Categories
Anti-malware

Critical SQL Injection Vulnerability Found in NextGEN Gallery WordPress Plugin

The vulnerability can lead to attackers grabbing data from website database or user sensitive information                                           Feb 27, 2017 22:49 GMT  ·  By Gabriela Vatu   A new SQL Injection vulnerability was discovered in the NextGen Gallery plugin for WordPress, allowing users to grab data from the […]

Categories
Anti-malware

Google Chrome 56's crypto tweak 'borked thousands of computers' using Bluecoat security

Flawed TLS 1.3 takes down Chromebooks, PCs                                        27 Feb 2017 at 22:04, Thomas Claburn   The availability of Transport Layer Security protocol version 1.3 was supposed to make network encryption faster and more secure.   TLS 1.3 dispenses with a number of […]

Categories
Anti-malware

Internet of Things Teddy Bear Leaked 2 Million Parent and Kids Message Recordings

February 27th 2017  By Lorenzo Franceschi-Bicchierai                                                 A company that sells “smart” teddy bears leaked 800,000 user account credentials—and then hackers locked it and held it for ransom.   A company that sells internet-connected teddy bears that allow kids and their far-away parents to exchange […]

Categories
Anti-malware

How Apple Is Pushing Users to Beef Up Security

27th February 2017  By Don Reisinger   Apple is pushing users to think seriously about identity security with a new beta version of its mobile operating system.   The tech giant is suggesting customers using a test version of its mobile operating system iOS enable two-factor authentication—a security feature that requires both a password and […]

Categories
Anti-malware

The latest ransomware threat: Doxware

Like ransomware, doxware encrypts files, but also involves purloining copies   By Rishi Bhargava, Co-founder and VP Marketing, Demisto Network World | February 27, 2017   This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.   As if ransomware wasn’t bad enough, […]

Categories
Anti-malware

Treason charges against Russian cyber experts linked to seven-year-old accusations

See Also – Russia Arrests Top Kaspersky Lab Security Researcher on Charges of Treason   26th February 2017  By Jack Stubbs and Svetlana Reiter   Treason charges brought in December against two Russian state security officers and a cyber-security expert in Moscow relate to allegations made by a Russian businessman seven years ago, according to […]

Categories
Anti-malware

New RaaS Portal Preparing to Spread Unlock26 Ransomware

February 25th 2017  By Catalin Cimpanu   A new Ransomware-as-a-Service (RaaS) portal named Dot-Ransomware is behind the Unlock26 ransomware discovered this past week. First spotted two days ago, this ransomware operation is quite unique as it features a very minimal and direct style, with little-to-no instructions and simple-designed ransom notes and ransom payment portal. Based […]

Categories
Anti-malware

Shamoon 2 malware, ASERT has shed light on the C2 and the infection process

February 26, 2017  By Pierluigi Paganini   The analysis conducted by Arbor Networks on the Shamoon 2 malware has shed light on the control infrastructure and the infection process.   Security researchers from Arbor Networks’ Security Engineering and Response Team (ASERT) have conducted a new analysis of the Shamoon 2 malware discovering further details on the tools […]

Categories
Anti-malware

Google releases details of unpatched Internet Explorer and Microsoft Edge vulnerability

25th February 2017 By Mark Wilson   Not content with publishing details of an unpatched Windows bug, Google has now gone public with a security vulnerability in both Microsoft Edge and Internet Explorer. Going under the description of “Type confusion in HandleColumnBreakOnColumnSpanningElement”, the bug has the potential to allow an attacker to execute malicious code. […]

Categories
Anti-malware

Carder forum claims 150 million logins for sale from CloudBleed case

February 25, 2017  By Pierluigi Paganini   The carder forum CVV2Finder claims to have more than 150 million logins from several popular services, including Netflix and Uber.   The carder forum CVV2Finder claims to have more than 150 million logins, from several popular services, including Netflix and Uber. The operators in the forum are offering the precious commodity […]