A newly discovered point-of-sale (PoS) malware featuring a modular approach in execution is currently targeting businesses in North America, Trend Micro researchers warn.
read more
Petya-Based PetrWrap Ransomware Emerges
A newly observed ransomware family is leveraging the well-known Petya ransomware to encrypt user data, but modifies the malware “on the fly” to control its execution, Kaspersky Lab researchers discovered.
read more
WhatsApp, Telegram Patch Account Hijacking Vulnerability
A vulnerability found in the web versions of WhatsApp and Telegram could have been exploited to hijack accounts by sending the targeted user a malicious HTML file disguised as an image or a video.
The flaw was discovered by researchers at Check Point earlier this month and it was quickly patched by both Telegram and WhatsApp on the server side.
read more
Don’t Leave Security to Luck – 5 Security Controls to Implement in 2017
Like burglars looking for the soft target in the neighborhood, such as the house without cameras or newspapers piled up indicating a family on vacation, cyber criminals are constantly probing for vulnerabilities.
read more
Hackers Abuse Twitter App to Hijack High-Profile Accounts
Many high-profile Twitter accounts have been hijacked in an attack apparently motivated by the recent diplomatic dispute between Turkey and the Netherlands.
read more
Cyber Risk, Cyber Threats, and Cyber Security: Synonyms or Oxymorons?
Cyber security and cyber threats are most often confused with cyber risk, and often used interchangeably, but they are worlds apart. What is the difference between these concepts and what really defines an organization’s cyber risk posture, internal security posture, and the exploitability of threats in the context of organizational risk?
read more
WordPress Content Injection Flaw Makes XSS Bug More Severe
Sucuri has shared details about one of the cross-site scripting (XSS) vulnerabilities patched last week in WordPress. The flaw can be highly useful to attackers if combined with a content injection bug that has been exploited in the wild.
read more
Webinar: Measuring Your Cyber Security Risk
read more
Continue readingMicrosoft Patches Many Exploited, Disclosed Flaws
Microsoft has released a total of 18 security bulletins to address tens of vulnerabilities, including more than a dozen that have already been publicly disclosed or exploited in attacks.
read more
Decryption Tool Released for FindZip macOS Ransomware
macOS users who had their systems infected with the FindZip ransomware can now use a decryption tool to restore their files without paying the ransom.
read more
