Eskenzi PR ad banner Eskenzi PR ad banner

Top 10 Stories

Paypal has patched a boneheaded two factor authentication breach that allowed attackers to switch off the critical account control in minutes by changing a zero to a one. British MWR InfoSecurity consultant Henry Hoggart (@_mobisek) discovered and quietly reported the flaw to the payment giant. Attackers with username and passwords in hand need only mess with post requests changing securityquestion0 to securityquestion1 for two factor authentication to be bypassed. View full story ORIGINAL SOURCE: The Register

Read moreDetails

Back in March, Microsoft took a step in the right direction when it added a new feature in Office 2016 that allowed network administrators to use a local Group Policy for their organization and block macro scripts that downloaded content off the Internet, rendering macro-based malware ineffective. Yesterday, in a statement from the Microsoft Malware Protection Center, the company announced that it ported the feature to Office 2013, following numerous customer requests. View full story ORIGINAL SOURCE:...

Read moreDetails

The number of intellectual property cyber theft incidents in the next 12 months is expected to increase, according to 58 percent of respondents to a recent Deloitte poll. When asked which category of potential adversary they believe is most likely to attempt theft of their organizations’ IP, the prevailing percentage of respondents (20.1 percent) answered “employees or other insiders.” Yet, only 16.7 percent of respondents said access to IP is very limited, on a need-to-know...

Read moreDetails

Netskope Threat Research Labs today published a report digging into the CloudFanta malware campaign, which is suspected to have stolen more than 26,000 email credentials since it began operation in July 2016. CloudFanta leverages the Sugarsync cloud storage app to distribute malware capable of stealing user credentials and observing online banking activity to obtain users' information. View full story ORIGINAL SOURCE: Dark Reading

Read moreDetails

There are several theories and claims as to who might be behind the distributed denial-of-service (DDoS) attacks launched last week against DNS provider Dyn, but researchers believe the attacks were actually launched by script kiddies. The DDoS attacks launched on Friday against Dyn’s managed DNS infrastructure caused disruptions for several major websites, including PayPal, Twitter, Reddit, GitHub, Amazon, Netflix and Spotify. View full story ORIGINAL SOURCE: SecurityWeek

Read moreDetails

New variants of Locky are being released at a rapid rate lately. Yesterday, we had a new variant that appends the .SH*T extension to encrypted files and today they switched to using the .THOR extension. Maybe Locky had its mouth washed out with soap for cursing? Regardless of the reasons for the switch, I am happy as I won't have posts with curse words all over the forums. View full story ORIGINAL SOURCE: Bleeping Computer

Read moreDetails

Corero Network Security has disclosed a new DDoS attack vector observed for the first time against its customers last week. The technique is an amplification attack, which utilizes the Lightweight Directory Access Protocol (LDAP): one of the most widely used protocols for accessing username and password information in databases like Active Directory, which is integrated in most online servers. View full story Original source: Help Net Security

Read moreDetails

While Internet of Things (IoT) devices such as DVRs, CCTV systems, IP cameras, baby monitors, and others are to blame and have played a major role in recent DDoS attacks, there is another type of equipment that also regularly contributes to DDoS botnets. Those devices are home (SOHO) routers, which some experts wrongfully categorize as IoT when they're just your regular networking equipment that's been around for years before the concept of IoT even appeared....

Read moreDetails

Chinese electronics firm Hangzhou Xiongmai is set to recall swathes of webcams after they were compromised by the Mirai botnet. Mirai exploits the low security standards of internet-connected devices, from routers to webcams, and after enslaving them with malware uses their network connections to launch DDoS attacks, such as that hobbling Dyn's DNS services last week. Among the many devices infected by Mirai were products sold by Hangzhou Xiongmai, although the company disputes claims that...

Read moreDetails

The Kovter malware sample that has infected systems around the world for the past couple of years is proving to be a case study in how threat actors constantly tweak their malware to keep one step ahead of the defenders. Trojan Kovter surfaced about two years ago as a screenlocker and scareware sample masquerading as a law enforcement tool. Since then it has been used in click-fraud and malvertising campaigns, as data-encrypting ransomware, and a...

Read moreDetails
Page 233 of 630 1 232 233 234 630