Amazon’s service outage is causing troubles across the web Feb 28, 2017 20:26 GMT · By Gabriela Vatu Amazon’s S3 web-based storage service is having issues and, in turn, it’s breaking down countless services and websites across the Internet, as well as apps that rely on it. For the past… Continue reading Amazon AWS S3 Goes Down, Takes Down Services, Websites, Apps With It
Dridex Trojan Gets A Major ‘AtomBombing’ Update
By Tom Spring February 28, 2017 The Dridex banking Trojan has been updated and now sports a new injection method for evading detection based on the technique known as AtomBombing. Researchers with IBM X-Force identified the new Dridex v4 sample earlier this month and said it… Continue reading Dridex Trojan Gets A Major ‘AtomBombing’ Update
Unpatched SMB Zero Day Easily Exploitable
By Chris Brook February 28, 2017 In what’s turning out to be the zero day that keeps on giving, researchers are still finding ways to exploit an unpatched denial of service vulnerability that exists in the way Windows implements the Server Message… Continue reading Unpatched SMB Zero Day Easily Exploitable
Decrypting after a Findzip ransomware infection
February 28, 2017 by Thomas Reed The Findzip ransomware was discovered on February 22, 2017. At that time, it was thought that files would be irreversibly encrypted by this ransomware, with no chance of decryption. Turns out, that’s not quite true. For those who get infected with Findzip (aka Filecoder),… Continue reading Decrypting after a Findzip ransomware infection
Popular Android Password Managers Expose Credentials
By Eduard Kovacs on February 28, 2017 Popular Android password managers are affected by serious vulnerabilities that can expose user credentials, researchers warned on Tuesday. TeamSIK, a group of security experts from the Fraunhofer Institute for Secure Information Technology in Darmstadt, Germany, has analyzed nine of the most popular Android password managers available on… Continue reading Popular Android Password Managers Expose Credentials
Critical SQL Injection Vulnerability Found in NextGEN Gallery WordPress Plugin
The vulnerability can lead to attackers grabbing data from website database or user sensitive information Feb 27, 2017 22:49 GMT · By Gabriela Vatu A new SQL Injection vulnerability was discovered in the NextGen Gallery plugin for WordPress, allowing users to grab data from the… Continue reading Critical SQL Injection Vulnerability Found in NextGEN Gallery WordPress Plugin
Google Chrome 56's crypto tweak 'borked thousands of computers' using Bluecoat security
Flawed TLS 1.3 takes down Chromebooks, PCs 27 Feb 2017 at 22:04, Thomas Claburn The availability of Transport Layer Security protocol version 1.3 was supposed to make network encryption faster and more secure. TLS 1.3 dispenses with a number of… Continue reading Google Chrome 56's crypto tweak 'borked thousands of computers' using Bluecoat security
Internet of Things Teddy Bear Leaked 2 Million Parent and Kids Message Recordings
February 27th 2017 By Lorenzo Franceschi-Bicchierai A company that sells “smart” teddy bears leaked 800,000 user account credentials—and then hackers locked it and held it for ransom. A company that sells internet-connected teddy bears that allow kids and their far-away parents to exchange… Continue reading Internet of Things Teddy Bear Leaked 2 Million Parent and Kids Message Recordings
How Apple Is Pushing Users to Beef Up Security
27th February 2017 By Don Reisinger Apple is pushing users to think seriously about identity security with a new beta version of its mobile operating system. The tech giant is suggesting customers using a test version of its mobile operating system iOS enable two-factor authentication—a security feature that requires both a password and… Continue reading How Apple Is Pushing Users to Beef Up Security
The latest ransomware threat: Doxware
Like ransomware, doxware encrypts files, but also involves purloining copies By Rishi Bhargava, Co-founder and VP Marketing, Demisto Network World | February 27, 2017 This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach. As if ransomware wasn’t bad enough,… Continue reading The latest ransomware threat: Doxware