Viry a Červi

Google Expands Bug-Bounty Program to Battle Abuse Methods

VirusList.com - 47 min 2 sek zpět
The program focuses on potential abuse methods across Google's product-specific channels like Google+, Youtube, Gmail and Blogger.
Kategorie: Viry a Červi

Open MQTT Servers Raise Physical Threats in Smart Homes

VirusList.com - 1 hodina 47 min zpět
Misconfigured DIY smart-home hubs for home automation could allow attackers to track owners’ movements, see if smart doors and windows are opened or closed, and even open garage doors.
Kategorie: Viry a Červi

ThreatList: Telecom Sector Plagued with Advanced Malware

VirusList.com - 2 hodiny 1 min zpět
Advanced behavior malware threats are targeting telecom services - at a higher level than the global average, researchers found.
Kategorie: Viry a Červi

Google Chrome Bug Opens Access to Private Facebook Information

VirusList.com - 3 hodiny 1 min zpět
The method could be used to deduce the age, sex, likes or the location history of a user – essentially, the attacker can play “20 questions” to profile the victim.
Kategorie: Viry a Červi

Australians who won’t unlock their phones could face 10 years in jail

Sophos Naked Security - 4 hodiny 7 min zpět
The Australian government wants to force companies to help it get at suspected criminals’ data. If they can’t, it would jail people for up to a decade if they refuse to unlock their phones.

Sacramento admits to tracking welfare recipients’ license plates

Sophos Naked Security - 4 hodiny 23 min zpět
For 2 years, welfare investigators used a huge database of automated license plate reader images to sniff out fraud, without audit or policy.

Silk Road founder Ross Ulbricht is dictating tweets from prison

Sophos Naked Security - 4 hodiny 45 min zpět
The family of "Dread Pirate Roberts" got him an account and is typing in, word for word, his tweets, including his hope for Trump's clemency.

Bogus journals being used to publish fake science

Sophos Naked Security - 4 hodiny 56 min zpět
What's worse than fake news? Fake science - published in legitimate looking journals.

Security assessment of corporate information systems in 2017

Kaspersky Securelist - 5 hodin 1 min zpět

Each year, Kaspersky Lab’s Security Services department carries out dozens of cybersecurity assessment projects for companies worldwide. In this publication, we present a general summary and statistics for the cybersecurity assessments we have conducted of corporate information systems throughout 2017.

We have analyzed several dozen projects for companies from various sectors, including government bodies, financial organizations, telecommunications and IT companies, as well as manufacturing and energy companies. The results and statistics on detected vulnerabilities are provided separately for each type of service provided: external penetration testing, internal penetration testing, web application security assessment.

The distribution of analyzed companies by industry, 2017

The overall level of protection against external attackers was assessed as low or extremely low for 43% of all analyzed companies. The level of protection against internal attackers was identified as low or extremely low for 93% of all analyzed companies.

This publication includes statistics on the most common vulnerabilities and security flaws that Kaspersky Lab’s experts have detected and that can potentially be used by threat actors for unauthorized penetration into company infrastructures.

 “Security assessment of corporate information systems in 2017” full report (PDF)

Mozilla-endorsed security plug-in accused of tracking users

The Register - Anti-Virus - 15 hodin 42 min zpět
Web Security says there's nothing nefarious to its URL collection

A security plug-in for the Firefox browser is under fire after users discovered it was collecting and uploading their online activity.…

Kategorie: Viry a Červi

Making money mining Coinhive? Yeah, you and nine other people

The Register - Anti-Virus - 16 hodin 8 min zpět
10 users controlling the bulk of cryptocoin generator funds

Mining internet currency on websites with Coinhive scripts is a lucrative endeavor, but only for a handful of people.…

Kategorie: Viry a Červi

Microsoft Cortana Flaw Allows Web Browsing on Locked PCs

VirusList.com - 15 Srpen, 2018 - 22:42
The tricky Cortana flaw, CVE-2018-8253, was addressed by Microsoft during Patch Tuesday.
Kategorie: Viry a Červi

BlackIoT Botnet: Can Water Heaters, Washers Bring Down the Power Grid?

VirusList.com - 15 Srpen, 2018 - 22:38
In testing, an Internet of Things (IoT) botnet of large, power-consuming appliances was used to carry out coordinated attacks on the energy grid.
Kategorie: Viry a Červi

India's Cosmos bank raided for $13m by hackers

The Register - Anti-Virus - 15 Srpen, 2018 - 22:05
Report points finger at North Korea for cyber-heist

Cosmos Bank in India says that hackers made off with $13.4m in stolen funds over the weekend.…

Kategorie: Viry a Červi

Support for ageing key exchange crypto leaves VPNs open to attack

The Register - Anti-Virus - 15 Srpen, 2018 - 21:40
Ancient issue causing new ones

Security gaps have been identified in widely used implementations of the IPsec protocol, which is used in the set up of Virtual Private Networks (VPNs).…

Kategorie: Viry a Červi

Bitcoin backer sues AT&T for $240m over stolen cryptocurrency

The Register - Anti-Virus - 15 Srpen, 2018 - 21:12
Michael Terpin not happy about funds-draining SIM swap fraud

A bitcoin investor is suing AT&T for $240m after it allegedly ported his phone number to a hacker, allowing the criminal to steal $24m in cryptocurrency.…

Kategorie: Viry a Červi

Google is tracking your location, even when the setting is turned off

Sophos Naked Security - 15 Srpen, 2018 - 20:45
Shock! It appears Google can track the location of anyone using some of its apps on Android or iPhone even when they’ve told it not to.

Beware! ‘Porn’ scam uses your phone number to blackmail you

Sophos Naked Security - 15 Srpen, 2018 - 18:34
Last month the crooks were throwing old passwords into their scams to make you sit up and take notice. Now it's phone numbers.

Office 365 Phishing Campaign Hides Malicious URLs in SharePoint Files

VirusList.com - 15 Srpen, 2018 - 18:06
Researchers say the "PhishPoint" tactic has already impacted 10 percent of Office 365 users globally.
Kategorie: Viry a Červi

ThreatList: Financial-Themed Phishing Hooks Targets in Q2

VirusList.com - 15 Srpen, 2018 - 15:15
In addition to traditional phishing, fraudulent cryptocurrency offers pose a rising trend.
Kategorie: Viry a Červi
Syndikovat obsah