Financial Fraud Trending in the Wrong Direction
When discussing financial fraud, people often talk about it as one overarching problem. But the reality is that in today’s environment, fraud comprises many separate, distinct components, each with its own techniques, complexities, and challenges for organizations trying to defend against them. Customers interact with their financial institutions in a variety of ways: in-person, online, […]
Flash Bugs Dominate Exploit Kit Landscape
Vulnerabilities in Flash and Internet Explorer dominated the exploit kit landscape in the last year, with a high-profile bug in Flash being found in seven separate kits, new research shows. Exploit kits have long been a key tool in the arsenal of many attackers, from low-level gangs to highly organized cybercrime crews. Their attraction stems from […]
Researchers Find Backdoors in Sony IP Cameras
A long list of IP-enabled security cameras made by Sony contain backdoors in their firmware that can allow an attacker to run arbitrary code remotely on the devices and potentially opening them up for use in a botnet. The cameras affected by the vulnerabilities are surveillance cameras, mainly used in enterprises and retail settings and […]
Google Trusted Contacts Allows Users to Share Location in Real Time
Google has spent a lot of time and money on security over the last few years, developing new technologies and systems to protect users’ devices. One of the newer technologies the company has come up with is designed to provide security for users themselves rather than their laptops or phones. On Monday Google launched a new […]
Attackers Running Massive DDoS Floods on a Daily Schedule
The Mirai botnet has been responsible for several of the larger DDoS attacks ever recorded, and it continues to cause trouble for ISPs and large organizations around the world. But researchers say there’s now another botnet that’s being used in massive DDoS attacks that are appearing on a regular schedule every day. The new series […]
Bugs in AirDroid App Allow Traffic Interception, Malicious Updates
AirDroid, a popular Android app used for remote management, has a number of security vulnerabilities that could allow an attacker to intercept and decrypt secure traffic and even inject a malicious app update to gain remote code execution on a target device. The main issue with the app is the use of a hard-coded encryption […]
FBI, Europol Dismantle Avalanche Cybercrime Crew
A large group of law enforcement officials, security researchers, registrars, and others have dismantled a huge malware, phishing, and cybercrime network known as Avalanche, taking down more than 800,000 domains in the process. The operation, which was a collaborative effort by Europol, the FBI, German police, and security groups, resulted in five arrests and the […]
Mozilla Fixes Zero Day Used to Unmask Tor Users
Mozilla has released a patch for a critical remote code execution vulnerability in Firefox that is being used in active attacks to unmask users of the Tor Browser, which is based on Firefox. The vulnerability lies in the way that Firefox handles SVG animations and exploit code for the bug has been posted on a […]
Lieu Asks Congress to Examine Ransomware Problem
In the wake of the attack on San Francisco’s Muni transportation over the Thanksgiving weekend, a legislator from California is asking Congress to hold hearings on the ransomware problem and determine whether there are ways that the government can help address the issue in both government agencies and private businesses. Rep. Ted Lieu (D-Calif.) sent a […]