Month: March 2017

30th March 2017 By Tara Seals   About one-third of respondents in a survey of RSA attendees describe the state of security monitoring within their organization as “complex and chaotic,” thanks to a lack of visibility into the cloud and proliferating internet of things (IoT) devices.   According to AlienVault’s latest report, many IT professionals… Continue reading Cloud Complexity Leads to Chaotic Security Environments

30th March 2017 By Tara Seals   A fake WordPress plugin is trending, targeting one of the world’s largest open-source applications in order to allow back-door access to a host of websites.   Dubbed WP-Base-SEO, the plugin is a forgery of a legitimate search engine optimization plugin, called WordPress SEO Tools, according to SiteLock, the… Continue reading Fake WordPress Plugin Opens Sites to Criminals

By Catalin Cimpanu March 30, 2017                               In an era of the Internet when most browser vendors are taking steps to migrate away from Flash and all security experts recommend you blast that piece of insecure junk software off your computer, the nice people at FedEx are giving you… Continue reading FedEx Will Give You $5 If You Install Flash

March 30, 2017 by William Tsing                                                   We all know about tech support scams by this point. We know how they cold call, lie their way into your computer, and steal your money. Unfortunately for the scammers, banks know this as well, making it quite difficult at times to maintain an account to… Continue reading Tech support scammers and their banking woes

By Catalin Cimpanu   March 29, 2017   A new attack on smart TVs allows a malicious actor to take over devices using rogue DVB-T (Digital Video Broadcasting — Terrestrial) signals, get root access on the smart TV, and use the device for all sorts of nasty actions, ranging from DDoS attacks to spying on end… Continue reading About 90% of Smart TVs Vulnerable to Remote Hacking via Rogue TV Signals

“Google released its Android Security 2016 Year In Review report yesterday and it threw up some very interesting perspectives.   The most interesting one, and also the most controversial is that just 50% of all Android devices received a security update last year. While we can spend hours debating whether the news is good/bad, here… Continue reading Google’s Android Security 2016 Year In Review

By Chris Brook March 29, 2017                                       VMware on Tuesday patched a series of vulnerabilities uncovered earlier this month at Pwn2Own. The flaws enabled an attacker to execute code on a workstation and carry out a virtual machine escape to attack a host server.   Monty Ijzerman, manager of the company’s Security Response Center, confirmed… Continue reading VMware Patches Pwn2Own VM Escape Vulnerabilities

By Ionut Arghire on March 29, 2017   Stealthy command and control methods allowed a newly discovered malware family to fly under the radar for more than three years, Palo Alto Networks security researchers reveal.   Dubbed Dimnie, the threat was discovered in mid-January 2017, when it was targeting open-source developers via phishing emails. An… Continue reading This Stealthy Malware Remained Unnoticed for Three Years

March 29, 2017 by Wendy Zamora                                            Exploits: they’re not your mama’s cyberthreats. At one point in the not-so-distant past, exploits were responsible for delivering 80 percent of malware to people’s systems. But exploits seem to be experiencing a lull today. Does this mean they’re gone for good… Continue reading What are exploits? (And why you should care)

March 29, 2017 by Malwarebytes Labs                                        Sage is yet another ransomware that has become a common threat nowadays. Similarly to Spora, it has capabilities to encrypt files offline. The malware is actively developed and currently, we are facing an outbreak of version 2.2. of this product. Analyzed samples     3686b6642cf6a3d97e368590557ac3f2 –… Continue reading Explained: Sage ransomware