnessPal, a food and nutrition application and website, about a data breach of customer personal data. Affected information includes usernames, email addresses, and hashed passwords. The company said the majority of hashed passwords were protected using the bcrypt hashing algorithm.
The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) are releasing a warning related to brute force attacks.
Talos security researchers have spotted a new family of malware dubbed "GoScanSSH" that compromises internet-facing SSH servers. The malware targets default and weak passwords via a brute force attack on SSH systems that allow password-based SSH authentication.
OpenSSL has released security updates to address several vulnerabilities that impact previous versions of OpenSSL 1.1.0 and 1.0.2.
The city of Atlanta was hit in a massive ransomware attack. Many systems and services were still down nearly four days after the attack first hit last Thursday. The ransomware…
The United States Department of Justice announced nine Iranian citizens, working on behalf of the Iranian government, were charged in a massive computer hacking campaign.
Microsoft issued new security guidance on the Credential Security Support Provider protocol (CredSSP) vulnerability (CVE-2018-0886) that could allow remote code execution. As part of the updates, Microsoft plans to soon prevent un-patched RDP clients (that uses CredSSP) from authenticating to Windows.
Researchers at Purdue University have developed a new tool dubbed R2D2 (short for “Reactive Redundancy for Data Destruction Protection”) that can protect systems from disk-wiping malware such as Shamoon and Stonedrill.
Citrix has released patches for Citrix XenServer that address several vulnerabilities. If exploited, an attacker or malicious administrator of a guest VM could crash or compromise certain XenServer hosts.