In what is shaping up to be potentially the biggest security threat of 2018, proof-of-concept code has been found on GitHub that allows for easy exploitation of the critical vulnerability discovered in Apache Struts 2 Aug. 22. Discovered by security researchers at Recorded Future Inc. Friday, the code, which allows attackers to exploit the flaw by ...

Chinese ride-hailing Didi Chuxing Technology Co. has suspended its Hitch carpooling service after a driver murdered a passenger, the second homicide involving the service since May. The murder was disclosed by police in the city of Leqing, south of Shanghai on Saturday after they found the body of a 20-year-old female. The South China Morning Post reported Saturday that ...

Infamous North Korean hacking outfit Lazarus is targeting cryptocurrency traders with a new malware campaign dubbed “Operation AppleJeus.” Uncovered by security researchers at Kaspersky Lab and publicized Thursday, the campaign was first detected during an investigation into a hack of an unnamed Asian cryptocurrency exchange and involved Lazarus distributing software infected with a trojan virus to ...

Microsoft Corp. is being investigated by the U.S. Securities and Exchange Commission and the Department of Justice over potential bribery and corruption allegations connected to software sales in Hungary, the Wall Street Journal reported Thursday. According to “people familiar with the matter” referenced in the report, the investigation is probing how Microsoft sold software to ...

The Apache Software Foundation issued an urgent patch Tuesday for a serious vulnerability in Struts 2 that allows hackers to execute remote code on servers and websites. The vulnerability, CVE-2018-11776, discovered by Semmle Ltd. security researcher Man Yue Mo, is the result of insufficient validation of untrusted user data injected into the core Struts framework. Affecting all ...

The price of bitcoin dropped Wednesday after the U.S. Securities and Exchange rejected a record nine applications for bitcoin exchange-traded funds. The decision affected applications for two bitcoin ETFs filed by ProShares, one from GraniteShares and five ETFs from Direxion. Reflecting the same concerns it previously raised when rejecting ETF applications from SolidX Bitcoin ETF, the Winklevoss Bitcoin Trust ETF and ...

A day after reports that Russian hackers have been caught targeting conservative institutions and senators, the Democratic National Committee has come out with a new claim that it has “found a suspected attempt to hack into its voter database.” The DNC was scant on providing details even to the point of not even publishing a press release. CNBC ...

Silicon Valley self-driving car startup Zoox Inc. is in need of a new chief executive officer after it ousted founder and now former CEO Tim Kentley-Klay in a somewhat bloody coup. The company, founded in 2014 and as recently as 2016 described as secretive, is not just building self-driving vehicle technology like many others in the ...

A new report from security firm tCell Inc. has found that web application attacks are still unduly high across Amazon Web Services Inc., Google Cloud and Microsoft Azure instances. The Security Report for Web Applications Q2 2018 evaluated 316 million security incidents concluding that attacks against the application are growing in volume and sophistication. As a result, ...

Video creation service Animoto Inc. has revealed a possible data breach in what is either a case of them being hacked or unduly paranoid. According to a notice sent recently to the State of California Department of Justice, Animoto said it first learned of suspicious activity on July 10 after receiving an alert of unusual ...