A hacker is attempting to monetize on MongoDB databases exposed to the Internet by hijacking them and demanding a ransom for the data, security researcher Victor Gevers has discovered.
read more
Ransomware Campaign Targets HR Departments
Ransomware has long proven to be a major threat for both consumers and enterprises, and a recent campaign targeting corporate Human Resources (HR) departments shows the threat to businesses continues to rise.
read more
When Data Walks: Can Data Theft by Ex-employees be Stopped?
Employees often feel they have a stake in information they help to create. When they leave an employment they sometimes believe they have at least a moral right to take that information with them; or perhaps even destroy it before leaving.
read more
Google Patches 22 Critical Android Vulnerabilities
Released on Tuesday, Google’s first Android Security Bulletin for 2017 patches a total of 95 vulnerabilities in the operating system, 22 of which were rated Critical severity. Over half (50) of the bugs addressed this month were Elevation of privilege flaws.
read more
Learning from Hackers: The Benefits of Microsegmentation
“A bruise is a lesson”- Arya Stark, A Game of Thrones
read more
XSS Flaws Decline, DoS Becomes More Common: Imperva
Security firm Imperva has analyzed web application vulnerability trends in 2016 and determined that while some types of flaws have declined, others have become more common.
read more
Google Researcher Finds Certificate Flaws in Kaspersky Products
Google Project Zero researcher Tavis Ormandy has discovered two serious certificate-related issues in Kaspersky Lab’s anti-malware products. The flaws were addressed by the security firm in late December.
read more
Pseudo-Darkleech Remains Prominent Distributer of Ransomware
The pseudo-Darkleech campaign, one of the long-standing prominent distributers of ransomware, is expected to remain strong in 2017, after going through a series of important changes last year, Palo Alto Networks researchers warn.
read more
Decrypters Released for OpenToYou, DeriaLock, and PHP Ransomware
Decryption tools are now available for three ransomware families that have been discovered during the past few weeks, allowing victims to recover files without paying a dime.
read more
Tor Browser Patches Start Being Uplifted into Firefox
The Tor (The Onion Router) team and Mozilla are working together to implement Tor browser patches directly into Firefox and tighten their collaboration.
read more
