Blog: In The News
You are here: Home \ Blog
Niantic, Inc. – the company behind the ubiquitous, can’t-go-10-minutes-without-hearing-about-it Pokémon GO game – said Monday night it wasn’t the company’s intent to request full access permission of its users’ Google accounts. The company, a Google spinoff, was put in the crosshairs over its security, or lack thereof, earlier this week after it was discovered the app had...
Trusted Mac OS X firewall Little Snitch is vulnerable to local privilege escalation attacks that could give criminals the ability plant rootkits and keyloggers on some El Capitan systems. The Little Snitch firewall vulnerability was found by Synack Director of Research and well-known OS X hacker Patrick Wardle. Affected are 3.x versions of the Little...
Adobe today pushed out an updated Flash Player that patched 52 vulnerabilities, most of which led to remote code execution on compromised machines. The 52 flaws represent one of the biggest security updates in Flash this year, in what has been a busy time around the beleaguered software. Already, Adobe has had to push out emergency...
The xDedic market has resurfaced, this time on a Tor network domain and with the inclusion of a new $50 USD enrollment fee. XDedic’s original domain (xdedic[.]biz) disappeared shortly after a June 16 Kaspersky Lab report describing how xDedic provided a platform for the sale of compromised RDP servers. At the time of the report, there...
Researchers have observed ransomware so sophisticated over the last few months that we’ve seen a variant tease researchers with strings of hidden code and another composed entirely of JavaScript. But not every attacker is technically proficient; researchers are suggesting the ones behind a new strain of ransomware may just be plain lazy. The ransomware Ranscam simply deletes users’ files, even if the...
A malware dropper with designs on specific targets was found in a private underground forum and is likely the predecessor to the Furtim malware that was uncovered in May. Researchers at SentinelOne today published a report that says the dropper sample they investigated, which they’re calling SFG, was built to target at least one unnamed...
The four-month-old Jigsaw ransomware has been defeated again. The ransomware, that packs an emotional punch with its creepy graphics and hallmark countdown clock, can be overcome simply by tricking the ransomware code into thinking you’ve already paid. Researchers at Check Point published a fix for those infected by Jigsaw. The ransomware originally got is name...
Datadog, a software-as-a service-based provider of IT infrastructure monitoring and analytics services, has forced a password reset on all of its user and admin accounts following a breach last Friday. “We have detected unauthorized activity associated with a handful of production infrastructure servers, including a database that stores user credentials,” company CSO Andrew Becherer said...
Researchers are warning would-be Pokémon Trainers that a malicious, backdoored version of the massively popular game Pokémon Go could be making the rounds soon. An APK (Android application package file) of the game has been rigged with a remote access tool (RAT) called Droidjack that if installed, could essentially give an attacker complete access to...
Google last week announced changes in the way it will handle trusted Certificate Authorities in Nougat, the latest version of the Android operating system. The changes are expected to cut into the likelihood of a successful man-in-the-middle attack, or a device falling victim to an attacker-supplied custom certificate. This also takes a bit of pressure...
... 182183184185186187188189190 ... 198 ... 207 ... 216 ... 225 ... 234 ... 243 ... 252 ... 261 ...