web analytics

A Russian hacker has created his own ‘starter pack’ ransomware service

Now even low-level criminals can jump into the ransomware game, said the researchers who found the malware.                                         By Zack Whittaker for Zero Day | April 18, 2017   A new kind of highly-customized ransomware recently discovered by security researchers allows individual criminals to deliver “ransomware-as-a-service”.  … Continue reading A Russian hacker has created his own ‘starter pack’ ransomware service

Microsoft Creates Hacker-Proof Iris Scanner for Potential Surface Phone

Redmond develops new tech for future devices                                      Apr 18, 2017 10:00 GMT  ·  By Bogdan Popa   Microsoft is more or less the pioneer of iris scanners on mobile phones, as the company was among the first to introduce such tech on smartphones with Lumia 950 in October 2015, and now it… Continue reading Microsoft Creates Hacker-Proof Iris Scanner for Potential Surface Phone

Lawyers, malware, and money: The antivirus market’s nasty fight over Cylance

On the front lines of the antivirus industry’s “testing wars.”                                        Sean Gallagher – 4/17/2017   Last November, a systems engineer at a large company was evaluating security software products when he discovered something suspicious.   One of the vendors had provided a set of malware samples to test—48… Continue reading Lawyers, malware, and money: The antivirus market’s nasty fight over Cylance

Critical VMware Flaw Opens Virtual Infrastructures to Attack

17th April 2017 By Tara Seals   Cloud computing specialist VMware has patched a critical vulnerability in its vCenter Server platform.   The vulnerability, which affected two versions of vCenter, 6.5 and 6.0. allows a remote attacker to execute arbitrary code and take control of a system within a limited scenario—specifically, when deserializing an untrusted… Continue reading Critical VMware Flaw Opens Virtual Infrastructures to Attack

Windows admins, has Microsoft completely screwed up its security reports?

Yes!! is my short answer to that.   The old bulletins are gone, and now there’s a searchable database. Peter Bright – 4/17/2017   The last three Patch Tuesdays haven’t been the straightforward affairs we’re used to. February’s was a big deal because it was delayed and then canceled outright, with Microsoft never explaining to us… Continue reading Windows admins, has Microsoft completely screwed up its security reports?

IoT malware clashes in a botnet territory battle

The Hajime malware is competing with the Mirai malware to enslave some IoT devices                                      By Michael Kan | Apr 17, 2017   Mirai — a notorious malware that’s been enslaving IoT devices — has competition.   A rival piece of programming has been infecting some of the same easy-to-hack internet-of-things products, with… Continue reading IoT malware clashes in a botnet territory battle

CradleCore Ransomware Sold as Source Code

By Ionut Arghire on April 17, 2017   The author of a new piece of ransomware is selling their creation on underground forums as source code, Forcepoint security researchers have discovered.   Dubbed CradleCore, the threat breaks from the ransomware-as-a-service (RaaS) business model that many miscreants have adopted lately, and allows “customers” to take advantage… Continue reading CradleCore Ransomware Sold as Source Code

Watch out, the Riddle vulnerability affects some Oracle MySQL versions. Update them now

April 15, 2017  By Pierluigi Paganini   A bug dubbed Riddle vulnerability affecting MySQL 5.5 and 5.6 clients exposed user credentials to MiTM attacks. Update to version 5.7.   A coding error dubbed The Riddle has been uncovered in the popular DBMS Oracle MySQL, the issue can be potentially exploited by attacker powering a man-in-the-middle attack to steal usernames… Continue reading Watch out, the Riddle vulnerability affects some Oracle MySQL versions. Update them now

Microsoft already fixed the ‘Shadow Brokers’ exploits on supported versions of Windows

See Also – NSA-leaking Shadow Brokers just dumped its most damaging release yet   15th April 2017 By Brian Fagioli   Say what you want about Microsoft, but the company stays on top of security. Yeah, it may issue more patches and fixes for Windows compared to some other operating systems, but that doesn’t necessarily… Continue reading Microsoft already fixed the ‘Shadow Brokers’ exploits on supported versions of Windows

An Important Linux Kernel Security Patch Is Available for CentOS 7, Update Now

The kernel update addressed four security vulnerabilities                                   Apr 15, 2017 06:30 GMT  ·  By Marius Nestor   CentOS maintainer Johnny Hughes has informed the community about the availability of yet another important kernel security update, this time for users of the CentOS Linux 7 operating system series.   CentOS being derived from… Continue reading An Important Linux Kernel Security Patch Is Available for CentOS 7, Update Now