More and more enterprises are relying on external research teams to deal with security issues and vulnerabilities in a range of products. One of the latest news on the matter concerns Google Chrome. Google has recently paid about $38,330 to…
Malicious browser extensions are considered a quite frequent problem among users worldwide. To deal with the issue, Google has announced that, starting this July, Chrome extensions outside the Web Store will no longer be accessible for both Windows and Mac…
Epic Scale can be described as a crypto-currency mining tool marked by many antivirus programs as a potentially unwanted application (PUP). Once on your computer, it makes you a part of a Litecoin farm, generating revenue for third parties. Since…
Angler Exploit Kit has once again proved itself to be the most advanced exploit kit available today. As reported by Cisco, more than 10 000 malicious sub-domains were found on GoDaddy accounts. The reason for the extremely high number of…
Both Lenovo and Microsoft have taken action to remove from Windows the root certificate installed by the highly criticized Superfish application, which is used to generate certificates for every web page that uses HTTPS connection. The Superfish app is not…
Dell researchers report about a new piece of malware, dubbed Skeleton Key, which can bypass authentication on Active Directory systems. The Dell team says that the Skeleton Key allow the attackers to avoid detection by AD systems with single factor…
Hackers continue to take advantage of the recently discovered zero-day exploit in Adobe Flash to attack victims via BEDEP malware this time. What Is a Zero-day Exploit? A “zero-day exploit” (attack, threat, etc.) occurs during the time when a new…
The SoakSoak malware is now employing new tactics and has recently infected a new batch of websites. The attackers have also changed the Javascript code they inject in the targeted web pages. Thousands of websites infected with SoakSoak were blacklisted…
A new piece of malware employing remarkable trickery and stealth has been released in the wild recently. The threat is dubbed “f0xy” and was first noticed by Websence. The Strategy of F0xy What makes the new malware particularly hazardous is…
Security experts with Kaspersky Lab report that a brand new strain of the infamous ZeuS Trojan is hitting banking systems over the world. The new threat Trojan-Banker.Win32.Chthonic, or just Chthonic, has already affected a hundred and fifty banks and twenty…
OphionLocker, a brand new file-encrypting malware relying on ECC (elliptic curve cryptography) has been spotted in the wild. This public-key crypto method uses two keys – public and private one. The public is used for locking the files, and the…
The growing number of browser vulnerabilities is what’s on IT security managers minds these days. With the increasing number of such vulnerabilities, 72% out of 685 IT managers state that this is what is threatening the security in their organization…
AliExpress is a wholesale online market part of the Chinese Alibaba Group. It has been established in 2010 and is one of the most visited in Russia. According to Chinese Internet News – a leading news source of China news…
A new version of the notorious Neverquest Trojan, used for financial information thefts, has been found in November. It goes by the name of Vawtrack and is being spread out through several malware droppers, Zemot being one of them. The…
Yasser Ali, an independent researcher, reported that a critical bug in the prevention system for cross-site request forgery made all PayPal account vulnerable to hijacking. The problem is that PayPal has re-usable authentication tokens. They can be used by cyber…
The Asprox Botnet Is yet Expecting Its Peak during Holiday Season If you come across a message for a delivery confirmation into your email inbox these days, please beware that it’s been sent from a legitimate source. Especially if you…
AVbytes Win 7 Protection 2015 looks like a legitimate antivirus software and promises to be very effective to users. What it actually does is showing fake scanning reports for computer threats on the affected machines, not allowing them to use…
Danish citizen Hammad Akbar has faced a $500 000 fee for selling StealthGenie spyware online. Akbar has also been ordered to deliver the source code of the software to the US government. Akbar has been caught by the US agency…
Application vulnerability on the official website of The Weather Channel exposing almost all links to cross-site scripting attacks has been addressed recently. The discovery that over 75% of the websites on Weather.com were vulnerable was made by Wang Jin, a…
The sandbox component of Adobe Acrobat Reader has a flaw, which has been present since the 11.0.8 version and is not fixed in the latest version. The flaw makes the product vulnerable to NTFS junction attacks, when dealing with the…
