The security is still secure
Recently WikiLeaks published a report that, among other things, claims to disclose tools and tactics employed by a state-sponsored organization to break into users’ computers and circumvent installed security solutions. The list of compromised security products includes dozens of vendors and relates to the whole cybersecurity industry. The published report includes a description of vulnerabilities […] more…Heartbleed Still Affects 200,000 Devices: Shodan
While the number of services affected by the OpenSSL flaw known as Heartbleed has decreased, the Shodan search engine has still found nearly 200,000 vulnerable devices. read more more…HDDCryptor: Subtle Updates, Still a Credible Threat
by Stephen Hilt and Fernando Mercês Since first writing about the discovery of HDDCryptor back in September, we have been tracking this ransomware closely as it has evolved. Last week, a new version was spotted in the wild, and based on our analysis, we believe that this variant is the one used in a recent attack against […] more…Twitter says government requests for data still climbing
…though at 2%, growth has slowed down from the double-digit jumps in number of data demands we’ve seen governments make in recent years. more…More than 86% of the world’s iPhones can still be hacked with just a text
More than 86% of Apple iPhones in the world are apparently still vulnerable to a security flaw that allows a hacker to completely take over the device with just a text message, according to data from mobile and web analytics firm MixPanel. A surprising number of people have not yet updated the iPhone’s mobile operating […] more…Resold hard drives on eBay, Craigslist are often still ripe with leftover data
Before you throw away that old hard drive, make sure you purge the memory clean. A new study has found that most users are accidentally giving up photos, social security numbers and financial data, by failing to properly delete the files on their recycled hard drives. Blancco Technology Group, which specializes in data erasure, conducted […] more…Google blocked more bad ads than ever in 2015, but they still keep coming
When Google tells us it blocked 780 million bad ads last year, is that a sign that things are getting better? In one way it is, as the 49 percent increase in bad ads blocked outpaced Google’s overall advertising growth, indicating that the company has been blocking a greater number of bad ads as a […] more…Chinese still ‘jumping’ firewall to use Twitter
China’s blocking of Twitter has failed to keep activists, journalists and others from using the messaging platform to connect with the rest of the world, said a study released Wednesday. The study by Harvard University’s Berkman Center for Internet and Society said it was not possible to estimate the number of Chinese Twitter users but […] more…Starbucks still grappling with fraud in online accounts, gift cards
Starbucks is still grappling with fraud involving its customers’ online accounts and gift cards, with some victims seeing hundreds of dollars stolen. Gift-card related fraud with Starbucks cards is not new, but recent victims were highlighted earlier this week in an article by journalist and author Bob Sullivan. Starbucks officials could not be immediately reached […] more…Macro Malware: When Old Tricks Still Work, Part 1
Now comes a time when we are reminded of why this security warning prompt in Microsoft Word matters: Figure 1. Microsoft Word security warning for macros I went around my peers this afternoon and asked, “On the top of your head, can you give me a name of an effective macro malware? Better if its […] more…Still running Windows Server 2003? Here’s your end-of-support plan
Microsoft will officially end support for Windows Server 2003 on July 14, 2015. While many firms are working to migrate their applications and data off aging servers as quickly as possible, a fair number are not migrating for a variety of reasons including the financial cost. Microsoft is not just ending Windows Server 2003 support, […] more…Facebook’s Like button can still easily be gamed
Facebook’s Like button is a pervasive feature of the Web, a way to gauge the popularity of a website or piece of content. But researchers have found it’s easy to inflate the numbers, undermining its value as an accurate measure of popularity. The problem of bogus Likes has been around for some time, and Facebook […] more…Yeti still Crouching in the Forest
Last July, we published details on Crouching Yeti (aka Energetic Bear), an advanced threat actor involved in several APT campaigns. A quick summary: Campaign status: Active Discovery: January 2014 Targeted platforms: Windows First known sample: 2010 Number of targets: 2,001-3,000 Top target countries : United States, Spain, Japan, Germany, France, Italy, Turkey, Ireland, Poland, China […] more…PwnPOS: Old Undetected PoS Malware Still Causing Havoc
We have been observing a new malware that infects point-of-sale (POS) systems. This malware may have been active since 2013, possibly earlier. Trend Micro will be naming this new malware family as PwnPOS to differentiate it from other known PoS malware families. In this blog post, we will discuss the technical details of this PoS […] more…2014 Spam Landscape: UPATRE Trojan Still Top Malware Attached to Spam
The malware UPATRE was first spotted in August 2013 following the demise of the Blackhole Exploit kit. It was since known as one of the top malware seen attached to spammed messages and continues to be so all throughout 2014 with particularly high numbers seen in the fourth quarter of the year. We have released […] more…Five Years Old And Still On The Run: DOWNAD
Five years ago, Conficker/DOWNAD was first seen and quickly became notorious due to how quickly it spread and how much damage it caused. Remarkably, after all that time, it’s still alive. It can still pose a serious problem, as it can propagate to other systems on the same network as an infected machine – a factor that […] more…More information
- The Next Phase of Mobile Advertising: Conversing With Your Phone
- Microsoft Windows SMB Server CVE-2019-0703 Information Disclosure Vulnerability
- Apple will require HTTPS connections for iOS apps by the end of 2016
- WordPress 3.5.1 Released
- “66% of Android devices” vulnerable to Linux zero-day bug … or not
- Hacked Twitter account embarrasses UK Labour leader Jeremy Corbyn
- Will Facial Recognition and Digital Surveillance End Anonymous Protest?
- New iOS jailbreak could become sinister
- Adobe issues emergency fix for file-munching bug
- Over 20,000 Citrix Appliances Vulnerable to New Exploit