Microsoft patches two more 0-days actively used by attackers
With this month’s Patch Tuesday, Microsoft has provided patches for several critical vulnerabilities that allow remote code execution, some of which have been or are …
Lessons learned developing Lynis, an open source security auditing tool
If you’ve been involved with information security for more than a decade, you’ve probably heard of Rootkit Hunter or rkhunter, a software whose primary goal is to …
4 million UPnP devices may be vulnerable to attack
Akamai has observed the use of a new reflection and amplification DDoS attack that deliberately misuses communications protocols that come enabled on millions of home and …
POODLE vulnerability: The end of life of SSL 3.0
There is a critical security vulnerability in SSL 3.0 which allows attackers to calculate the plaintext of encrypted connections, and it will likely spell the end of the use …
Infographic: How to spot a phish
Since many cyber attacks originate with a phishing email, the best way for organizations and individuals to protect themselves online is to identify and avoid phishing emails. …
New Linksys switch compliments WRT router
Linksys announced the Linksys WRT 8-Port Gigabit Ethernet Switch (SE4008), the first in a lineup of new networking peripherals made to complement the Linksys Wireless-AC Dual …
Microsoft patches SandWorm 0-day
Microsoft is back in fine form this month with eight upcoming advisories affecting Internet Explorer, the entire Microsoft range of supported operating systems, plus Office, …
Malicious YouTube ads lead to exploits, ransomware
In the last few months, Trend Micro researchers have been following a malvertising campaign that ended up affecting almost exclusively US users at the beat of more than …
Russian espionage group used Windows 0-day to target NATO, EU
In today’s Patch Tuesday, Microsoft will be releasing a wide variety of patches, and among them will be one for a zero-day vulnerability that has been used in a …
Personal info of 850k Oregon jobseekers potentially compromised
851,322 individuals who used Oregon Employment Department’s WorkSource Oregon Management Information System (WOMIS) will soon be receiving notices that they information …
Spammers spreading new Wolf of Wall Street scam
Millions of penny stock spam emails have been flooding inboxes, spreading a new “Wolf of Wall Street’ scam and inflating the stock values of a mineral deposit …
Dropbox wasn’t hacked, says leaked credentials are from unrelated services
Dropbox has denied that they have been hacked, and that the login credentials leaked by a unknown individual on Pastebin are those of Dropbox users. The leaker released the …