Understanding the operations of a scam
Currently, in Sweden, we’re facing a big issue with scammers trying to buy items for sale on various auction websites, but when you initiate contact with the potential buyer things get nasty and you might lose money. This is nothing new, and most of the auction websites have written about this to inform their users, […] more…SanDisk breaks the £1/GB flash storage barrier with InfiniFlash
Sandisk has announced InfiniFlash, the company’s first foray into flash storage arrays which are being described as an entirely new category in the market. InfiniFlash is a 512TB, all-flash, fully redundant, fully scalable array designed for cold storage and low-latency, fast-access read jobs. Tags: Hardware more…Koppie Koppie sells photos of your kids to prove you shouldn’t post them online
Two “privacy advocates” running an online store that sells mugs printed with pictures of children are intentionally stirring up controversy by grabbing photos from Flickr. The duo behind Koppie Koppie say it’s perfectly legal, but they hope you get mad about it anyway. more…2014 Spam Landscape: UPATRE Trojan Still Top Malware Attached to Spam
The malware UPATRE was first spotted in August 2013 following the demise of the Blackhole Exploit kit. It was since known as one of the top malware seen attached to spammed messages and continues to be so all throughout 2014 with particularly high numbers seen in the fourth quarter of the year. We have released […] more…2014 Annual Security Roundup: Magnified Losses, Amplified Need for Cyber-Attack Preparedness
2014 was a year where cybercriminal attacks crippled both likely and unlikely targets. A year rife with destructive attacks, 2014 proved to be a difficult one for individuals and companies who were victimized by these threats. Massive data breach disclosures came one after another in 2014 in much more rapid succession than past years. The […] more…FreeBSD and the YARNBUG – more trouble at the Random Number Mill
How do you test your random number generator? How do you determine, in an ordered way, that a sequence of numbers is entirely disordered? With difficulty! more…Vulnerability Disclosures – A Note To Developers
This post is entirely for developers. Feel free to read, but approach it with that in mind. There is no such thing as bug-free code. We all make mistakes and every piece of software will have issues that we did not anticipate. We ourselves find weaknesses in our code, and have to work extra hard […] more…Why We Should Design Some Things to Be Difficult to Use
The first car I ever drove was a bashed Land Rover Defender. I was working at an outdoor pursuits centre in North Wales. Changing gear was like Russian roulette; you stirred the stick until it jammed somewhere, then let out the clutch and hoped you hadn’t selected reverse. There was an art to everything: even […] more…The Dynamics of Passwords
How often do you think about the passwords you’re using? Not only for your website, but also for everything else you do on the internet on a daily basis? Are you re-using any of the same passwords to make it easier to remember them? We see it all too often: weak passwords used for FTP, […] more…CTB-Locker Infections on the Rise
We have recently observed a significant increase in infections from a nasty strain of file-encrypting ransomware called CTB-Locker. Daily CTB-Locker infections in relation to the total number of such infections this year. CTB-Locker is most commonly spread through email spam. These emails usually contain an attached .zip file that contains a second .zip file that […] more…New DYRE Variant Hijacks Microsoft Outlook, Expands Targeted Banks
The DYRE/Dyreza banking malware is back with a new infection technique: we observed that it now hijacks Microsoft Outlook to spread the notorious UPATRE malware to target an expanded list of targeted banks. Last October 2014 we observed a hike in UPATRE-DYRE malware infections brought by the CUTWAIL spambot, a pattern we observed was similar […] more…DDOS attack size up 50-fold over past decade
The size of the largest DDOS attack was fifty times larger last year than ten years ago, according to a new survey of Internet service and hosting providers, and attacks are also increasing in numbers and in sophistication. The largest reported attack last year was 400 gigabits per second, compared to just 8 Gbps in […] more…Taylor Swift’s Twitter and Instagram accounts hacked
Hackers briefly got control of the Twitter and Instagram accounts of Taylor Swift, the Grammy-winning American pop-star, creating a stir on social media. Here’s how to make sure your accounts are safe! more…An analysis of Regin’s Hopscotch and Legspin
With high profile threats like Regin, mistakes are incredibly rare. However, when it comes to humans writing code, some mistakes are inevitable. Among the most interesting things we observed in the Regin malware operation were the forgotten codenames for some of its modules. These are: Hopscotch Legspin Willischeck U_STARBUCKS We decided to analyze two of […] more…Cyberjihadists attack thousands of French websites after Charlie Hebdo massacre
Some 19,000 French websites have come under attack in the days since the bloody assault on the office of the satirical newspaper Charlie Hebdo and a Jewish grocery store last week. more…French newspapers go offline, but hosting company rules out DDoS as cause
High-profile French media websites went offline for a few hours Friday morning, prompting frenzied speculation about “unprecedented” cyberattacks—but the hosting company behind the sites soon dismissed talk of a massive distributed denial-of-service attack. A number of sites, including those of daily newspaper 20 Minutes and online news site Slate, went offline or were difficult to […] more…More information
- Master Key Android Vulnerability Used to Trojanize Banking App
- Just for show: 11 theatrical security measures that don’t make your systems safer
- McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – Follow The Money
- "Girl killed herself" Facebook scam – be aware before you Share!
- Researchers Introduce Smart Greybox Fuzzing
- Anonymous sharing app Whisper under a cloud over user location data
- Symantec Files Patent Suit Against Zscaler
- Microsoft Windows Kernel KMD Security Feature CVE-2015-2454 Local Security Bypass Vulnerability
- IBM, Maersk launch blockchain-based shipping platform with 94 early adopters
- Australia Flags Tough New Data Protection Laws This Year