Blog: In The News
You are here: Home \ Blog
It didn’t take long for attackers to start capitalizing on the popularity of Pokémon GO. Shortly after Niantic, the company behind the now ubiquitous app, released it last month, researchers spotted a malicious, backdoored version of the app on a file repository service. Now attackers are pushing SMS spam messages to entice Pokémon GO players to visit...
Chrome, Firefox and likely other major browsers are afflicted by a vulnerability that allows attackers to spoof URLs in the address bar. While Mozilla said it has patched the flaw in the affected Android version of the Firefox browser, Google said Chrome will be fixed in an upcoming September release. Some details about the flaw...
A high-stakes game of attribution started by a group claiming to have a cache of exploits belonging to the Equation Group took a somewhat definitive turn Tuesday afternoon. Researchers at Kaspersky Lab yesterday confirmed a connection between the tools currently up for auction by the ShadowBrokers and Equation Group exploits and malware that researchers at...
Researchers today identified a series of ongoing targeted attacks primarily designed to steal sensitive corporate financial data from industrial and engineering organizations in the Middle East. The group behind the campaign, nicknamed Operation Ghoul by researchers at Kaspersky Lab’s Global Research and Analysis Team, has carried out attacks against 130 organizations in 30 countries to date according to...
To say the VeraCrypt audit, which begins today, got off to an inauspicious start would be an understatement. On Sunday, two weeks after the announcement that the open source file and disk encryption software would be formally scrutinized for security vulnerabilities, executives at one of the firms funding the audit posted a notice that four...
Attackers behind the Vawtrak banking Trojan have been keeping busy, updating the malware over the last few weeks with new a domain generation algorithm (DGA) and SSL pinning capabilities. Research published by security firm Fidelis on Tuesday explains the updates and breaks down how Vawtrak’s DGA generates domains, connects to them, and validates their certificates. Researchers looked at two samples they observed on July 28...
Researchers claim to have found the largest ransomware-as-a-service (RaaS) ring to date. The operation generates an estimated $2.5 million annually and targets computer users with a new variant of the notorious Cerber ransomware. According to a research report published today by Check Point Software Technologies and IntSights, the RaaS ring consists of 161 active campaigns with...
Eight out of 10 Android devices are affected by a critical Linux vulnerability disclosed last week that allows attackers to identify hosts communicating over the Transmission Control Protocol (TCP) and either terminate connections or attack traffic. The flaw has been present in the TCP implementation in Linux systems since 2012 (version 3.6 of the kernel),...
Less than a month after disclosing a Windows User Account Control bypass, researcher Matt Nelson today published another attack that circumvents the security feature and leaves no traces on the hard disk. This time, the bypass relies on Event Viewer (eventvwr.exe), a native Windows feature used to view event logs locally or remotely. Nelson said...
Hotels from Vermont to California have been victimized in a data breach that may have leaked payment data from tens of thousands of point of sale purchases. Customers who frequented 20 hotels run by HEI Hotels and Resorts, a hospitality owner that counts hotel chains like Marriott, Sheraton, and Westin, among its brand names, may be...
... 172173174175176177178179180 ... 189 ... 198 ... 207 ... 216 ... 225 ... 234 ... 243 ... 252 ... 261 ...