Microsoft’s popular text, audio and video messaging service Skype can be used to record keystrokes and reveal what a user has typed, researchers say.
read more
Firefox to Display Error When Encountering SHA-1 Certificates
Starting in Firefox 51, Mozilla’s web browser will display an error when a SHA-1 certificate is encountered that chains up to a root certificate included in Mozilla’s CA Certificate Program.
read more
Sofacy’s Flash Player Exploit Platform Exposed
Using weaponized Word documents as attachments to phishing emails is not a new attack method, but researchers have discovered an interesting variation: an RTF document with an embedded OLE Word document containing embedded Flash exploits. The purpose is to disguise the attack in layers of obfuscation.
read more
Muddy Waters Shows More Attacks on St. Jude Cardiac Devices
Investment research firm Muddy Waters and security company MedSec have published four new videos allegedly demonstrating potentially lethal attacks against implanted cardiac devices from St. Jude Medical.
read more
Illumio Unveils Security Templates to Protect Data Center Apps
New Security Templates from Illumio Help Close Security Gaps Inside Data Centers and Clouds
read more
IoT Worm “Hajime” Uses BitTorrent Protocols for Communications
While analyzing the notorious Mirai malware, researchers discovered what they claim to be a new and sophisticated worm designed to target Internet of Things (IoT) devices.
read more
Mirai Increasingly Used for DDoS Attacks After Source Code Leak
The number of Internet of Things (IoT) devices infected with Mirai has increased considerably in the past few weeks after the malware’s author decided to make its source code public.
read more
Oracle Critical Patch Update for October 2016 Fixes 253 Vulnerabilities
Oracle this week released its Critical Patch Update (CPU) for October 2016 to deliver a total of 253 new security fixes across multiple product families, nearly half of which can be exploited remotely without authentication.
read more
Czech Police and FBI Arrest Alleged Russian Hacker
Prague – Czech police said Wednesday they staged a joint operation with the FBI to arrest a Russian citizen in Prague suspected of staging cyber attacks on the United States.
read more
Researchers Bypass ASLR via Hardware Vulnerability
Researchers from two universities in the United States have disclosed a new method for bypassing Address Space Layout Randomization (ASLR) by exploiting a hardware vulnerability.
read more
