PINDROP BLOG

Category: Hacking

December 9, 2016
Yahoo Patches Critical XSS Flaw in Mail
There was a serious security flaw in the Yahoo Mail that enabled an attacker to attach malicious code to a victim’s outgoing messages or read any email in the victim’s inbox just by having the victim open a carefully crafted email. Yahoo patched the vulnerability last week, closing a hole that the researcher who discovered it…
Read More →
December 8, 2016
How Account Takeovers Threaten Bank Security
There are many different kinds of attackers in the cybercrime ecosystem, and they each carry their own motivations and tactics. Some groups are politically motivated, while others are in it strictly for fun and games. But for fraudsters who target banks, insurance companies, and other financial institutions, the goal is one thing: money, and lots…
Read More →
December 8, 2016
Zeus Offspring Floki Bot Infecting PoS Systems
Malware gangs, like sad wedding bands, love to play the hits. And one of the hits they keep running back over and over is the Zeus banking Trojan, which has been in use for many years in a number of different forms. Researchers have unearthed a new piece of malware called Floki Bot that is…
Read More →
December 7, 2016
New Mirai Variant Infecting Home Routers
A new variant of the Mirai malware that has been wreaking havoc on IoT devices is now being used to infect home routers installed by TalkTalk in the U.K. The malware is exploiting a vulnerability to install itself on the router and then attackers are using the infected devices in DDoS attacks. Researchers at Imperva…
Read More →
December 7, 2016
Flash Bugs Dominate Exploit Kit Landscape
Vulnerabilities in Flash and Internet Explorer dominated the exploit kit landscape in the last year, with a high-profile bug in Flash being found in seven separate kits, new research shows. Exploit kits have long been a key tool in the arsenal of many attackers, from low-level gangs to highly organized cybercrime crews. Their attraction stems from…
Read More →
December 6, 2016
Researchers Find Backdoors in Sony IP Cameras
A long list of IP-enabled security cameras made by Sony contain backdoors in their firmware that can allow an attacker to run arbitrary code remotely on the devices and potentially opening them up for use in a botnet. The cameras affected by the vulnerabilities are surveillance cameras, mainly used in enterprises and retail settings and…
Read More →
December 2, 2016
Attackers Running Massive DDoS Floods on a Daily Schedule
The Mirai botnet has been responsible for several of the larger DDoS attacks ever recorded, and it continues to cause trouble for ISPs and large organizations around the world. But researchers say there’s now another botnet that’s being used in massive DDoS attacks that are appearing on a regular schedule every day. The new series…
Read More →
December 1, 2016
FBI, Europol Dismantle Avalanche Cybercrime Crew
A large group of law enforcement officials, security researchers, registrars, and others have dismantled a huge malware, phishing, and cybercrime network known as Avalanche, taking down more than 800,000 domains in the process. The operation, which was a collaborative effort by Europol, the FBI, German police, and security groups, resulted in five arrests and the…
Read More →
December 1, 2016
Mozilla Fixes Zero Day Used to Unmask Tor Users
Mozilla has released a patch for a critical remote code execution vulnerability in Firefox that is being used in active attacks to unmask users of the Tor Browser, which is based on Firefox. The vulnerability lies in the way that Firefox handles SVG animations and exploit code for the bug has been posted on a…
Read More →
December 1, 2016
Lieu Asks Congress to Examine Ransomware Problem
In the wake of the attack on San Francisco’s Muni transportation over the Thanksgiving weekend, a legislator from California is asking Congress to hold hearings on the ransomware problem and determine whether there are ways that the government can help address the issue in both government agencies and private businesses. Rep. Ted Lieu (D-Calif.) sent a…
Read More →