Spammers exploit confusion over revoked SSL certificates
It was only a matter of time until cyber crooks would begin taking advantage of the DigiNotar breach and the news of the revocation of many of its certificates to trick users …
Russian cyber criminal steals $3.2 millions in 6 months
A Russian resident in his early 20s is believed to be the leader of a tightly knit gang using banking Trojans and money mules to earn themselves millions of dollars. The …
Web Directories site leads to exploit kit and malware
Web Directories, a site designed to help webmasters and site owners find relevant directories, has been compromised and found redirecting its visitors to sites running the …
Cyber crooks misusing audit tool to breach VoIP servers
Every now and then, cyber criminals misuse “good” software in order to do bad things, and the latest instance of this modus operandi has been spotted by NSS Labs …
Mass injection attack compromised 20,000+ domains, delivers fake AV
A simple mistake on the part of cyber attackers has revealed another mass malicious iFrames injection attack that is currently under way, say Armorize’s researchers. …
Mass iFrame injection attack now counts millions of compromised web pages
The recently discovered iFrame injection campaign rages on, as the number of compromised web pages goes from 90,000+ to over three million. Armorize researchers have been …
Metasploit 3.7.2 adds 11 new exploits
Metasploit is a free, open source penetration testing solution. Metasploit now ships with 698 exploit modules, 358 auxiliary modules, and 54 post modules. 11 new exploits, 1 …
Fake LinkedIn notifications lead to malware
Malware peddlers are targeting LinkedIn users with rather legitimate-looking messages supposedly coming from the social networking site: If the look of the message seems …
Hotmail flaw allows attackers to exfiltrate emails
The analysis of a recent targeted attack against webmail users has led Trend Micro researchers to discover a vulnerability in Microsoft’s Hotmail webmail service that …
Google Chrome sandbox apparently cracked
French security firm VUPEN has announced that its researchers have managed manufacture an exploit able to bypass Google Chrome’s sandbox, ASLR and DEP. It is precisely …
RTF exploit hiding in bin Laden death-themed email
Osama bin Laden’s death is sure to be milked for all it’s worth by online spammers and scammers, and the latest instance of this also seems to be the latest …
Popular web stores vulnerable to “free shopping” exploits
A recently published paper titled “How to Shop for Free Online” presents the depressing results of a security analysis of some of the most popular online stores, …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments