Facebook worm spreads by leveraging cloud services
Facebook users are in danger of having their computers turned in a bot by a worm that spreads via the social network. The worm, identified as belonging to the Kilim malware …
Critical hole in popular WordPress SEO plugin allows SQLi, site hijacking
Another highly popular WordPress plugin has been found sporting a cross-site request forgery flaw that can be exploited to mount a blind SQL injection attack, and could also …
Defending against PoS RAM scrapers
Stealing payment card data has become an everyday crime that yields quick monetary gains. Attackers aim to steal the data stored in the magnetic stripe of payment cards, …
Most businesses fail interim PCI compliance assessment
Nearly 80 percent of all businesses fail their interim PCI compliance assessment, leaving them vulnerable to cyberattacks, according to Verizon’s 2015 PCI Compliance …
Listen to your employees or deal with shadow IT
Data leakage, compliance breaches, business inefficiency and hidden costs are just some of the risks organizations are leaving themselves open to by not meeting the IT demands …
Huge IT Slider WordPress plugin opens SQL injection hole
The 50,000+ active users of the Huge IT Slider WordPress plugin are advised to update to the latest version, as it closes a vulnerability that can be exploited by website …
New crypto-ransomware encrypts video games files
A new piece of ransomware that (mis)uses the Cryptolocker “brand” has been analyzed by Bromium researchers, and they discovered that aside from the usual …
CS:GO players targeted with phishing attempt, malware
Typosquatting is an effective means to trick users into believing they have landed on the legitimate site they wanted to visit, so it’s no wonder that it’s often …
2,400 unsafe mobile apps found in average large enterprise
The average global enterprise has approximately 2,400 unsafe applications installed in its mobile environment, according to Veracode. Based on an analysis of hundreds of …
Cyber crooks take advantage of ad bidding networks to deliver ransomware
Malware peddlers are taking advantage of real time advertising bidding networks to deliver ransomware to unsuspecting users, FireEye researchers are warning. “Real Time …
Analysis of Equation Group’s espionage platform discovers another link to the NSA
Kaspersky Lab researchers continue to analyze the software and digital artifacts tied to the Equation Group, a nation-state threat actor that has been active for almost twenty …
How much pressure do infosec professionals face?
Businesses were under increased pressure to secure their organizations in 2014 and expect that pressure to increase in 2015, according to Trustwave. Survey respondents also …
Featured news
Sponsored
Don't miss
- Chrome, Edge users beset by malicious extensions that can’t be easily removed
- Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)
- Scout Suite: Open-source cloud security auditing tool
- Steps to improve quality engineering and system robustness
- Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)