Kovter, a recently discovered piece of ransomware, represents the latest step in the evolution of a malicious program from police scareware to ad fraud Trojan and now file-encrypting malware.
read more
Ransomware Uses Blockchains to Transmit Decryption Keys
Ransomware authors are always looking for new techniques to make their extortion business more efficient, and researchers have discovered a new method that cybercriminals are using to deliver decryption keys; blockchains.
read more
Google Tightens Security Rules for Chrome Extensions
Google has updated its User Data Policy for the Chrome Web Store, in an attempt to improve the safety and privacy for users of its Chrome web browser.
read more
Hacker Details How He Infiltrated Hacking Team
A hacker using the handle "Phineas Fisher" has described how he hacked into surveillance software maker Hacking Team. Hacking Team is an Italian firm that hacks to order, primarily for law enforcement agencies and intelligence agencies. Last summer, Phineas Fisher (now going by the alias Hack Back!) on Twitter broke into Hacking Team and stole and published thousands of internal documents, some source code and several 0-day exploits.
read more
Malicious Document Builder Used in East Asia APT Attacks
Researchers at Arbor Networks’ Security Engineering and Response Team (ASERT) have identified what they believe to be a tool used in advanced persistent threat (APT) attacks aimed at various entities in East Asia.
read more
Shortened URLs Expose Private Cloud Data
Short-URL enumeration can be used to discover and read shared content stored in the cloud, including files for which the user didn’t create a short URL, researchers have demonstrated.
read more
Flaws Found in Accuenergy, Ecava ICS Products
ICS-CERT has published advisories detailing several vulnerabilities in ICS products from Accuenergy, Ecava and Sierra Wireless, including issues that have been rated “high severity.”
read more
Microsoft Patches “Mousejack” Vulnerability
Microsoft released several security updates this month as part of its regular Patch Tuesday update, including the overhyped Badlock flaw.
read more
20 Foreigners Linked to $81 Million Bangladesh Bank Heist: Police
Bangladesh police probing a $81 million electronic heist from the central bank said Monday that more than 20 unnamed foreigners were involved in the audacious theft.
read more
C99 Webshell Increasingly Used in WordPress Attacks
IBM Security has warned WordPress website administrators about a sharp increase in the number of attacks leveraging a variant of a PHP webshell called C99.
read more
