Even Brian Krebs can be caught out! it just shows that everyone has to stay on their guard. 21st April 2017 Last month Yours Truly got snookered by a too-good-to-be-true online scam in which some dirtball hijacked an Amazon merchant’s account and used it to pimp steeply discounted electronics that he never intended… Continue reading How Cybercrooks Put the Beatdown on My Beats
Skype Fixes ‘SPYKE’ Credential Phishing Remote Execution Bug
By Chris Brook April 21, 2017 Microsoft recently fixed a vulnerability in its video chat and messaging app Skype that could have allowed an attacker to execute code on the system it was running on, phish Skype credentials and crash the application. Zacharis Alexandros, an independent researcher who’s also with the European Union Agency… Continue reading Skype Fixes ‘SPYKE’ Credential Phishing Remote Execution Bug
LinkedIn U-turns on Bluetooth-enabled ‘Tinder for marketers’
I cannot even begin to wonder why they thought it was a good idea! Pop-up requested permission to share data with nearby devices even when app not in use 21 Apr 2017 at 15:22, John Leyden LinkedIn irked privacy advocates by dropping a Bluetooth-enabled “Tinder for marketers” feature into its… Continue reading LinkedIn U-turns on Bluetooth-enabled ‘Tinder for marketers’
Want to watch HSBC’s security awareness videos? You’d best have Flash installed…
I thought this was a joke at first. Graham Cluley April 21, 2017 Most of us know that you’re safer not having Adobe Flash on your computer. There have been too many vulnerabilities, that have been exploited too many times, in too many attacks. Everyone knows Adobe Flash is… Continue reading Want to watch HSBC’s security awareness videos? You’d best have Flash installed…
Elusive Moker Trojan is back
April 21, 2017 by Malwarebytes Labs Some time ago we observed a rare, interesting malware dropped from the Rig-v EK. Its code was depicting that it is written by professionals. Research has shown that it is a sample of Moker Trojan that was discovered in 2015 (read more here). However, for a long time, we… Continue reading Elusive Moker Trojan is back
IoT Malware that Wipes Data from Infected Devices
Security experts and researchers have recently observed certain malware attacks targeting IoT devices that lead to the wiping of data from the infected systems/devices. Based on a couple of attacks that happened recently, it’s inferred that hackers are adding data-wiping routines to certain malware designed to infect IoT and embedded devices. Amnesia, a malware which… Continue reading IoT Malware that Wipes Data from Infected Devices
Malware Author Uses Tweets to Control His Lame DDoS Botnet
20th April 2017 By Catalin Cimpanu A Russian malware author is using codified tweets to start and stop DDoS attacks against desired targets. The DDoS attacks are launched from the computers of infected users using a peculiar piece of malware, which the attacker is spreading via a booby-trapped file named “driversUpdate.exe.” New DDoS… Continue reading Malware Author Uses Tweets to Control His Lame DDoS Botnet
Online ad scam launders legions of pirates and pervs into ‘legit’ surfing
Traffic Alchemist turns base metal into gold 20 Apr 2017 at 16:00, John Leyden An elaborate online ad scam that disguised junk traffic as views on reputable sites has been costing advertisers as much as $7m per month. Fraudsters behind the “Traffic Alchemist” scam… Continue reading Online ad scam launders legions of pirates and pervs into ‘legit’ surfing
RawPOS Malware Steals Driver’s License Information
By Ionut Arghire on April 20, 2017 The RawPOS Point-of-Sale (PoS) RAM scraper malware was recently observed stealing driver’s license information from victims, Trend Micro has discovered. RawPOS is one of the oldest PoS malware families out there, with patterns matching its activity dating as far back as 2008. Over time, the actors… Continue reading RawPOS Malware Steals Driver’s License Information
Introduction to the NIST CyberSecurity Framewor for a Landscape of Cyber Menaces
April 20, 2017 By Pierluigi Paganini The implementation of the NIST CyberSecurity Framework is of vital importance for the changes taking place in the landscape of zero-day threats The NIST CyberSecurity Framework is a guide for businesses and enterprises of good practices for information security. The NIST CyberSecurity Framework proposes a guide, which can adapt… Continue reading Introduction to the NIST CyberSecurity Framewor for a Landscape of Cyber Menaces