The latest updates in Petya, a piece of ransomware observed a few months ago to encrypt entire hard disks after taking over the boot sector, no longer allow for easy data recovery, researchers warn.
read more
Year-Old Office Vulnerabilities Most Popular in Current Attacks
Most attacks that are targeting vulnerabilities in Microsoft Office to compromise victims’ systems are currently leveraging two security issues that were discovered last year, SophosLabs researchers warn.
read more
DoS Vulnerability Patched in BIND
Updates released on Monday by the Internet Systems Consortium (ISC) for BIND, the most widely used DNS software, address a medium severity vulnerability.
read more
Carbon Black Acquires Next-Gen AV Firm Confer
Carbon Black, a player in what is commonly referred to as the “next-generation endpoint security” market, announced on Tuesday that is has acquired antivirus firm of Confer.
read more
Security Product Flaws Allow Attackers to Compromise Systems
Vulnerabilities identified by researchers in more than a dozen software products, including many security solutions, can be exploited by malicious hackers to bypass exploit mitigations and compromise systems.
read more
Inside The Competitive Testing Battlefield of Endpoint Security
read more
Continue readingOld HTTPoxy Flaw Exposes Web Applications to Attacks
Researchers discovered that a vulnerability whose existence has been known for 15 years could affect many web applications, allowing malicious actors to launch man-in-the-middle (MitM) attacks.
read more
Apple Patches Tens of Vulnerabilities in iOS, OS X
Apple released on Monday security updates for OS X, iOS, watchOS, tvOS, Safari, iTunes and iCloud to address tens of vulnerabilities identified by the company’s employees and external researchers.
read more
Lurk Banking Trojan Delivered via Ammyy Website
Cybercriminals breached the official website of the popular remote administration tool Ammyy Admin and leveraged it to deliver Lurk and other pieces of malware, researchers at Kaspersky Lab reported on Monday.
read more
Ransomware Operators Show Reputable “Customer” Service
Cybercrime, we are told, is becoming increasingly professional — it is being run like a business. If this is true, then selling ransomware decryption keys is almost the perfect business model. It has low start-up costs; is free from both corporation tax and regulators via bitcoin payments and Tor communication channels; it is repeatable business; and it fulfills a strong customer need.
read more
