A new type Man-in-the-Middle (MitM) attack called “DoubleDirect” is spreading over the Internet these days. What the attack does is redirecting traffic of wireless connections from big web-site domains like Facebook, Google, Twitter, to malware-infected sites. Falling on such the…
Detect has been built to assist activists, journalists and defenders of the human rights worldwide, by detecting spyware installed by governmental organizations in order to monitor certain subjects and their activities. Researcher Claudio Guarneri is the mind behind the open…
Everyone who uses PayPal service for their online payments has at least once received an e-mail pretending to be from the official PayPal support, stating that an unauthorized payment has been made out of the account. Most of these e-mails…
The Citadel Trojan has a new target – password managers holding the passwords that keep important management products safe. IBM Trusteer researchers have announced that they have informed the creators or nexus Personal Security Client, KeePass and Password Safe about…
A report stating that the file-sharing peer-to-peer shared service BitTorrent has several flaws in its security encryption was published last Sunday (16th November) by a group of security researchers in the Hackito web-site forum. The report states that the torrent…
Google has open-sourced a new tool this Tuesday, in an attempt to enhance the performance of automated web security scanners by assessing them with patterns of flaws that have already been seen in the wild. The utility dubbed Firing Range…
WhatsApp, the worldwide famous messaging application have recently announced that they have implemented a secure text protocol for end-to-end encryption for all its users. They should not do anything though – the encryption will be installed automatically with the next…
Yesterday Google released the 39 version of their Chrome browser, fixing 42 vulnerabilities known altogether removing support for the notorious SSL 3.0 certificate which was subject to a POODLE malware attack last month. The attack was discovered by Google researchers…
Recently, the option of de-anonymizing users on Tor network was discussed. This possibility led to numerous discussions online. The team behind the project assured that the false positive rate makes such attacks worthless. According to research done by a professor…
Hackers using the Asprox / Kuluoz botnet appear to have developed it to send links landing on different pages, depending on what operation systems victims are using – Android or iOS. In addition, it seems that there is a backdoor…
Microsoft has recently warned the PC users about certain problems with the SChannel Security Update. It was announced that the SChannel vulnerability contains new TLS ciphers that are causing the problems. The company has offered a workaround, however the users…
The new CoinVault ransomware has the same behavior as other file-encrypting malware, like CryptoWall, CryptoLocker and Crowti. CoinVault would encrypt the files on the affected machine and demand a ransom for their recovery. CoinVault has an interface similar to other…
A new and upgraded variant of the Backoff malware, also known as ROM, has been detected by security experts recently. Researchers with Fortinet reported that the new version of the point of sale malware is almost the same as the…
In September this year Microsoft announced that the upcoming release of Windows 10 is to be expected around mid-2015. A preview in its Insider Program shows that one of the changes will be in the start menu itself – the…
After a research about a Tor exit node, modifying uncompressed Windows executable files downloaded through it was recently published, experts have discovered that the issue leads back to the Russian APT family MiniDuke, which is famous for being used in…
Microsoft released their regular Tuesday patch for this month two days ago, on 11th November. They are fixing many issues with the patch, including the 0-day Sandworm one, but a flaw in their security remains still. We’re talking about the…
After last month’s Snapchat third-application security breach happened, the service provider decided to start informing their customers whenever a third-party application is trying to enter their accounts. The measurement aims to prevent disclosing personal information and pictures of customers that…
The surge of Linux infecting malware has caught the eye of VirusTotal – a tool designed for malware hunters owned by Google. The VirusTotal database is a Must-Have for any security researcher who wants to be aware of the top…
A new DDoS attacks trend has been observed by security experts. The new method relies on a Domain Name System (DNS) amplification that uses text records in order to make the attack more efficient. Cyber criminals have been using parts…
A little more than two weeks before the start of the official holiday shopping season our attention is drawn to the more frequent Point-of-Sale (POS) malware attacks targeted to big merchant chains. What makes an impression is that each following…
