Boo! The Spookiest Mobile Hacks of 2016
Endless candy, an excuse to dress up as a character from your favorite comic book, and carving pumpkins with family… What’s not to love about Halloween? But witches, ghosts, and goblins aren’t the only things to fear this time of year. This Halloween, there’s a different kind of spooky story—mobile hacks. Mobile security threats are […] more…Control Flow Guard Improvements in Windows 10 Anniversary Update
Control Flow Guard (CFG) is an exploit mitigation feature that Microsoft introduced in Windows 10 and Windows 8.1 Update 3 that makes it significantly harder for exploits to run code on systems running these operating systems. This year’s major Windows 10 update (called the Anniversary Update) introduced improvements to CFG. The Anniversary Update began its rollout to […] more…Patch Your Flash: Another Zero-Day Vulnerability Hits Adobe Flash
Adobe has released an out-of-bound patch for Flash Player due to a zero-day vulnerability. According to Adobe’s bulletin (APSB16-36), versions of Flash from 23.0.0.185 and earlier (released on October 11) are affected. (Adobe Flash Player for Linux uses a separate version numbering system; for that product versions 11.2.202.637 and earlier are vulnerable.) We urge all users who […] more…Inside the Gootkit C&C server
The Gootkit bot is one of those types of malicious program that rarely attracts much attention from researchers. The reason is its limited propagation and a lack of distinguishing features. There are some early instances, including on Securelist (here and here), where Gootkit is mentioned in online malware research as a component in bots and […] more…The Internet of Things Ecosystem is Broken. How Do We Fix It?
Last week’s massive distributed denial-of-service (DDoS) attack on the DNS provider Dyn should serve as a wake-up call: the Internet of Things ecosystem is completely, and utterly, broken. Poorly supported and insecure devices brought an important part of the Internet’s infrastructure offline and took many high-profile sites with it. To recap, a very large-scale attack (Dyn […] more…Cybersecurity staffing issues may be putting you at risk
A study from Spiceworks found that even though 80 percent of organizations experienced a “security incident” in 2015, only 29 percent of companies have a cybersecurity expert working in their IT department and only 7 percent have a cybersecurity expert on their executive team. And a majority — 55 percent to be exact – said […] more…Aliexpress Download
Here we provide you with the link to download Aliexpress application for your IOS and Android Smartphones.Aliexpress application provides you with great offers and daily deals which are not available on its website. It also provides regular promotions and thousands of coupon giveaways WHAT IS ALIEXPRESS Aliexpress is an online marketplace which is a part […] more…Inside the Cyberattack That Shocked the U.S. Government
The US OFFICE of Personnel Management doesn’t radiate much glamour. As the human resources department for the federal government, the agency oversees the legal minutiae of how federal employees are hired and promoted and manages benefits and pensions for millions of current and retired civil servants. The core of its own workforce, numbering well over […] more…How to Secure the Future of the Internet of Things
The world of security for the Internet of Things just became more complex. IoT devices are no longer a potential threat to their owners; now they pose a significant threat to everything connected to the Internet. The old IoT security problem For the past year, the cybersecurity and IoT communities have been at odds regarding […] more…Major Websites Twitter, Spotify, Netflix Shut Down by DDoS Attack
We’re no strangers to Armageddon-scenario movies, but today a real disaster hit the internet. Using brute-force tactics that flood key elements of the internet’s structure, cybercriminals managed to shut down a variety of popular websites. The resulting chaos essentially closed the entire East Coast of the U.S., before spreading to other parts of the country […] more…Thousands of online shops compromised for credit card theft
Almost 6,000 online shops have been compromised by hackers who added specially crafted code that intercepts and steals payment card details. These online skimming attacks were first discovered by Dutch researcher Willem de Groot a year ago. At that time, he found 3,501 stores containing the malicious JavaScript code. However, instead of getting better, the situation […] more…Polyglot – the fake CTB-locker
Cryptor malware programs currently pose a very real cybersecurity threat to users and companies. Clearly, organizing effective security requires the use of security solutions that incorporate a broad range of technologies capable of preventing a cryptor program from landing on a potential victim’s computer or reacting quickly to stop an ongoing data encryption process and […] more…DressCode and its Potential Impact for Enterprises
Threats to mobile users have grown quickly in the span of only a few months. Trend Micro’s Mobile App Reputation Service (MARS) has counted 16.6 million malware detections as of August 2016, a 40% leap from detections listed in January. The Android platform continues to be particularly susceptible, with one specific malware family called “DressCode” steadily […] more…From RAR to JavaScript: Ransomware Figures in the Fluctuations of Email Attachments
By Lala Manly, Maydalene Salvador, and Ardin Maglalang Why is it critical to stop ransomware at the gateway layer? Because email is the top entry point used by prevalent ransomware families. Based on our analysis, 71% of known ransomware families arrive via email. While there’s nothing new about the use of spam, ransomware distributors continue to employ this infection […] more…macOS 10.12 Sierra: The Ars Technica review
When Mac OS X (as it was then called) first moved to a yearly release cycle in 2011, Apple had trouble defining its scope for each release. Lion, the first in this cadence and the first release to pull in a significant number of features from iOS, feels like a half-finished version of Mountain Lion […] more…Swift hopes daily reporting will help stem payment fraud
Swift is introducing a new reporting system to help banks identify fraudulent payments made over its financial transfer network — but the reports will arrive up to a day too late to stop them. Over the last year, cybercriminals have hacked systems at a number of banks, using their credentials to issue fraudulent payment instructions […] more…More information
- Veterans’ Social Security numbers leaked in data breach
- Microsoft Office CVE-2015-2377 Memory Corruption Vulnerability
- Oracle Java SE/Java SE Embedded CVE-2019-2992 Remote Security Vulnerability
- Organizations Only Slightly Improved Security Posture: Report
- iTwo Maintenance December 2-4
- Google loses appeal in Wi-Fi data grab case
- North Korean Hackers Targeting Individuals: Report
- Tracking Activity in the Chinese Mobile Underground
- Cloud Application Security Firm Anjuna Raises $30 Million
- Siemens Patches Flaws in Building Automation Controllers