Best Free webhosting websites
Today I’m posting about best Free Hosting websites, you need Hosting for uploading your html, php projects and other files, Tools and Phisher Pages etcPaid Hosting’s cost is very high, so we have to use Free Hosting, but if you want to create a premium website then you have to buy Paid Hosting, 1- 000webhost.com 000webhost […] more…Two New PoS Malware Affecting US SMBs
Following the seemingly quiet state of point-of-sale (PoS) malware these past few months, we are now faced with two new PoS malware named Katrina and CenterPoS now available to cybercriminals. In our 2Q Security Roundup released in August, we reported new PoS malware discoveries, namely FighterPoS in April, MalumPoS in June, and GamaPoS a month […] more…Mobile Ad Network Abused in DDoS Attack: CloudFlare
One of CloudFlare’s customers was recently hit by a distributed denial-of-service (DDoS) attack that appeared to leverage a mobile ad network and malicious JavaScript. read more more…Critical Flash Player updates patch 23 flaws
Adobe Systems released new updates for Flash Player to patch critical vulnerabilities that could allow attackers to install malware on computers. The updates fix a total of 23 flaws, of which 18 can potentially be exploited to execute malicious code on the underlying systems. Adobe is not aware of any exploits being publicly available for […] more…Pawn Storm’s Domestic Spying Campaign Revealed; Ukraine and US Top Global Targets
Why would Pawn Storm, the long-running cyber-espionage campaign, set its sights on a Russian punk rock group? Sure, Pussy Riot is controversial. Members of the feminist band had previously been thrown in jail for their subversive statements against the Orthodox Church and Russian patriarchal system. But why would attackers have any interest in them? What […] more…MediaServer Takes Another Hit with Latest Android Vulnerability
The “hits” keep on coming for Android’s mediaserver component. We have discovered yet another Android mediaserver vulnerability, which can be exploited to perform attacks involving arbitrary code execution. With this new vulnerability, an attacker would be able to run their code with the same permissions that the mediaserver program already has as part of its […] more…Why Vulnerability Research Is A Good Thing
Earlier this week Oracle’s CSO released a blog post that talked about why people should stop looking for vulnerabilities in their software products. Needless to say, this did not go down well with the security community – and the post was soon taken down with a statement from the company adding that the post “does not reflect our […] more…OS X Zero-days on the Rise—A 2015 Midyear Review and Outlook on Advanced Attack Surfaces
2015 has so far been a very busy year for security researchers. The data leaked from Hacking Team shocked many, thanks to the multiple zero-days that were disclosed, as well as emails discussing the unscrupulous trade in exploits and “tools”. Cybercriminals (including exploit kit authors) have been hard at work integrating these newly-discovered flaws into their “products” […] more…Winning the Online Banking War
Detecting banking malware has become part and parcel of the security industry, so cybercriminals are continuously looking to gain the upper hand in the battle against the financial industry and security vendors. In the BlackHat presentation Winning the Online Banking War last August 5, Sean Park proposed the use of a new online banking security framework […] more…Windows 10’s New Browser Microsoft Edge: Improved, But Also New Risks
Last week we discussed how Microsoft Edge, the new browser in Windows 10, represented a significant increase in the security over Internet Explorer. However, there are also new potential threat vectors that aren’t present in older versions. Integrated plug-ins Microsoft Edge has now integrated two widely used plug-ins into the browser itself: Adobe Flash and a PDF reader. […] more…The most popular technologies at student hackathons
Devpost, which has just changed its name from ChallengePost, has identified the main technologies used in student hackathons. Some are more surprising than others. The top products include HTML/CSS and JavaScript, jQuery, Node.js, MongoDB, Venmo and PayPal, Google Maps, Android Studio, Microsoft Azure and Sublime Text. Facebook beat Twitter as the top Social API, while […] more…"IOS Crash Report" Update: Safari Adds Block Feature
Ask, and sometimes, you shall receive. Last Friday, we wrote about call center scammers targeting iOS. And today, Apple released a new (beta) feature that should help. Apple released iOS 9 Public Beta 2: And it appears that one of Safari’s new features allows people to block fraud-focused JavaScript. We tested a scam-site and after […] more…Windows 10 Sharpens Browser Security With Microsoft Edge
Internet Explorer is possibly the most popular target for vulnerabilities around today. In 2014 alone, a total of 243 vulnerabilities in Internet Explorer were disclosed and patched. Every Microsoft Patch Tuesday cycle contains one bulletin that covers multiple IE vulnerabilities – the monthly “Cumulative Security Update for Internet Explorer”, as it is called by Microsoft. […] more…Hacking Team RCSAndroid Spying Tool Listens to Calls; Roots Devices to Get In
Following news that iOS devices are at risk of spyware related to the Hacking Team, the saga continues into the Android sphere. We found that among the leaked files is the code for Hacking Team’s open-source malware suite RCSAndroid (Remote Control System Android), which was sold by the company as a tool for monitoring targets. […] more…IOS Crash Report: Blocking "Pop-Ups" Doesn’t Really Help
The Telegraph published an article on Thursday about a scam targeting iOS users. Here’s the gist: scammers are using JavaScript generated dialogs to display warnings of so-called “IOS Crash” reports prompting people to call for tech support. Near the end of the Telegraph’s article, the following advice is offered: “To prevent the issue happening again, […] more…July 2015 Patch Tuesday: Microsoft, Adobe, and Oracle Roll out Security Patches for Zero-Day Vulnerabilities
July proves to be pretty busy for both software vendors and security researchers as various zero-day vulnerabilities were reported. In this month’s patch Tuesday, Microsoft addressed the recently discovered zero-day vulnerability in Internet Explorer that also emerged from the Hacking Team leak. The said vulnerability, covered in MS15-065 and rated as ‘critical’, could allow attackers […] more…More information
- Why Yahoo scanning user email is no cause for panic
- Malvertising – When trusted websites go rogue [Security SOS Week]
- Baldr Malware: A Short-Lived Star or Info Stealer That Will Return?
- Facebook’s untimely block on Tor mistakenly freaks out activists
- Under New Ownership, DigiCert Expands into Verified Mark Certificates
- Enterasys to demo mobile management software for BYOD
- The “EyePyramid” attacks
- Microsoft hands out $28k in Internet Explorer 11 security flaw bounty hunt
- Security Manager’s Journal: New ransomware attack hurts trustworthiness of Web
- Multiple Vulnerabilities Found in Popular IP Cameras