Compromised Websites Hosting Calls to Java Exploit
Remember that Java 0 day vulnerability that was discovered a few weeks ago and took a while to get patched by Oracle? You know, the one that caused a large portion of the security community to recommend everyone to disable Java completely in their browsers? Well, it wasn’t hype. This vulnerability has been exploited since […] more…Risky Business
This hit film from 1983 was based on the story of a teenager who found himself in a situation that most kids only dream about: his parents were leaving him home alone while they went away on a trip. Left with explicit instructions to not use his father’s Porsche, Tom Cruise’s character quickly realized the […] more…US congress wants a word with ZTE, Huawei
China’s dominant telco vendors ZTE Corp and Huawei will take part in US congressional hearings next month regarding investigations of alleged Chinese spy threats to US telecommunications infrastructure. The House of Representatives Permanent Select Committee on Intelligence has invited both ZTE chairman Hou Weigui and Huawei deputy chairman Ken Hu to testify. ZTE’s US arm […] more…Inside Huawei, the Chinese tech giant that’s rattling nerves in DC
Chen Lifang is a bit flummoxed. Chen is a board member and senior vice president at Huawei, the giant telecommunications gear maker based here. She’s digesting news that broke a day earlier that the U.S. House Intelligence Committee has ratcheted up the pressure it’s putting on the company to disclose details about its ties to […] more…
Hackers build ‘private’ mobile phone network for DefCon
Hackers who spent their teen years phone-phreaking — breaking into telephone networks and making free calls — have created their own GSM network at Defcon and are using creative and silly apps on highly customized Android phones. Tags: Hackers Networking Industry News more… Countdown to the Olympics: Are You Safe?
With only a few days until the start of the Olympics, the sports craze has reached a fevered pitch—for cybercriminal activity. We have been reporting on the various threats and scams that Olympics fans might encounter online and while the lure might be Olympic-centric, the threats remain the same. In these Olympic-themed threats, the payload […] more… Phisher Use Olympic Lottery Scams For Summer Games
Fishing, of course, is the sport of tossing a baited hook into the water and then patiently waiting for a fish to bite. Phishing is similar. The cybercrook sends out spam email and waits for a victim to take the bait. A phisher can send thousands of phishing emails a day, and eventually some people […] more…
Beware, the Curious Case of iPhone Spyware
The new iPhone spy app launched officially by the Apple Store ought to be turning quite a few heads at this point. The name of the app is enough to stop everyone in their tracks. ‘Stalker’ is now available for download and only costing a meager 99 cents, there is no reason that anyone should not be one. […] more… #HITB2012AMS Closing keynote by Jaya Baloo on Identity, Privacy and Security [VIDEO]
Jaya Baloo has been working internationally in Information Security for fourteen years. Her focus has been on secure network architecture design, and she has completed projects ranging from Lawful Interception, Deep Packet Inspection, VoIP & Mobile Security to designing national MPLS infrastructures and ISP architectures. She has worked for a number of telecom providers, KPN […] more…
Specially Crafted .HWP File Used for Korean Targeted Campaign
A few weeks ago, we have been alerted by our colleagues from Korea to a specially crafted Hangul Word Processor document (.hwp) that exploits an application vulnerability in the Hancom Office word processing software. The file extension .HWP is a popular Korean word processor file format – just the right format for targeting Korean prospective […] more… Websites Compromised with Fake AV Campaign (Windows Web Secure Kit)
“To help protect your computer, Windows Web Secure Kit have detected trojans and is ready to remove them”. We are seeing many WordPress sites compromised with a malware redirecting users to the “Windows Web Secure Kit” fake/rogue anti virus. So if you get that message when visiting your (or any site), you know that it is likely compromised […] more…Sucuri WordPress Security Plugin Protects Against PHP-CGI Vulnerability
Today we released an update on the latest PHP CGI vulnerability and provided some additional information that users can use to help protect against it. Guidance includes updating your .htaccess file with the following: RewriteEngine on RewriteCond %{QUERY_STRING} ^[^=]*$ RewriteCond %{QUERY_STRING} %2d|\- [NC] RewriteRule .? – [F,L] It is important to note however that if […] more… Recent Threats Highlight Vulnerabilities CVE-2012-0779 and CVE-2012-0507
Targeted Attack Uses Recent Adobe Flash Player Vulnerability (CVE-2012-0779) Reports of a targeted attack surfaced recently. One such attack arrives as an email message that trick users into executing a malicious attachment. The malicious attachment, as expected, is a file that exploits CVE-2012-0779, found in several versions of Adobe Flash Player. Exploitation results to a […] more… Cyber Attack Warning for London Olympics 2012
Cabinet Office minister Francis Maude has warned that the London 2012 Olympic Games “will not be immune” to cyber attacks. However, it may depend on the type of cyber attack, as the CIO for the London Organising Committee for the Olympic Games (LOCOG) said last year that cyber criminals would find it “very hard” to […] more…
One in 10 second-hand hard drives in U.K. contain personal data
A study by the U.K. Information Commissioner’s Office found that more than one in 10 second hand hard drives sold or given away in Britain contains recoverable personal information of the original owner. Upon releasing the the results of the study this week, the data protection regulatory agency urged consumers to take better care of […] more… Trend Micro Partners with Facebook: What It Means for Users
Today, Trend Micro is proud to announce that we are taking part in Facebook’s new security initiative to help protect its more than 900 million users against the wide variety of threats that target users of the world’s most popular social network. As part of this initiative: Facebook and Trend Micro will work together to […] more…More information
- How to remove Dell’s ‘Superfish 2.0’ root certificate – permanently
- Facebook’s Sheryl Sandberg: targeted ads don’t trample on privacy
- Zoom adds two-factor authentication
- Japan Firm Says $32 Million Missing in Cryptocurrency Hack
- CISA Steps up Public and Private Sector Collaboration in 2021
- Leaked SMB exploits make malware powerful, warns Cylance
- Governments Urge Organizations to Hunt for Ivanti VPN Attacks
- Police crack seized phones of inauguration day protesters
- Black Hat USA 2025 – Summary of Vendor Announcements (Part 4)
- Selling your corporate password? You may want to think twice