Thousands of FTP sites compromised to serve malware and scams
Some 7,000 FTP sites and servers have been compromised to serve malware, and its administrators are usually none the wiser, claim Hold Security researchers. FTP sites function …
Silk Road 2.0 allegedly hacked, user funds stolen
The second incarnation of the (in)famous Silk Road underground market has been hacked, claims one of its moderators who goes by the online handle “Defcon”, and an …
IE 0-day used in watering hole attack tied to previous campaigns
An Internet Explorer zero-day vulnerability (CVE-2014-0322) is actively exploited in the wild in a watering-hole attack targeting visitors to the official website of the U.S. …
300,000 users affected by premium-SMS sending apps from Google Play
Panda Security has identified malicious apps on Google Play that can sign users up to premium SMS subscription services without their permission. These new threats have been …
Most organizations are unable to resolve a cyber attack
The lack of incident detection and investigation puts companies and their CISOs’ jobs at significant risk, according to a new Ponemon Institute study. In fact, when a …
Security vulnerability in the Duo WordPress two-factor authentication plugin
During an internal assessment, Duo Security found a vulnerability in their popular WordPress two-factor authentication plugin that completely bypasses the security measures …
Fake SSL certificates used to impersonate Facebook, Google, banks
Analysts with UK-based Internet research firm Netcraft have discovered a considerable number of fake SSL certificates in the wild, created to impersonate banks, social …
Linksys home routers targeted and compromised in active campaign
A yet undetermined vulnerability affecting certain Linksys WiFi routers is being actively and massively exploited in the wild to infect the devices with a worm dubbed …
The sad state of cyber security readiness
Just 17 per cent of UK business leaders see cyber security as a major priority, compared to 41 per cent in the US, research from BT has revealed. The research, which assessed …
Bogus Microsoft “Reactivate Your Email Account” emails doing rounds
Phishing emails purportedly sent by Microsoft are targeting the company’s customers and trying to get them to reveal their login credentials and some personal …
Mac Bitcoin-stealing Trojan lurks on download sites and GitHub
CoinThief, the recently discovered Bitcoin-stealing Trojan that targets Mac users, has been spotted being offered on several download websites such as CNET’s …
NSA snooping: MEPs table proposals to protect EU citizens’ privacy
The European Parliament should withhold its consent to an EU-US trade deal unless it fully respects EU citizens’ data privacy, says an inquiry report on NSA and EU …
Featured news
Resources
Don't miss
- Cloud-audit: Fast, open-source AWS security scanner
- Zero trust, zero buzzwords: Here’s what it means
- HR, recruiters targeted in year-long malware campaign
- Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts
- Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming