Top 10 Stories

A bug on AlphaBay, the largest active dark web marketplace, allowed outsiders to read 30 days worth of private messages on the site. A total of 218,000 messages were obtained, according to the market’s administrators, giving an attacker the ability to view messages between vendors and buyers selling everything from illicit drugs to stolen digital data. View full story ORIGINAL SOURCE: Cyberscoop

Code Dx, Inc., a provider of an award-winning suite of fast and affordable tools that help software developers, testers and security analysts find, prioritize and manage software vulnerabilities, today announced the 2017 Application Security Report published by Cybersecurity Ventures, a leading research and market intelligence firm. The Application Security Report, sponsored by Code Dx, discusses the rapid growth of the application security market as a result of the billions of new lines of software code...

Apple today released new versions of iOS and macOS Sierra and addressed some overlapping code execution vulnerabilities in both its mobile and desktop operating systems. The updates were part of a bigger release of security updates from Apple that also included Safari, iCloud for Windows, and watchOS. View full story ORIGINAL SOURCE: Threatpost

"The FBI is reviewing the case. At this point, we do not have any reason to believe the cyberattack was targeted towards a specific film," said a Sundance spokesperson. The plot is thickening in the tale of the mysterious cyberattack that crippled the Sundance Film Festival's box-office systems over the weekend. The FBI is investigating the hack and is working with Sundance officials to identify the culprit, a festival spokesperson tells The Hollywood Reporter. Although...

Security experts are warning that Android users should brace for a potential spike in hacking attacks after the source code and step-by-step instructions about a piece of malware designed to steal banking credentials was leaked online via an underground forum. View full story ORIGINAL SOURCE: International Business Times

Malicious websites can remotely execute commands on Windows systems that have Cisco WebEx's Chrome extension installed. About 20 million people actively use this broken software. All attackers need to know is a “magic URL” hidden within WebEx, Google Project Zero bug hunter Tavis Ormandy revealed on Monday. We think a secret "magic URL" is the nicest possible way of saying "backdoor," be it deliberate or accidental. View full story ORIGINAL SOURCE: The Register

The HummingBad malware first discovered in February 2016 is making a return visit to the charts. The original was cleaned up, but not before the malware's authors Yingmob racked up around US$300,000 per month at its peak. Check Point Software Technologies says it's spotted the return version, which it's dubbed HummingWhale, adding the authors have added better ad fraud capabilities to the code. View full story ORIGINAL SOURCE: The Register

Beijing - China has announced a 14-month campaign to "clean up" internet service providers and crack down on devices such as virtual private networks (VPNs) used to evade strict censorship. View full story ORIGINAL SOURCE: Security Week

Theresa May needs the approval of Parliament to trigger the Brexit process, Britain's most senior judges have ruled. The Supreme Court has decided that MPs must be given a vote on triggering Article 50, the formal mechanism for leaving the European Union. The Prime Minister has said she intends to do this by the end of March, and the Government is now expected to quickly publish a bill in an effort to stick to that...

Chelsea Manning will walk out of prison a free woman on May 17 after President Obama in the waning days of his presidency heeded the calls of activists and the public to commute the sentence of the former Army soldier turned whistleblower. Original source: SC Media View full story