Attackers have exploited the Shellshock vulnerability - a.k.a. Bash bug - to infect at least 700 Linux systems with malware that includes the ability to launch DDoS attacks. Users of Unix systems are vulnerable.
Leading this week's industry news roundup, IBM opens a new cloud resiliency center to provide business continuity capabilities, and Gemalto launches a solution to enable secure eBanking applications on PCs.
Security experts are warning that millions of systems - Apache servers, Linux and Mac systems, and innumerable Internet of Things devices - may be vulnerable to a flaw in Unix that attackers are already using to gain shell access.
Financial institutions are starting to report fraud tied to the massive Home Depot payment card data breach. One card issuer calls the fraud ramp up "much greater than what we saw from Target, Michaels and Neiman Marcus."
The Consumer Financial Protection Bureau, responding to government auditors, is formalizing a privacy plan that addresses how the federal agency will assess and manage privacy risks and monitor and audit privacy controls, Director Richard Cordray says.
Fraudsters continue to make inroads against financial institutions based in the United Kingdom - and beyond - because banks aren't working together to share information about the attacks they see, according to presenters at the London Fraud Summit.
A researcher says he tricked the Touch ID biometric fingerprint scanner built into the new iPhone 6, using a fake fingerprint created with glue. But it remains to be seen how well would-be fraudsters could employ this technique.
It is no secret that the move to cloud infrastructure offers organizations many compelling business benefits, including cost savings and on-demand scalability. Yet, in their rush to reap those benefits, business leaders often fail to grasp new realities.