web analytics

beyond the hype

Non-malware attacks, artificial intelligence (AI), and machine learning (ML) have emerged as the topics of the day in cybersecurity. AI and ML’s roles in preventing cyberattacks have been met with both hope and skepticism. They have been marketed as game-changing technologies though doubts still persist, especially when used in siloes. Their emergence is due largely… Continue reading beyond the hype

Booby-trapped Word documents in the wild exploit critical Microsoft 0day

There’s currently no patch for the bug, which affects most or all versions of Word.                  Dan Goodin – 4/8/2017   There’s a new zeroday attack in the wild that’s surreptitiously installing malware on fully-patched computers. It does so by exploiting a vulnerability in most or all versions of Microsoft Word.   The… Continue reading Booby-trapped Word documents in the wild exploit critical Microsoft 0day

Apple Malware Appears to Be Skyrocketing

8th April 2017 By Jonathan Vanian   If you’re a Mac user, you might want to look out for an increase of unwanted advertisements popping out from your web browsers.   Security firm McAfee released a report this week that showed a big jump in 2016 regarding malware hitting the Mac operating system. The McAfee report… Continue reading Apple Malware Appears to Be Skyrocketing

The top 5 dumbest cyber threats that work anyway

April 8, 2017 by William Tsing   The common conception of cyber attacks is kind of like bad weather: ranging from irritating to catastrophic, but always unpredictable. Hackers are simply too sophisticated to draw any reliable judgments on and we shouldn’t try. As it turns out, some hackers are fairly predictable in their successful use… Continue reading The top 5 dumbest cyber threats that work anyway

Neptune 4.5.4 Arrives with Linux Kernel 3.18.48 LTS, Dozens of Security Fixes

The newer Linux 4.9.18 LTS kernel is available in the repos                                     Apr 7, 2017 20:40 GMT  ·  By Marius Nestor   The developers behind the Debian-based Neptune Linux distribution announced today, April 7, 2017, the release and immediate availability for download of the fourth maintenance update to the Neptune 4.5 stable series… Continue reading Neptune 4.5.4 Arrives with Linux Kernel 3.18.48 LTS, Dozens of Security Fixes

Jailbreaking puts mobile users at risk

7th April 2017 By Sead Fadilpašić                                               Mobile users frequently stray from official app stores when looking for new mobile applications, putting themselves under increased risk from malware, ransomware and other malicious actors. This is according to a new report by RiskIQ, which says that users in the… Continue reading Jailbreaking puts mobile users at risk

Baseband Zero Day Exposes Millions of Mobile Phones to Attack

By Tom Spring April 7, 2017 , 4:10 pm                                                    MIAMI—A previously undisclosed baseband vulnerability impacting Huawei smartphones, laptop WWAN modules and IoT components was revealed Thursday at the Infiltrate Conference by researcher Ralf-Phillip Weinmann, managing director at security firm Comsecuris. In one attack scenario, the vulnerability… Continue reading Baseband Zero Day Exposes Millions of Mobile Phones to Attack

QNAP NAS devices open to remote command execution

Zeljka Zorz – April 7, 2017   If you’re using one of the many QNAP NAS devices and you haven’t yet upgraded the QTS firmware to version 4.2.4, you should do so immediately if you don’t want it to fall prey to attackers.                                              … Continue reading QNAP NAS devices open to remote command execution

A huge trove of patient data leaks, thanks to telemarketers' bad security

The data of almost a million patients with diabetes and other medical ailments has been secured.                                     By Zack Whittaker for Zero Day | April 7, 2017   A trove of records containing personal and health information on close to a million people was exposed after a former developer working at a telemarketing… Continue reading A huge trove of patient data leaks, thanks to telemarketers' bad security

New Macro-Based Malware Attacks Windows and MacOS systems

A new form of Microsoft Word macro-based malware has been discovered by cyber security researchers. This malware can affect both Windows and MacOS systems but follows different methods of attack for each operating system. The malicious macro is built-up on VBA (Visual Basic for Applications) code and contains instructions to automatically execute when the file… Continue reading New Macro-Based Malware Attacks Windows and MacOS systems