In This Section

PINDROP BLOG

Category: Hacking

December 14, 2016
New Malvertising Campaign Exploits Home Routers, Changes DNS Servers
There’s a new malvertising campaign that is attacking Chrome users on both desktops and mobile devices and is exploiting victims’ home routers through the use of the DNSChanger exploit kit. The attacks have been going on for several weeks and researchers say they’re targeting several brands of routers, including D-Link, Netgear, and others. The attackers behind…
Read More →
December 12, 2016
iOS 10.2 Security Update Fixes 12 Flaws
Apple has released iOS 10.2, fixing 12 security vulnerabilities in the mobile operating system, including two bugs that could lead to arbitrary code execution. The more serious of the code-execution flaws is related to the way that iOS handles certificates. The bug could allow an attacker to use a malicious certificate to gain code execution on a…
Read More →
December 12, 2016
Some Netgear Routers Open to Remote Code Execution
Two models of Netgear home routers contain a vulnerability that can allow a remote attacker to execute arbitrary code. The bug can be exploited with a simple URL and there’s a publicly available exploit for the flaw. The issue affects the Netgear R7000 and R6400 routers and right now there’s no fix available for the…
Read More →
December 9, 2016
Yahoo Patches Critical XSS Flaw in Mail
There was a serious security flaw in the Yahoo Mail that enabled an attacker to attach malicious code to a victim’s outgoing messages or read any email in the victim’s inbox just by having the victim open a carefully crafted email. Yahoo patched the vulnerability last week, closing a hole that the researcher who discovered it…
Read More →
December 8, 2016
How Account Takeovers Threaten Bank Security
There are many different kinds of attackers in the cybercrime ecosystem, and they each carry their own motivations and tactics. Some groups are politically motivated, while others are in it strictly for fun and games. But for fraudsters who target banks, insurance companies, and other financial institutions, the goal is one thing: money, and lots…
Read More →
December 8, 2016
Zeus Offspring Floki Bot Infecting PoS Systems
Malware gangs, like sad wedding bands, love to play the hits. And one of the hits they keep running back over and over is the Zeus banking Trojan, which has been in use for many years in a number of different forms. Researchers have unearthed a new piece of malware called Floki Bot that is…
Read More →
December 7, 2016
New Mirai Variant Infecting Home Routers
A new variant of the Mirai malware that has been wreaking havoc on IoT devices is now being used to infect home routers installed by TalkTalk in the U.K. The malware is exploiting a vulnerability to install itself on the router and then attackers are using the infected devices in DDoS attacks. Researchers at Imperva…
Read More →
December 7, 2016
Flash Bugs Dominate Exploit Kit Landscape
Vulnerabilities in Flash and Internet Explorer dominated the exploit kit landscape in the last year, with a high-profile bug in Flash being found in seven separate kits, new research shows. Exploit kits have long been a key tool in the arsenal of many attackers, from low-level gangs to highly organized cybercrime crews. Their attraction stems from…
Read More →
December 6, 2016
Researchers Find Backdoors in Sony IP Cameras
A long list of IP-enabled security cameras made by Sony contain backdoors in their firmware that can allow an attacker to run arbitrary code remotely on the devices and potentially opening them up for use in a botnet. The cameras affected by the vulnerabilities are surveillance cameras, mainly used in enterprises and retail settings and…
Read More →
December 2, 2016
Attackers Running Massive DDoS Floods on a Daily Schedule
The Mirai botnet has been responsible for several of the larger DDoS attacks ever recorded, and it continues to cause trouble for ISPs and large organizations around the world. But researchers say there’s now another botnet that’s being used in massive DDoS attacks that are appearing on a regular schedule every day. The new series…
Read More →
Introducing Pindrop® Express – Authenticate without compromise.