Amazon’s service outage is causing troubles across the web                                Feb 28, 2017 20:26 GMT  ·  By Gabriela Vatu   Amazon’s S3 web-based storage service is having issues and, in turn, it’s breaking down countless services and websites across the Internet, as well as apps that rely on it.   For the past… Continue reading Amazon AWS S3 Goes Down, Takes Down Services, Websites, Apps With It

By Tom Spring February 28, 2017                                             The Dridex banking Trojan has been updated and now sports a new injection method for evading detection based on the technique known as AtomBombing.   Researchers with IBM X-Force identified the new Dridex v4 sample earlier this month and said it… Continue reading Dridex Trojan Gets A Major ‘AtomBombing’ Update

By Chris Brook February 28, 2017                                                  In what’s turning out to be the zero day that keeps on giving, researchers are still finding ways to exploit an unpatched denial of service vulnerability that exists in the way Windows implements the Server Message… Continue reading Unpatched SMB Zero Day Easily Exploitable

February 28, 2017 by Thomas Reed                                         The Findzip ransomware was discovered on February 22, 2017. At that time, it was thought that files would be irreversibly encrypted by this ransomware, with no chance of decryption. Turns out, that’s not quite true. For those who get infected with Findzip (aka Filecoder),… Continue reading Decrypting after a Findzip ransomware infection

By Eduard Kovacs on February 28, 2017   Popular Android password managers are affected by serious vulnerabilities that can expose user credentials, researchers warned on Tuesday. TeamSIK, a group of security experts from the Fraunhofer Institute for Secure Information Technology in Darmstadt, Germany, has analyzed nine of the most popular Android password managers available on… Continue reading Popular Android Password Managers Expose Credentials

The vulnerability can lead to attackers grabbing data from website database or user sensitive information                                           Feb 27, 2017 22:49 GMT  ·  By Gabriela Vatu   A new SQL Injection vulnerability was discovered in the NextGen Gallery plugin for WordPress, allowing users to grab data from the… Continue reading Critical SQL Injection Vulnerability Found in NextGEN Gallery WordPress Plugin

Flawed TLS 1.3 takes down Chromebooks, PCs                                        27 Feb 2017 at 22:04, Thomas Claburn   The availability of Transport Layer Security protocol version 1.3 was supposed to make network encryption faster and more secure.   TLS 1.3 dispenses with a number of… Continue reading Google Chrome 56's crypto tweak 'borked thousands of computers' using Bluecoat security

February 27th 2017  By Lorenzo Franceschi-Bicchierai                                                 A company that sells “smart” teddy bears leaked 800,000 user account credentials—and then hackers locked it and held it for ransom.   A company that sells internet-connected teddy bears that allow kids and their far-away parents to exchange… Continue reading Internet of Things Teddy Bear Leaked 2 Million Parent and Kids Message Recordings

27th February 2017  By Don Reisinger   Apple is pushing users to think seriously about identity security with a new beta version of its mobile operating system.   The tech giant is suggesting customers using a test version of its mobile operating system iOS enable two-factor authentication—a security feature that requires both a password and… Continue reading How Apple Is Pushing Users to Beef Up Security

Like ransomware, doxware encrypts files, but also involves purloining copies   By Rishi Bhargava, Co-founder and VP Marketing, Demisto Network World | February 27, 2017   This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.   As if ransomware wasn’t bad enough,… Continue reading The latest ransomware threat: Doxware