Viry a Červi

VB2020 localhost call for last-minute papers opened!

Virus Bulletin News - 31 Červenec, 2020 - 12:32
The call for last-minute papers for VB2020 localhost is now open. Submit before 17 August to have your paper considered for one of the nine slots reserved for 'hot' research!

Read more
Kategorie: Viry a Červi

Black Hat USA 2020 Preview: Election Security, COVID Disinformation and More

VirusList.com - 31 Červenec, 2020 - 12:30
Threatpost editors break down the top themes, speakers and sessions to look out for this year at Black Hat 2020 - from election security to remote work and the pandemic.
Kategorie: Viry a Červi

Burn baby burn, plastic inferno! Infosec researchers turn 3D printers into self-immolating suicide machines

The Register - Anti-Virus - 31 Červenec, 2020 - 12:15
Inflammatory findings from deadly serious investigation

Some 3D printers can be flashed with firmware updates downloaded directly from the internet – and an infosec research firm says it has discovered a way to spoof those updates and potentially make the printer catch fire.…

Kategorie: Viry a Červi

In the market for a second-hand phone? Check it's still supported by the vendor – almost a third sold are not

The Register - Anti-Virus - 31 Červenec, 2020 - 10:30
That means no security updates, which puts users at risk of compromise

An investigation by consumer watchdog Which? has found that nearly a third of all phones sold on second-hand sites are no longer supported by the vendor, leaving punters at risk of being hacked.…

Kategorie: Viry a Červi

EU tries to get serious on cybercrime with first sanctions against Wannacry, NotPetya, CloudHopper crews

The Register - Anti-Virus - 31 Červenec, 2020 - 09:55
Russian, Chinese, Nork groups named in bank asset freeze

The European Union has, for the first time ever, slapped sanctions on hacking crews.…

Kategorie: Viry a Červi

Fun fact: If you noticed a while ago Zoom's web client going AWOL for a week, it's because someone found a passcode-cracking hole

The Register - Anti-Virus - 31 Červenec, 2020 - 08:25
Story behind a hasty teardown, fixing of a brute-force vulnerability

Zoom has confirmed it fixed a vulnerability that could have been exploited by miscreants to crack the passcodes needed to access strangers' private chin-wagging.…

Kategorie: Viry a Červi

Twitter says spear-phishing attack hooked its staff and led to celebrity account hijack

The Register - Anti-Virus - 31 Červenec, 2020 - 07:27
Attack came in waves that probed for staff with access to the creds crims craved

Twitter has offered further explanation of the celebrity account hijack hack that saw 130 users’ timelines polluted with a Bitcoin scam.…

Kategorie: Viry a Červi

Infosec bod: I've found zero-day flaws in Tor's bridge relay defenses. Tor Project: Only the zero part is right

The Register - Anti-Virus - 31 Červenec, 2020 - 00:08
Warnings either not new or need more study, reckons open-source dev team

Neal Krawetz, a computer forensics expert, has published details on how to detect Tor bridge network traffic that he characterizes as "zero-day exploits"... which the Tor Project insists are nothing of the sort.…

Kategorie: Viry a Červi

Zoom Flaw Could Have Allowed Hackers To Crack Meeting Passcodes

VirusList.com - 30 Červenec, 2020 - 23:40
Zoom has fixed the issue, which stemmed from a lack of checks against incorrect passcode attempts.
Kategorie: Viry a Červi

Doki Backdoor Infiltrates Docker Servers in the Cloud

VirusList.com - 30 Červenec, 2020 - 19:00
The malware is a new payload that uses Dogecoin wallets for its C2, and spreads via the Ngrok botnet.
Kategorie: Viry a Červi

Servers at risk from “BootHole” bug – what you need to know

Sophos Naked Security - 30 Červenec, 2020 - 17:35
We explain the "BootHole" vulnerability - as usual, in plain English and without hype. Find if you're affected and what to do.

Critical, High-Severity Cisco Flaws Fixed in Data Center Network Manager

VirusList.com - 30 Červenec, 2020 - 16:36
The flaw could allow a remote, unauthenticated attacker to bypass authentication on vulnerable devices.
Kategorie: Viry a Červi

Vermont Taxpayers Warned of Data Leak Over the Past Three Years

VirusList.com - 30 Červenec, 2020 - 15:32
A vulnerability in the state’s system may have exposed personal data that can be used for credential theft for those who filed Property Transfer Tax returns online.
Kategorie: Viry a Červi

If you own one of these 45 Netgear devices, replace it: Kit maker won't patch vulnerable gear despite live proof-of-concept code

The Register - Anti-Virus - 30 Červenec, 2020 - 13:28
That's one way of speeding up the tech refresh cycle

Netgear has quietly decided not to patch more than 40 home routers to plug a remote code execution vulnerability – despite security researchers having published proof-of-concept exploit code.…

Kategorie: Viry a Červi

DXC says ransomware attack disrupted customer operations at insurance services arm but barely left a scratch

The Register - Anti-Virus - 30 Červenec, 2020 - 09:29
No data loss or evidence of extended intrusions, but standalone limb Xchanging did suffer

DXC has recovered from a ransomware attack that hit its independent services-for-insurers operation Xchanging.…

Kategorie: Viry a Červi

Critical Magento Flaws Allow Code Execution

VirusList.com - 29 Červenec, 2020 - 23:22
Adobe has released patches for critical and important-severity flaws in its popular Magento e-commerce platform.
Kategorie: Viry a Červi

YOU... SHA-1 NOT PASS! Microsoft magics away demonic hash algorithm from Windows updates, apps

The Register - Anti-Virus - 29 Červenec, 2020 - 22:37
Because no one likes to install spoof system files

Microsoft is preparing to once and for all drop support for the SHA-1 hash algorithm.…

Kategorie: Viry a Červi

Billions of Devices Impacted by Secure Boot Bypass

VirusList.com - 29 Červenec, 2020 - 21:53
The "BootHole" bug could allow cyberattackers to load malware, steal information and move laterally into corporate, OT, IoT and home networks.
Kategorie: Viry a Červi

Critical Bugs in Utilities VPNs Could Cause Physical Damage

VirusList.com - 29 Červenec, 2020 - 20:02
Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers warn.
Kategorie: Viry a Červi

GRUB2, you're getting too bug for your boots: Config file buffer overflow is a boon for malware seeking to drill deeper into a system

The Register - Anti-Virus - 29 Červenec, 2020 - 19:00
We're gonna keeping punning this until someone pays us $5m

An annoying vulnerability in the widely used GRUB2 bootloader can be potentially exploited by malware or a rogue insider already on a machine to thoroughly compromise the operating system or hypervisor while evading detection by users and security tools.…

Kategorie: Viry a Červi
Syndikovat obsah