Its name is the Trident: a chain of zero-day exploits that aim to infect iPhone with commercial spyware. Researchers linked it to the NSO group.Its name is the Trident: aRead More →
Hackers have stolen over 60 million account details for online cloud storage platform Dropbox. Although the accounts were stolen during a previously disclosed breach, and Dropbox says it has alreadyRead More →
When we first encountered Lurk, in 2011, it was a nameless Trojan. It all started when we became aware of a number of incidents at several Russian banks that hadRead More →
Last month ESET researchers wrote an article about a new OS X malware called OSX/Keydnap, built to steal the content of OS X’s keychain and maintain a permanent backdoor. AtRead More →
Google declined to classify this as a security issue. British security researcher Aidan Woods discovered an issue on Google’s login page that allows clever attackers to automatically download files on theRead More →
Concern about more attacks mounting as presidential elections approach. Someone using servers in the US, England, Scotland, and the Netherlands stole voter registration from one state’s Board of Elections website inRead More →
In this blog, FireEye Labs dissects this new ATM malware that we have dubbed RIPPER (due to the project name “ATMRIPPER” identified in the sample) and documents indicators that strongly suggestRead More →
Technique works on virtually all USB drives with no modifications necessary. In 2013, a document leaked by former National Security Agency contractor Edward Snowden illustrated how a specially modified USB deviceRead More →
Kaspersky fixes three DoS flaws, one information leak bug. Russian security vendor Kaspersky Lab has recently patched four vulnerabilities in its flagship product, the Kaspersky Internet Security Suite, which allowed attackersRead More →
Tech support scams coming as phishing pages that contain fake alerts urging you to call for immediate assistance are common place these days. We collect hundreds of such URLs each day and haveRead More →
Roman Seleznev, aka “Track2,” was found guilty of 38 counts relating to fraud and theft. On Thursday, a federal jury in Seattle found Roman Seleznev guilty of stealing millions of creditRead More →
KimDotcom’ Megaupload, the popular website seized by feds 5 years ago and currently managed by the FBI is serving adult content. Sometimes really bizarre things happen and it is difficultRead More →
New WiKey attack can compromise passwords via WiFi signals. It is theoretically possible to accurately detect keystrokes using the Wi-Fi signals from a plain router, scientists from Michigan State University andRead More →
Let’s get into the nitty-gritty. The only way you can reset your password on Facebook (if you’ve forgotten one) is through entering a 6 digit passcode. Well that’s 10⁶ =Read More →
Opera, which recently agreed to sell its browser business to a Chinese consortium, has reset user passwords for one of its services after its servers were breached by hackers this week. The companyRead More →
St. Jude Medical declares claim of vulnerability “false and misleading.” Trading in the stock of medical device manufacturer St. Jude Medical was halted Friday afternoon after a dramatic drop in itsRead More →
Exploiting server side bugs is a jackpot for hackers. Users tend to keep their data in one big pot – the server. This allows attackers to focus on one target,Read More →
The Domino Ransomware is a new infection discovered by Daniel Gallagher and Michael Gillespie that is based off of the Hidden Tear open-source ransomware project. What makes this variant interesting is that it pretendsRead More →
As the uptake of SSL grows, Tim Blombery, systems engineer at A10 Networks, said threat actors are increasingly leveraging SSL-based encryption to hide malicious activity. As usage of Secure SocketsRead More →
New MIME confusion attack mitigations added to Firefox 50. Starting with Firefox 50, the browser will feature improved mitigation against MIME confusion attacks, preventing a threat actor from disguising malicious codeRead More →
