A command and control (C&C) server used for operating the CryptoBlock ransomware family has also been hosting stolen user credentials and other malware families, researchers say.
read more
Cybercriminals Hijack Magento Extension to Steal Card Data
Cybercriminals have been abusing a payment module to steal credit card data from online shops powered by the Magento ecommerce platform, web security firm Sucuri reported on Friday.
read more
Post Breach Identity Theft Monitoring: Too Little Too Late
Breached Companies Must get Ahead of Attacks and Provide Security that Protects Victims Before they are Victimized Again
read more
Vulnerabilities Found in Double Telepresence Robots
Researchers at Rapid7 discovered several vulnerabilities in Double telepresence robots from Double Robotics. The vendor has addressed the more serious issues with server-side fixes.
read more
New Malware Variants Near Record-Highs: Symantec
The number of new malware variants that emerged in February 2017 was three times higher compared to January, nearly reaching the record-high levels registered in October 2016, Symantec reports.
read more
UK Intelligence Agency Warns of Russian Political Hacking Capabilities
The UK's National Cyber Security Center (NCSC, part of GCHQ) has written to the British political parties to warn about "the potential for hostile action against the UK political system." Without confirming that the main threat is from Russia, the letter makes it clear that the primary threat is considered to be that country.
read more
Schneider Electric Patches Flaws in ClearSCADA, Wonderware Products
Schneider Electric has released patches to address critical and high severity vulnerabilities in its StruxureWare SCADA Expert ClearSCADA and Wonderware Intelligence products, ICS-CERT informed organizations last week.
read more
Actively Exploited Struts Flaw Affects Cisco Products
Cisco informed customers on Friday that at least some of its products are affected by an Apache Struts2 command execution vulnerability that has been exploited in the wild over the past days.
read more
DDoS Malware Targets AVTech CGI Vulnerability
A newly discovered Linux malware family is targeting products from surveillance technology company AVTech via a CGI vulnerability that was disclosed in October 2016, Trend Micro researchers warn.
read more
Zero-day Conundrum: Keep or Disclose Vulnerability Stockpiles?
read more
Continue reading