Google just released patches for CVE-2017-5070 and 29 other flaws in Chrome in the latest stable version of the browser, Chrome 59.0.3071.86. Google paid out $23,500 to external researchers for their findings. Besides the Chrome flaws, a type confusion vulnerability…
For one reason or another, companies often choose to fix serious security gaps in silence. That’s exactly what happened with IBM just recently when they released a workaround quietly, addressing a flaw in its enterprise backup software. The vulnerability, given…
Old malware doesn’t disappear, as evident by recent revivals of old cases. Just yesterday we wrote about the renewed distribution of the well-known Backdoor.Nital and Gh0st RAT. This article is dedicated to another old malware piece of the worm kind…
Extortion through crypto ransomware is the most prolific cybercrime model to date. Even now that this epidemic seems to have reached its peak in terms of attack sophistication, the evolution of these perpetrating programs is underway and ransom Trojans keep…
Duo Security has analyzed the security state of 4.6 million endpoint devices including 3.5 million mobile phones. The devices have been taken from various industries and world regions which makes the analysis quite comprehensive and indicative. The study was based…
The now-infamous EternalBlue exploit deployed in the WannaCry ransomware outbreak and in the distribution of the Adylkuzz miner is now being used to deliver the Nitol backdoor and Gh0st RAT. Both threats have been around for several years and are…
Several new security features and improvements of old ones have been introduced to Gmail. The reason is to improve the protection against phishing emails which have been a real menace to users, distributing malware and ransomware of the worst kind.…
RoughTed is a large-scale malvertising campaign which saw a peak in March this year but has been active for at least over a year. Both Windows and Mac operating systems are targeted, as well as iOS and Android. The operation…
CVE-2017-1000367 is a severe root Linux vulnerability discovered by Qualys Security researchers. The flaw resides in Sudo’s “get_process_ttyname()” function for Linux and could allow a user with Sudo privileges to run commands as root or elevate privileges to root. Sudo,…
AOL web developer Ran Bar-Zik has uncovered a Google Chrome bug that allows websites to record audio and video without the user’s knowledge or any signs of the activity. Google however doesn’t consider the bug to be a critical security…
The Android operating system has a restriction to block the installation of applications outside Play Store. Switching to “unknown sources” is a very bad idea regarding the security of the device, and any many security experts would confirm this. Interestingly,…
A new Windows flaw, affecting almost all versions of the OS, Windows 10 excluded has been unearthed. More specifically, Windows 7 and Windows 8.1 are prone to the same bug where certain bad filenames make the system lock up or…
Have you heard of the Samba project? It’s a popular open source project that is used on Linux and Unix machines so that they work with Windows file and print services. The project lets you work as a client that…
Researchers from Georgia Institute of Technology and UC Santa Barbara have uncovered a new Android exploit affecting all versions of the operating system. The exploit is dubbed Cloak and Dagger and is seen as a new class of potential attacks…
Victims of the BTCWare ransomware now have a way to decrypt their files for free using the decryption tool developed by Avast. Related Story: Find Decryption Key for Files Encrypted by Ransomware Avast Develops BTCWare Decrypter BTCWare is a ransomware…
Ever dreamed of a career in the field of cybersecurity? These positions become more and more valuable and well-paid. Chief Information Security Officers in particular are in high demand right now and, considering the complexity and stress levels of the…
Meet Athena, the latest file unearthed in WikiLeak’s Vault 7 inventory of CIA hacking tools. Athena is a surveillance (spying) tool which has been created to capture communications from computers running Windows XP to machines on Windows 10, researchers say.…
Remember the leaks of exploits used by the WannaCry SMB worm that cause more than 240,000 detections in 48 hours? If you do, you’d remember they were named EternalBlue and DoublePulsar. A new worm has appeared, carrying the name EternalRocks…
The WannaCry ransomware outbreak took place because of the EternalBlue vulnerability obtained by the NSA and then stolen from the Shadow Brokers. The hacking group recently revealed more vulnerabilities owned by the NSA claiming the agency used them to get…
Kaspersky Lab statistics indicate that WannaCry attacks on Windows 7 accounted for 98% of the total number of infections. More particularly, over 60% of the systems attacked by WannaCry were running the 64-bit version of Windows 7, whereas 32% of…
