Attackers bypass Sandworm patch with new 0-day
The Sandworm vulnerability has been patched, but unfortunately attackers have discovered a way to bypass the patch and continue with their targeted attacks. “As with …
Two exploit kits prey on Flash Player flaw patched only last week
Two exploit kits have been outfitted with the exploit for a Flash Player vulnerability that has been patched only a week ago, the researcher that goes by the handle Kafeine …
Apple warns about organized network attacks against iCloud users
In the wake of the claims that the Chinese authorities have mounted a MITM attack against iCloud and Microsoft account holders by redirecting them to spoofed login pages, …
Avast 2015 identifies vulnerable home routers
Avast Software launched Avast 2015, available in four consumer variations: Avast Free Antivirus, Avast Pro Antivirus, Avast Internet Security, and Avast Premier. All versions …
Windows 0-day exploited in ongoing attacks, temporary workarounds offered
Microsoft is warning users about a new Windows zero-day vulnerability that is being actively exploited in the wild and is primarily a risk to users on servers and workstations …
Attackers change home routers’ DNS settings via malicious code injected in ads
Sucuri Security researchers have unearthed a malvertising campaign aimed at changing the DNS settings of home routers in order to lead users questionable and potentially …
Koler worm spreads via SMS, holds phones for ransom
A new variant of the Android malware Koler now spreads by text message and holds infected users’ phones hostage until a ransom is paid. AdaptiveMobile detected the …
60% of Android attacks use financial malware
Malicious programs targeting Android-based devices in order to steal money were used in 60 percent of attempted attacks registered by Kaspersky Lab security products, …
Malware directs stolen documents to Google Drive
Researchers have uncovered a new type of information-stealing malware that is apparently used in campaigns targeting government agencies and can syphon files from compromised …
2FA: Google offers physical alternative to verification codes
Google is offering an alternative second factor for its two-step account verification option, one that has the additional advantage of thwarting phishing attacks. It’s …
OS X Yosemite’s Spotlight Suggestions: Privacy killer or not?
With last week’s official release of OS X Yosemite (v10.10), Apple has solved some critical security issues that could adversely affect users. But the new version of the …
Staples customers likely the latest victims of credit card breach
International office supply chain store Staples is likely the latest retailer to have suffered a credit card breach. “Multiple banks say they have identified a pattern …
Featured news
Resources
Don't miss
- 40 open-source tools redefining how security teams secure the stack
- Password habits are changing, and the data shows how far we’ve come
- Product showcase: Tuta – secure, encrypted, private email
- Henkel CISO on the messy truth of monitoring factories built across decades
- The hidden dynamics shaping who produces influential cybersecurity research