Archives: May 2016
You are here: Home \ 2016 \ May
Hackers claim to have unearthed a zero-day vulnerability giving attackers admin rights to any Windows machine from Windows 2000 to a fully patched version of Windows 10. The zero day is for sale on the black market for $90,000. Security experts say the zero-day exploit looks legitimate and in the wrong hands could be an...
Apple has yet to patch a vulnerability disclosed during last week’s Hack in the Box hacker conference in Amsterdam that allows an attacker with physical access—even on the latest versions of iOS—to swap out legitimate apps with malicious versions undetected on the device. Researcher Chilik Tamir of mobile security company Mi3 Security disclosed last week...
Hackers are peddling roughly 427 million passwords belonging to users of MySpace, a social network that in its heyday was one of the most visited sites on the internet. The same service that claimed to have information on 164 million LinkedIn users earlier this month is now boasting to have information on 360 million MySpace...
Crooks breaking into enterprise networks are holding data they steal for ransom under the guise they are doing the company a favor by exposing a flaw. The criminal act is described as bug poaching by IBM researchers and is becoming a growing new threat to businesses vulnerable to attacks. According to IBM’s X-Force researchers, the...
Last year’s Superfish and eDellRoot bloatware mishaps exposed the security nightmare that pre-installed software updaters can create on new laptops. And while these two high-profile incidents made the issue public, they’re hardly isolated cases. Many popular consumer and business laptops from manufacturers such as Dell, HP, Lenovo, Asus and Acer include bloatware that have a...
Businesses were hit hardest by inbox-based scams in 2015 that robbed U.S. companies of $263 million. The numbers come from the FBI’s recently released 2015 Internet Crime Report that tallies the types of cybercrimes hitting U.S. business and individuals the hardest. According to the FBI, its Internet Crime Complaint Center (IC3) received 288,012 complaints last...
The FBI’s refusal to share details about a network investigative technique it used to gather evidence against a Vancouver teacher charged with possession of child pornography has forced a federal judge’s hand to exclude the evidence from trial. The NIT used by the FBI to hack the Playpen website is believed to have de-anonymized users...
Security researcher Mariusz Mlynski is having a good month. Having cashed in earlier in May to the tune of $15,500, Mlynski pocketed another $30,000 courtesy of Google’s bug bounty program after four high-severity vulnerabilities were patched in the Chrome browser, each worth $7,500 to the white-hat hacker. On Thursday afternoon, Google pushed out Chrome version...
With the scourge of digital credential theft on the rise Microsoft is urging IT admin to button-up their networks and get serious about passwords and account security. The IT behemoth posted on Tuesday a best practices cheat sheet for administrators along with updating customers on some of the company’s latest security tools for keeping accounts...
Amazon customers were targeted in a massive spear phishing campaign where recipients received Microsoft Word documents with a macro that triggered downloads of the Locky ransomware. Researchers at Comodo Threat Research Labs say it is one of the largest spam ransomware campaigns this year. Fatih Orhan, director of technology at Comodo and the Comodo Threat...