A 21-year-old from Great Falls, Virginia, has admitted developing a piece of malware used by cybercriminals to infect thousands of computers, the U.S. Department of Justice announced last week.
read more
Phished Gmail Accounts Immediately Accessed by Hackers
Cybercriminals have been using specially crafted URLs to trick even tech-savvy people into entering their Gmail credentials on a phishing website. Once an account has been compromised, the attackers immediately access it and start targeting the victim’s contacts.
read more
New RIG Campaign Distributes Cerber Ransomware
A newly observed campaign leveraging the RIG exploit kit is targeting outdated versions of popular applications such as Flash, Internet Explorer, or Microsoft Edge to distribute the Cerber ransomware, Heimdal Security warns.
read more
No Backdoor, but WhatsApp Can Snoop Encrypted Conversations
A report emerged on Friday that the popular mobile messaging app WhatsApp packs a backdoor allowing its operator (Facebook) to tap into users’ end-to-end encrypted conversations, but experts have refuted the claim as an exaggeration and F.U.D.
read more
Advantech WebAccess Flaws Allow Access to Sensitive Data
Advantech has patched a couple of serious vulnerabilities in WebAccess, a web-based software package for human-machine interfaces (HMI) and supervisory control and data acquisition (SCADA) systems.
read more
Attackers Use Office’s OLE to Distribute Keylogger
A recently observed targeted attack campaign that hit a major financial services provider was distributing an unknown keylogger disguised as a Silverlight update, Proofpoint researchers reveal.
read more
Rudi Giuliani to Advise Trump on Cyber Security
President-elect Donald Trump's transition team announced Thursday that former New York mayor Rudi Giuliani "will be sharing his expertise and insight as a trusted friend concerning private sector cyber security problems and emerging solutions developing in the private sector." The details of this new role are vague and sparse; but it would be fair to say that it has raised eyebrows in the security industry.
read more
Elasticsearch Servers Latest Target of Ransom Attacks
An estimated 35,000 Elasticsearch clusters exposed to the public Internet are potential victims to a series ransom attacks that have already hit over 33,000 MongoDB databases.
read more
Serious Flaws Found in Aerospike Database Server
Researchers at Cisco Talos have identified several potentially serious vulnerabilities in Aerospike Database Server, including remote code execution and information disclosure issues.
read more
Mobile Forensics Firm Cellebrite Hacked
A hacker claims to have stolen hundreds of gigabytes of data from Cellebrite, the Israel-based mobile forensics company rumored to have helped the FBI hack an iPhone belonging to the terrorist Syed Rizwan Farook.
read more
