Eskenzi PR ad banner Eskenzi PR ad banner

Top 10 Stories

A group of sophisticated Russian-speaking hackers is exploiting commercial satellites to siphon sensitive data from diplomatic and military agencies in the United States and in Europe as well as to mask their location, a security firm said in a new report. The group, which some researchers refer to as Turla, after the name of the malicious software it uses, also has targeted government organizations, embassies and companies in Russia, China and dozens of other countries,...

Read moreDetails

Hacker Julien Ahrens says Yahoo! Messenger contains a remote code execution hole that the Purple Palace won't fix. The buffer overflow holes (CVE-2014-7216) will keep bleeding, Ahrens says, because Yahoo! has told him the relevant app is end-of-life and therefore low on Yahoo!'s to-do list. Yahoo! has been contacted for comment. Exploiting the flaw relies on victims installing new emoticon packages, a vector Ahrens feels is a very live threat given instant messaging users are...

Read moreDetails

A group of threat actors calling themselves DD4BC has been attempting to extort money from financial companies and other business by threatening to hit them with massive distributed denial of service attacks (DDoS), content delivery vendor Akamai said in a report published today. The group has been active since at least September 2014, but appears to be ratcheting up its operations and going after a broader cross section of targets. Since April 2015, the group has...

Read moreDetails

Despite knowing the risks, IT security professionals aren't doing anything about the rampant misuse of keys and certificates let alone the problem of untrusted certificate authorities. That's the message of Venafi's latest report, based on a survey of professionals at Black Hat USA 2015. Venafi found worrying deficiencies in awareness and the ability to respond to attacks that use certificates in its survey of 300 delegates at the annual conference which was held in Las...

Read moreDetails

Gemalto revealed that in the first six months of this year a total of 888 data breaches occurred, compromising 246 million records worldwide. Compared to the first half of 2014, data breaches increased by 10% while the number of compromised data records declined by 41% during the first six months of this year. This decline in compromised records can most likely be attributed to that fact that fewer large scale mega breaches have occurred in...

Read moreDetails

A software vulnerability has been discovered in the web-based version of the popular WhatsApp messaging app for smartphones, which could allow hackers to trick users into downloading malware on their PCs. Last month, WhatsApp made its web client, known as WhatsApp Web,available to iPhone users for the first time, after rolling out the service for Android, BlackBerry and Windows Phone earlier in the year. The service effectively replicates the experience of using the mobile app...

Read moreDetails

Unpatched and end-of-life devices that are no longer supported by the manufacturer are much more prevalent than expected and create significant risk for corporate networks. Duo Labs research draws on data gathered from thousands of customer deployments in more than 150 countries worldwide. About half of Apple iPhone users are currently running outdated software (version iOS 8.3, released in April 2015, or earlier), leaving them exposed to several hundred documented vulnerabilities, including the Ins0mnia vulnerability...

Read moreDetails

Microsoft has today released patches for 56 security vulnerabilities in its products. People should apply the updates as soon as possible because miscreants are actively exploiting at least two of the holes – and likely more by the time you read this. The September patch batch includes critical fixes for Internet Explorer and Edge, Office, and Windows. Users and administrators are being advised to test and install the updates on the double. Of the 56...

Read moreDetails

Around 142 million legitimate websites could be serving up ransomware to their unwitting users due to out-of-date software, according to a new study. The research carried out by IT security firm Heimdal Security found that hackers were using the Neutrino Exploit Kit to inject malicious scripts into outdated webserver software that could potentially reach 400 million users. According to a blog post by Andra Zaharia at Heimdal Security, the attack is mainly directed at websites...

Read moreDetails

A mobile porn app, dubbed “Adult Player,” is on the hunt for ransomware victims. The app targets users by silently taking photos of them as they use the app. Eventually, the images are displayed on-screen, along with a ransom message demanding payment of $500 USD. The app is for Android, and is available from non-Google Play sources. Security firm Zscaler discovered that once the Adult Player is installed on the user’s device, it shows a fake...

Read moreDetails
Page 370 of 630 1 369 370 371 630