The most commonly targeted vulnerability in 2015 was a Windows flaw that came to light in 2010 after being exploited by the notorious Stuxnet malware, Microsoft said in its latest Security Intelligence Report (SIR).
read more
Hackers Disrupt Locky Ransomware Campaign
Hackers caused disruption to a Locky campaign after they breached one of the attackers’ server and replaced the real ransomware with a harmless file containing the string “Stupid Locky.”
According to Avira researcher Sven Carlsen, the attack started with a spam email designed to trick recipients into opening an attachment by informing them of an unpaid fine.
read more
Spain Smashes Nigerian ‘CEO Swindle’ Scammer Network
Madrid – Police have arrested 44 people in Britain and Spain suspected of involvement in a scam to hack into accounts belonging to company bosses and steal thousands of euros, officers said Friday.
read more
Hacked WordPress Sites Target Random Users
Malicious actors have compromised thousands of WordPress websites and are randomly redirecting their visitors to sites that host malware and scams.
read more
Microsoft to Address UN on ‘Digital Terror’
United Nations – Microsoft has accepted an invitation from the UN Security Council to address a special debate next week on counter-terrorism and confronting "digital terror", UN diplomats said.
The ministerial-level debate on Wednesday is organized by Egypt, which holds this month's presidency of the 15-member council.
read more
New Trojan Targets Banks in US, Mexico
Researchers at Zscaler have come across a new information stealer Trojan that leverages legitimate tools to target online banking users.
read more
FireEye Chief David DeWalt to Step Down
Kevin Mandia to Assume Role as Chief Executive Officer at FireEye, DeWalt to Remain Executive Chairman
FireEye said on Thursday that Chairman and CEO David DeWalt will step down from the top position at the security firm, being replaced by current FireEye president Kevin Mandia.
read more
FireEye Announces Foray Into Orchestration and Automation
After acquiring security orchestration firm Invotas in February of this year, FireEye has announced the first product resulting from the union of the two firms: the FireEye Security Orchestrator.
read more
Adobe Issues Pre-Patch Advisory for Reader, Acrobat
Adobe’s widely deployed PDF Reader and Acrobat software products will get security band-aids on May 10 to cover dangerous vulnerabilities that put users at risk of hacker attacks.
read more
PoC Exploits Mainly Distributed via Social Media
An analysis of proof-of-concept (PoC) exploits shared online over the last year has shown that social media is the main distribution channel for PoCs, according to threat intelligence firm Recorded Future.
PoCs are developed by both researchers and threat actors — in many cases to demonstrate the existence of a software vulnerability and to show that it’s exploitable.
read more
