Eskenzi PR ad banner Eskenzi PR ad banner

Top 10 Stories

Australia's dominant telco, Telstra, has been serving one of the world's most dangerous hacking tools after its news site was infected with malvertising. Malwarebytes researcher Jerome Segura says the attackers were likely dropping the Tinba trojan, considered to be the world's smallest malware by file size at about 20kb and one that raids bank accounts. “The media home page of Australia’s largest telecommunications company, Telstra, was pushing some malvertising similar to the attack we just...

Read moreDetails

Larry Flynt, a defender of free speech and sexual freedom if there ever was one, has this advice for anyone worried by the hack of infidelity site Ashley Madison: Muzzle yourself. "Don't do or say anything you wouldn't want to read about on the front page of the New York Times," said the founder of Hustler magazine and owner of businesses that sell sexually explicit videos online. It might be too late for many people...

Read moreDetails

Amazon – the retail juggernaut, not the cloud juggernaut – has flicked Flash ads citing the increasing number of ways they're blocked at the browser as its reason. Driven at least in part by others' reaction to chronic insecurity in the plug-in-platform, Amazon says it will no longer accept advertisements that use Flash after September 1. “This is driven by recent browser setting updates from Google Chrome, and existing browser settings from Mozilla Firefox and...

Read moreDetails

Another load of internal files swiped by hackers from Ashley Madison have been leaked online – and they apparently feature the CEO's emails and the website's source code. The 18.5GB leak includes, it is claimed, archives of internal company emails, including one folder labeled Noel Biderman – the chief exec of Avid Life Media, Ashley Madison's parent. Given the size of the file and the relatively small number of people seeding it over file-sharing networks,...

Read moreDetails

In the wake of massive personal data leaks from the Japan Pension Service, the government Thursday adopted a revised draft of a new cybersecurity strategy that calls for monitoring government-affiliated institutions against cyberattacks. The revised version, adopted at a meeting of the Cybersecurity Strategy Headquarters, is expected to be finalized at a Cabinet meeting today. The government also plans to formulate a relevant legal framework. The government compiled a draft of the strategy in May,...

Read moreDetails

A hacker group that appears to be residing in China has been targeting India and Southeast Asian nations in a bid to extract information about ongoing border disputes and other diplomatic issues. Describing the hackers as part of an APT (advanced persistent threat) group, cybersecurity vendor FireEye said the attack campaign had been ongoing since 2011 and targeted more than 100 victims, 70 percent of which were in India. The group would send spearphishing e-mail...

Read moreDetails

Security bod Kevin Watkins says Apple is storing enterprise credentials in a readable-by-anybody directory that is ripe for data theft. The sandbox vulnerability (CVE-2015-3269) affects all apps that use the managed app configuration setting in devices that have not applied the most recent iOS 8.4.1 update. Watkins says sensitive enterprise data is exposed when IT issues autofill corporate credentials to managed devices to simplify login processes. "IT will commonly send the credential and authentication information...

Read moreDetails

Yet another potentially serious security flaw has been revealed in Android. This time the problem involves the mobile operating system's ability to run more than one app at once – as opposed to its handling of multimedia messages, which was the crux of a cyber* of vulnerabilities last month. The latest security blunder opens the door to criminals who want to spy on device owners, steal login details, install ransomware, and so on, it is...

Read moreDetails

Security watchers have warned about a new class of DDoS amplification attack threat which only exists because too many users are failing to follow basic safeguards. Improperly configured services such as DNS or Network Time Protocol (NTP) have been exploited to launch a string of DDoS attacks over the last couple of years, the most high-profile of which battered Spamhaus and buffeted internet exchanges back in March 2013. Over recent weeks, another service – Portmap...

Read moreDetails
Page 376 of 630 1 375 376 377 630