Top 10 Stories

An e-mail has gone out from IBM about its Bluemix cloud: after next Tuesday, the SoftLayer APIs will no longer accept connections encrypted with the ancient TLS 1.0. It's not quite a surprise that the 1990s-era protocol was still accepted: a great many services are still midway through their deprecation plans. View Full Story ORIGINAL SOURCE: The Register

German chemicals company BASF said it currently had no indication that a network disruption affecting logistics at its Ludwigshafen headquarters was caused by a cyber attack. "There is currently no reason to assume that the disruption was caused by hacking. Our experts are still at an early stage of investigating the cause," a spokeswoman said. View Full Story ORIGINAL SOURCE: Reuters

Senator Mark Warner (D-Va) is worried about cybersecurity threats to the US securities market. The influential Democrat, who sits on the Committee on Banking, Housing and Urban Affairs, the Committee on Finance, and the Select Committee on Intelligence, on August 1 sent a letter to Securities and Exchange Commission chairman Jay Clayton. In it, he asked the SEC to provide more information on cybersecurity rules in the US securities market.  The letter is focused on Regulation Systems Compliance and Integrity...

Top tip: Don't fetch and install dodgy Flash updates from random websites A new breed of Android malware is picking off mobile banking customers, particularly those in the UK and Germany, we're told. The Svpeng software nasty has been around for four years, and its creator was caught and thrown in the clink in 2015. However, the malware keeps on evolving, thanks to other crooks trying their hand with the code. View Full Story ORIGINAL...

More attacks may have made it through the cyber defences without being detected The Scottish government has been attacked with ransomware twice in the past year, in attempts to extort money. In its response to a Freedom of Information request, the government said that its ‘networks, systems and websites are constantly monitored and any identified attack is automatically assessed and prioritised based on its threat profile, and dealt with accordingly.' View Full Story ORIGINAL SOURCE:...

Mozilla spins share 'n' synch as Google spins its own virtues Google and Mozilla have each revealed significant new features in their respective browsers. Chrome has gained its long-foreshadowed ad-blocker that Google swears on a stack of bibles will only excise ads that get in your face in unpleasant ways. View Full Story ORIGINAL SOURCE: The Register

According to a new SANS survey, 40 percent of respondents rated malicious insiders (insiders who intentionally do harm) as the most damaging threat vector their companies faced. Furthermore, nearly half (49 percent) said they were in the process of developing a formal incident response plan with provisions to address insider threat. This further illustrates the urgency with which companies are moving to address this threat vector. View Full Story ORIGINAL SOURCE: Help Net Security

The internet of things is a massive security nightmare. US lawmakers are finally starting to try and fix that. A bipartisan group of U.S. senators is introducing legislation that seeks to address vulnerabilities in computing devices embedded in everyday objects — known in the tech industry as the "internet of things" — which experts have long warned poses a significant threat to global cyber security. View Full Story ORIGINAL SOURCE: Business Insider

Attackers can look legit while hitting APIs that make the most work for an app Netflix has identified denial of service threat to microservices architectures that it's labelled “application DDOS”. Traditional DDOS attacks flood networks with bogus traffic so that infrastructure runs out of resources to serve legitimate users. Netflix characterises an application DDOS attack as one in which attackers “focus on expensive API calls, using their complex interconnected relationships to cause the system to...

A researcher has found an often-misconfigured protocol puts sex toys, heart monitors, and even oil pipelines and particle accelerators at risk of attack. Lucas Lundgren sat at his desk as he watched prison cell doors hundreds of miles away from him opening and closing. He could see the various commands floating across his screen in unencrypted plain text. "I could even issue commands like, 'all cell blocks open'," he said in a phone call last...