Thursday , 23 March 2017


LastPass Hit by Password Stealing and Code Execution Vulnerabilities

LastPass has closed a remote code execution vulnerability on its Chrome extension, but according to Google Project Zero researcher Tavis Ormandy, issues remain on its Firefox extension, as well as details on another password-stealing vulnerability to come. View full story ORIGINAL SOURCE: ZDnet Read More »

Curses! Mobile Banking Malware ‘Swearing Trojan’ Lives on, Despite Police Actions

A foul-mouthed Android banking trojan that once appeared neutralized after its distributors were rounded up in a police raid has shown new signs of life, suggesting the operation was larger than originally thought, researchers at Check Point Software Technologies reported on Tuesday. View full story ORIGINAL SOURCE: SC Magazine Read More »

Watch Out for These Tax-Themed Phishing and Malware Scams

Criminals sometimes take advantage of big events such as the Olympic Games to lure victims into hacks and cyber attacks. It isn’t as glamorous as a big sporting occasion, but the US tax season, now in full steam ahead of the April 18 filing deadline, is a prime time for cybercriminals to steal financial information and personal data. View full ... Read More »

3,000 Industrial Plants Per Year Infected with Malware

Targeted industrial control systems-themed malware is less prevalent yet persistent, including one variant posing as Siemens PLC firmware that has been in action since 2013, researchers find. A piece of crimeware posing as legitimate Siemens PLC software has been in circulation for four years by an unknown attack group attempting to infect industrial networks mainly in the US. View full story ... Read More »

Spear-phishing Scammer Demanded Sex Show

Six weeks ago, a young woman called Zed (not her real name) was in a meeting at work when a message popped up on Facebook Messenger from a distant friend. “Hey babe,” it began. The friend asked Zed to vote for her in an online modelling competition, which she agreed to do. But then – disaster. Adding her email address ... Read More »

New Vulnerability Revealed in WhatsApp and Telegram, Allowed Hackers to Gain Complete Control Over User Accounts

Check Point Software Technologies Ltd researchers have revealed a new vulnerability on WhatsApp & Telegram’s online platforms – WhatsApp Web & Telegram Web – two of the world’s most popular messaging services with over 1 Billion and 100 Million monthly users respectively. By simply sending a photo, an attacker could gain control over user’s accounts, access message history, all photos ... Read More »

TSA Bans Gear Bigger Than Phones From Airplane Cabins

People traveling by air to America from an undisclosed list of countries will no longer be allowed to carry devices larger than a mobile phone in carry-on baggage. Those traveling with such devices will be required to store them in checked baggage. The new travel rule was reportedly issued by the US Transportation Security Administration (TSA) in the form of ... Read More »

Cyber Terrorist With Hi-tech ‘James Bond’ Cufflinks Facing Jail

A hi-tech terrorist who stored information about his Islamic State activities on James Bond style cufflinks is facing jail. Samata Ullah, 34, from Cardiff, used secure messaging websites to offer his computer expertise to the Cyber Caliphate Army – a group renowned for carrying out hacking attacks on behalf of Isil. When he was arrested police found around 30 pairs ... Read More »

It Took Mozilla 22 Hours to Patch a Firefox Vulnerability Discovered at Pwn2Own

Mozilla engineers released Firefox 52.0.1 to patch a security flaw that came to light last Friday, in the Pwn2Own 2017 hacking contest. All in all, it took Mozilla engineers only 22 hours from the time the bug was used during the competition, on Friday, March 17, and to when Mozilla published Firefox 52.0.1. The vulnerability (CVE-2017-5428) was discovered and successfully ... Read More »

Russian hacker accused of creating Citadel malware which infected nearly 11 million computers pleads guilty

A Russian man accused of involvement in developing and distributing the Citadel malware, which at its peak infected nearly 11 million computers and caused over $500m in losses, has pleaded guilty to charges related to computer fraud. Mark Vartanyan, 29, who went by the pseudonym “Kolypto”, was arrested in October 2014 in Norway and extradited to the US in December ... Read More »