Yasser Ali, an independent researcher, reported that a critical bug in the prevention system for cross-site request forgery made all PayPal account vulnerable to hijacking. The problem is that PayPal has re-usable authentication tokens. They can be used by cyber…
The Asprox Botnet Is yet Expecting Its Peak during Holiday Season If you come across a message for a delivery confirmation into your email inbox these days, please beware that it’s been sent from a legitimate source. Especially if you…
AVbytes Win 7 Protection 2015 looks like a legitimate antivirus software and promises to be very effective to users. What it actually does is showing fake scanning reports for computer threats on the affected machines, not allowing them to use…
Danish citizen Hammad Akbar has faced a $500 000 fee for selling StealthGenie spyware online. Akbar has also been ordered to deliver the source code of the software to the US government. Akbar has been caught by the US agency…
Application vulnerability on the official website of The Weather Channel exposing almost all links to cross-site scripting attacks has been addressed recently. The discovery that over 75% of the websites on Weather.com were vulnerable was made by Wang Jin, a…
The sandbox component of Adobe Acrobat Reader has a flaw, which has been present since the 11.0.8 version and is not fixed in the latest version. The flaw makes the product vulnerable to NTFS junction attacks, when dealing with the…
A Backdoor mechanism for distribution of thousands of pirate themes and plug-ins for Joomla, WordPress, and Drupal CMSs has been recently spotted in the wild. Developers have found that CryptoPHP hacker operators have used it to break into C&C (control…
A variant of a Remote Control System (RCS) program software designed to remove malware has been spreading into the Internet lately. The software is known to have been developed by an Italian company, called Hacking Team, and is spreading as…
Google issues the 39 version of the Chrome browser for OS X devices, which marks a huge change from 32-bit to 64-bit support. This move will, hopefully, make the browser faster and use less memory. Over 40 vulnerabilities are being…
More than six million email accounts around the globe have been compromised over the past three months. Researchers believe that the amount of exposed email accounts has probably increased thanks to a spike in data breaches. The researchers who conducted…
As a consequence of one of the biggest retail security breaches this passing year, Home Depot has spent more than $43 million only during the last trimester on security investigations. In a statement from this Tuesday, the retailer announced that…
On Tuesday Adobe issued an emergency patch in order to fix a Flash Player flaw CVE-2104-8439 that was fixed last month but got exploited again. Adobe added “mitigation” for the vulnerability. The new versions are available for: Windows – 15.0.0.239…
Microsoft has released a new build 9879 for all the machines running Windows 10 Technical Preview. Reportedly its features are no different than those of the old one. In case you are among the proud users of Windows 10 Technical…
The “less” command which allows you to see the files content downloaded from the Internet in Linux may appear to be quite a dangerous feature according to security specialists. What Is Lesspipe The feature looks harmless at first sight, allowing…
Researchers with Symantec have identified a new highly advanced espionage malware, dubbed Regin, used in attacks against numerous international targets, ranging from private individuals to businesses, and governments. The degree of technical competence displayed by Regin can be rarely seen,…
Creating an Android malware application can be quite easy even for a beginner in developing of software applications. Take an existing application, disassemble it with all the available tools which can be found online, change the code, make it open-source…
A crucial cross-site scripting flaw is patched in the latest WordPress Update – 4.0.1. The vulnerability compromises comment boxes on websites that apply the content management system software. Exploiting the flaw, an attacker would have to inject malicious JavaScript in…
In the past few days, Windows Update has not been functioning on Windows XP. Error 0x80248015 occurs as IE8 loads the web page, and so the user cannot search for a fix. Despite the fact that Microsoft does not issue…
A new type Man-in-the-Middle (MitM) attack called “DoubleDirect” is spreading over the Internet these days. What the attack does is redirecting traffic of wireless connections from big web-site domains like Facebook, Google, Twitter, to malware-infected sites. Falling on such the…
Detect has been built to assist activists, journalists and defenders of the human rights worldwide, by detecting spyware installed by governmental organizations in order to monitor certain subjects and their activities. Researcher Claudio Guarneri is the mind behind the open…
