Top 10 Stories

Hackers behind a criminal attack planned against iCloud and iPhone users say they are still preparing to breach the accounts of up to 750 million users. That's despite assurances from Apple to customers that their servers are safe. The London-based group - who identify themselves as the 'Turkish Crime Family' - has also upped its ransom demands from $75,000 (£60,000) to $700,000 (£560,000). View full story ORIGINAL SOURCE: Daily Mail

Apple’s initial analysis of the iPhone and Mac exploits disclosed by WikiLeaks on Thursday shows that the vulnerabilities they use have already been patched. The company told WikiLeaks to send the information it possesses through the regular submission process. View full story ORIGINAL SOURCE: Security Week

Cisco Systems patched a critical vulnerability Wednesday that could allow an unauthenticated, remote attacker to execute remote code on affected hardware and gain root privileges. The bug is in Cisco’s Data-in-Motion (DMo) process, part of the company’s IOx application environment that marries its IOS networking software with Linux. According to a Security Advisory on Wednesday the vulnerability affects Cisco 800 series industrial integrated service router models IR809 and IR829. View full story ORIGINAL SOURCE: Threat...

A multi-state database was hacked, potentially revealing names, dates of birth and Social Security numbers of hundreds of thousands of job seekers across 10 states...so far. The site, America's Job Link Alliance (AJLA), is offered by the Department of Labor (DOL) and is managed by a third party. Kansas-based AJLA is used to coordinate federal unemployment and workforce development programs. Reports are still coming in but currently 10 states have been impacted: Alabama, Arizona, Arkansas,...

If the CIA wants inside your Mac, it may not be enough that you so carefully avoided those infected email attachments or maliciously crafted web sites designed to plant spyware on your machine. Based on new documents in WikiLeaks’ ongoing release of CIA hacking secrets, if Langley’s hackers got physical access, they still could have infected the deepest, most hidden recesses of your laptop. View full story ORIGINAL SOURCE: Wired

Researchers from FortiGuard Labs, part of Fortinet, have captured malware that infects both Windows and Apple OS X. The malware is distributed inside an infected Microsoft Word file. The malware asks the users to enable the Macro security option. From there it executes different code depending on which platform it is running. View full story ORIGINAL SOURCE: Enterprise Times

A serious vulnerability in the SAP client GUI could expose millions of end-users of the popular enterprise resource planning (ERP) software to ransomware attacks - and worse. That is the warning of Vahagn Vardanyan, a senior security researcher at ERP software security specialists ERPScan, demonstrating the flaw for the first time today at the company's Troopers security conference in Heidelberg, Germany today. View full story ORIGINAL SOURCE: Computing

In response to a ransom threat in which hackers are claiming to have access to more than 600 million iCloud accounts, Apple told Fortune there have been no breaches of its systems. Instead, if the hackers do have access to iCloud accounts, Apple suggests previously compromised third-party services are at fault. From an Apple spokesperson: There have not been any breaches in any of Apple's systems including iCloud and Apple ID," the spokesperson said. "The...

A new proof-of-concept exploit known as DoubleAgent can not only hijack third-party Windows antivirus software, but use said software to deliver further attacks. While there’s no evidence that the exploit has made its way into the wild yet, most antivirus programs are still completely susceptible to it. View full story ORIGINAL SOURCE: Laptop Magazine

From its closed supply chains, custom-designed security chips and 700-strong security engineering team to instant two-factor authentication and IAP and DLP offerings, Google has been moving aggressively both to tout its own security credentials and to “Googlefy” the enterprise – dragging it kicking and screaming out of half-century-old security practices and to a modern security stance. Through its sister organization Alphabet Jigsaw (formerly Google Ideas) the company has translated its technologies to the needs of...