Google Play Bounty Promises $1,000 Rewards for Flaws in Popular Apps

Google announced a public bug bounty for Google Play that brings developers and researchers together to find and patch flaws in popular apps. Source: Threadpost

Hackers Take Aim at SSH Keys in New Attacks

SSH private keys are being targeted by hackers who have stepped up the scanning of thousands of WordPress website in search of private keys. Source: Threadpost

Google Advanced Protection Trades Ease-of-Use for Security

Experts applaud a new Google service, Advanced Protection, which beefs up account password protection and limits access to a user’s Gmail and Drive. Source: Threadpost

FBI Asks Businesses to Share Details About DDoS Attacks

The FBI has made an appeal to organizations victimized by DDoS attacks to share details and characteristics of those incidents. Source: Threadpost

BoundHook Attack Exploits Intel Skylake MPX Feature

A new attack method takes advantage a feature in Intel’s Skylake microprocessor allowing for post-intrusion application hooking and stealth manipulation of applications. Source: Threadpost

Critical Code Execution Flaw Patched in PeopleSoft Core Engine

Organizations running PeopleSoft exposed to the internet should pay attention to a remote code execution vulnerability patched in the latest Oracle Critical Patch Update. Source: Threadpost

Oracle Patches 250 Bugs in Quarterly Critical Patch Update

Three critical SQL injection vulnerabilities in Oracle's popular E-Business Suite make up a part of 250 bugs patched for the company's quarterly Critical Patch Update, Source: Threadpost

Lenovo Quietly Patches Massive Bug Impacting Its Android Tablets and Zuk, Vibe Phones

Lenovo customers are being told to update their Android tablets and handsets to protect themselves against a handful of critical vulnerabilities impacting tens of millions of vulnerable Lenovo devices. Source: Threadpost

ATM malware is being sold on Darknet market

Disclaimer and warning ATM systems appear to be very secure, but the money can be accessed fairly easily if you know what you are doing. Criminals are exploiting hardware and software vulnerabilities...

Factorization Flaw in TPM Chips Makes Attacks on RSA Private Keys Feasible

A flawed Infineon Technology chipset left HP, Lenovo and Microsoft devices open to what is called a 'practical factorization attack,' in which an attacker computes the private part of an RSA...