• img August 18, 2017

Blowing the Whistle on Bad Attribution

The New York Times this week published a fascinating story about a young programmer in Ukraine who’d turned himself in to the local police. The Times says the man did so after one of his software tools was identified by the U.S. government as part of the arsenal used by Russian hackers suspected of hacking into the Democratic National […]

Read More
  • img August 18, 2017

Hacker Publishes iOS Secure Enclave Firmware Decryption Key

A hacker identified only as xerub published the decryption key unlocking the iOS Secure Enclave Processor.   This post was originally published on https://threatpost.com/feed/. https://blacklakesecurity.com/hacker-publishes-ios-secure-enclave-firmware-decryption-key/

Read More
  • img August 17, 2017

Cisco Patches Privilege Escalation Bugs in APIC

Cisco patched two high-severity vulnerabilities in its Cisco Application Policy Infrastructure Controller (APIC) that could allow an attacker to elevate privileges on the host machine.   This post was originally published on https://threatpost.com/feed/. https://blacklakesecurity.com/cisco-patches-privilege-escalation-bugs-in-apic/

Read More
  • img August 17, 2017

Drupal Patches Critical Access Bypass in Core Engine

A critical flaw in Drupal CMS platform could allow unwanted access to the platform allowing a third-party to view, create, update or delete entities.   This post was originally published on https://threatpost.com/feed/. https://blacklakesecurity.com/drupal-patches-critical-access-bypass-in-core-engine/

Read More
  • img August 17, 2017

NotPetya aftermath: Companies lost hundreds of millions

The infamous NotPetya ransomware attack, which started in Ukraine on June 27 but later spread to many international businesses, has resulted in huge monetary losses for the victims. Even those who paid the ransom couldn’t recover swiftly, as it was discovered that the NotPetya attackers weren’t capable of providing decryption keys. In fact, it is […]

Read More