Monthly Archives: November 2017

Study: 90 percent of top cryptocurrency apps carry security and privacy risks

29th November 2017 By Bradley Barth     Out of 90 studied cryptocurrency mobile apps, 84.6 percent of the apps were determined to contain at least two high-risk vulnerabilities, while 84.3 percent were found with three medium-sized flaws. A study … Continue reading

Posted in anti-malware | Tagged , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Study: 90 percent of top cryptocurrency apps carry security and privacy risks

New Custom RAT Hits Targets in East Asia

By Ionut Arghire on November 29, 2017   A newly discovered custom remote access Trojan (RAT) has been used in attacks on personnel or organizations related to South Korea and the video gaming industry, Palo Alto Networks reveal.   Called … Continue reading

Posted in anti-malware | Tagged , , , , , , , , , , , , , , , , , , , , , , | Comments Off on New Custom RAT Hits Targets in East Asia

Radio Shack robbery to have huge consequences for location privacy

29th November 2017 By Lisa Vaas     The time has come, finally, after years of confusion, to iron out what kind of privacy – if any – Americans can expect with regards to their phones’ location data.   The … Continue reading

Posted in anti-malware | Tagged , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Radio Shack robbery to have huge consequences for location privacy

Bitcoin Gold (BTG) dev team warns its users about a security breach

November 29, 2017  By Pierluigi Paganini     The development team of the Bitcoin Gold (BTG) cryptocurrency is warning all users users about a security breach involving its Windows version of wallet app   The development team of the Bitcoin Gold (BTG) cryptocurrency … Continue reading

Posted in anti-malware | Tagged , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Bitcoin Gold (BTG) dev team warns its users about a security breach

Recently Patched Dnsmasq still affect Siemens Industrial devices

November 29, 2017  By Pierluigi Paganini   Siemens published a security advisory to confirm that four of the seven Dnsmasq vulnerabilities affect some of its SCALANCE products   In October, Google security experts disclosed seven distinct vulnerabilities in the Dnsmasq software package.   From the authors’ website, “Dnsmasq … Continue reading

Posted in anti-malware | Tagged , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Recently Patched Dnsmasq still affect Siemens Industrial devices

Newly Observed Ursnif Variant Employs Malicious TLS Callback Technique to Achieve Process Injection

November 28, 2017 | by Abhay Vaish, Sandor Nemes   Introduction   TLS (Thread Local Storage) callbacks are provided by the Windows operating system to support additional initialization and termination for per-thread data structures.   As previously reported, malicious TLS … Continue reading

Posted in anti-malware | Tagged , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Newly Observed Ursnif Variant Employs Malicious TLS Callback Technique to Achieve Process Injection

Pro tip: You can log into macOS High Sierra as root with no password

    Apple, this is bad – like Windows 95 bad   28th November 2017 By Shaun Nichols     A trivial-to-exploit flaw in macOS High Sierra, aka macOS 10.13, allows users to gain admin rights, or log in as … Continue reading

Posted in anti-malware | Tagged , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Pro tip: You can log into macOS High Sierra as root with no password

Researcher: DJI RCE-holes offered me $500 after I found Heartbleed etc on its servers

Keep your money, says chap (tho Chinese drone firm did patch ’em right quick)   28th November 2017 By Gareth Corfield     Hello, this is 2014 calling, we’ve resurrected an OLD bug   Updated Chinese drone-maker DJI’s bug bounty … Continue reading

Posted in anti-malware | Tagged , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Researcher: DJI RCE-holes offered me $500 after I found Heartbleed etc on its servers

ICOs: The Lawless Land of Cryptocurrency Fundraising

By AFP on November 28, 2017   From raising $30 million in 30 seconds to being endorsed by Paris Hilton or vanishing into thin air: anything is possible in the risky new world of cryptocurrency fundraising, but regulators are lurking. … Continue reading

Posted in anti-malware | Tagged , , , , , , , , , , , , , , , , , , , , , , | Comments Off on ICOs: The Lawless Land of Cryptocurrency Fundraising

Please don’t buy this: identity theft protection services

28th November 2017 By William Tsing   With an ever-increasing tempo of third-party breaches spilling consumer data all across the dark web, a natural impulse for a security-savvy user is to do something proactive to protect their sensitive information. After … Continue reading

Posted in anti-malware | Tagged , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Please don’t buy this: identity theft protection services