A new run of Spy Banker banking malware infections has been targeting Portuguese-speaking victims in Brazil. While Spy Banker is an old threat, dating back to 2009 according to some security companies, the latest wrinkle attackers are taking is a new one. The campaign, spotted by researchers at Zscaler, spreads primarily over social media—Facebook for...

Now that encryption has been elevated to a default technology on mobile devices, the government has heightened its “Going Dark” rhetoric, again on Wednesday insisting during a Senate Judicial Committee hearing that Silicon Valley figure out how to deliver plain-text communication between criminal and terror suspects to law enforcement. FBI Director James Comey and California...

An unusual DDoS amplification attack was carried out 10 days ago against many of the Internet’s 13 root name servers, the authoritative servers used to resolve IP addresses. The attacks happened on Nov. 30 and again on Dec. 1, and each time, massive volumes of traffic, peaking at five million queries per second, were fired...

Cisco is warning users this week that several of its products — routers, gateways, and data center platforms — suffer from vulnerabilities. The company published five advisories across Monday and Tuesday warning of the issues — all which are being marked “medium” severity. While they all sound pressing, the most concerning vulnerability, at least as...

Google yesterday released an update for the Chrome browser that patches seven vulnerabilities and also updates Adobe Flash Player. It also announced that Google Safe Browsing has been extended to Chrome for Android. The Chrome browser update is the second in less than a week; on Dec 1, Chrome 47 was released and 41 vulnerabilities...

Apple has piled on the patches already released by Adobe and Microsoft today, and pushed out updates for iOS, OS X, Apple TV, Safari, and it’s watch-based operating system watchOS this afternoon. Fifty-four vulnerabilities across OS X were patched Tuesday, including fixes for Mavericks v10.9.5, OS X Yosemite v10.10.5, and the most recent builds of OS...

Forgive your local Windows admin if they’re a little shy on holiday cheer in the coming days. Blame instead Microsoft for foisting upon them on Tuesday 71 security patches, including two for vulnerabilities in Office and the Windows kernel currently under attack. Microsoft also issued a separate advisory that warns users of a leaked Xbox...

Adobe may indeed be thinking about phasing out Flash Player, and updates like today’s monster security bulletin will only serve to fuel that movement going forward. Released just an hour before Microsoft’s scheduled Patch Tuesday release, Adobe pushed out a new version of the maligned Flash Player that addressed 79 CVEs. None of the patched...

A coalition of law enforcement agencies worked together recently to disrupt Dorkbot, a botnet that’s managed to infect more than one million machines in 190 countries during the last year. Researchers with Microsoft’s Malware Protection Center announced the news via a post on the MMPC blog. Two divisions within Microsoft, the Malware Protection Center and the Digital Crimes Unit, worked with ESET...

Google has patched another critical Android vulnerability in Mediaserver, which has been maligned since this summer’s barrage of patches for the Stagefright vulnerability, along with a critical rooting vulnerability in the mobile operating system’s kernel. In all, 19 vulnerabilities were patched in Monday’s monthly over-the-air security update for Google Nexus mobile devices, five rated critical,...