Researchers, EFF Sue US Government Over DMCA Restrictions
A top hardware hacker and a well-known academic security researcher are suing the United States federal government over section 1201 of the controversial Digital Millennium Copyright Act, which he claims “chills protected and noninfringing speech”. The suit, filed by hardware researcher Andrew Huang, cryptographer Matthew Green, and the EFF, challenges the legality of a specific position […]
ASN.1 Flaw Threatens Mobile Networks
UPDATED–Researchers have identified a serious flaw that could allow an attacker to compromise a number of different devices and networks, including telecommunications networks and mobile phones, as well as a number of other embedded devices. The vulnerability is in a specific compiler that’s used for software in several programming languages in a number of industries, including aviation, […]
Banking Trojan Lurks in Legitimate Software
Cybercriminals have been relying on the watering hole attack for many years as a consistent method for getting their malware onto victims’ machines. Recently, security researchers discovered that one group of attackers had compromised the site of a legitimate software company and found a way to insert their banking Trojan’s code into the company’s own downloader. The […]
Q&A: Donato Ferrante on the Ransomware Simulator
There are few threats that are as commanding as much attention right now as ransomware is. It infects thousands of PCs every day, generates millions of dollars for the attackers behind the campaigns, and there’s not clear solution to the problem on the horizon. To help enterprises understand the threat, researchers at NCC Group built […]
Apple Needs a Patch Schedule for iOS
Android users don’t have many things they can point to when it comes to security advantages over iPhone users. The iOS platform is considered significantly safer and more resistant to attack than Android, as are the devices. But when it comes to the patching schedule, if not the process, Google has it all over Apple. In […]
Google July Android Update Fixes Dozens of Bugs
Google has released a huge security update for Android that fixes dozens of vulnerabilities, including a number of critical flaws that allow remote code execution. In an unusual move, Google released two distinct sets of patches: July 1 and July 5. The July 5 level has many more fixes, and Google said it separated the […]
Eleanor OS X Backdoor Emerges
Researchers have discovered a new backdoor for Mac OS X that gives attackers essentially complete control over an infected machine. The malware is disguised as a common file converter utility and uses Tor for some communication functions. Known as Eleanor, the backdoor has a wide range of functionality, including the ability for the attacker to […]
CryptXXX Ransomware Racking Up Victims
A new variant of the CryptXXX ransomware has been found, and it includes a handful of new capabilities, such as function that prevents the use of free decryption tools. The CryptXXX family of ransomware may not be as well known as strains like TeslaCrypt or CryptoLocker, but it is having some success of its own. The […]
New Bart Ransomware Released By Locky Crew
Because the world definitely needed another nasty piece of ransomware, the attackers who created the Locky ransomware have produced a new variant known as Bart, which is targeting victims in the United States and demanding nearly $2,000 for the decryption key. Bart appears to be a rather close relative of Locky and uses an intermediate […]