Threatlist: IMAP-Based Attacks Compromising Accounts at ‘Unprecedented Scale’

Kapersky Labs - Thu, 14/03/2019 - 20:19
Attackers are increasingly targeting insecure legacy protocols, like IMAP, to avoid running into multi-factor authentication in password-spraying campaigns.
Categories: News

Zero-Days in Counter-Strike Client Used to Build Major Botnet

Kapersky Labs - Thu, 14/03/2019 - 19:43
A full 39 percent of Counter-Strike 1.6 game servers on Steam were found to be malicious.
Categories: News

Don't be a WordPress RCE-hole and patch up this XSS vuln, pronto

The Register - Thu, 14/03/2019 - 18:02
Not on 5.1.1? You should be

A newly revealed vuln in the open-source CMS WordPress allows an unauthenticated website attacker to remotely execute code – potentially letting naughty folk delete or edit blog posts.…

Categories: News

Cisco Patches Critical ‘Default Password’ Bug

Kapersky Labs - Thu, 14/03/2019 - 15:56
Vulnerability allows adversaries to access monitoring system used for gathering info on operating systems and hardware.
Categories: News

GlitchPOS Malware Appears to Steal Credit-Card Numbers

Kapersky Labs - Thu, 14/03/2019 - 15:33
A new malware targeting point of sale systems, GlitchPOS, has been spotted on a crimeware forum.
Categories: News

Protip: If you'd rather cyber-scoundrels didn't know the contents of your comp, don't apply for a Pakistani passport

The Register - Thu, 14/03/2019 - 14:36
Compromised government website slurps buttload of data about applicants

A Pakistani government website was compromised with a keylogger and other malware that hoovered up a whole host of information about people checking on their passport application status.…

Categories: News

Hackers cop a FILA thousands of UK card deets after slinking onto clothing brand's servers

The Register - Thu, 14/03/2019 - 14:00
Pesky JavaScript malware harvester strikes again

Sportswear brand FILA is the latest company to fall victim to the card-stealing JavaScript infection that menaced British Airways and Ticketmaster last year.…

Categories: News

Insider Threats Get Mean, Nasty and Very Personal

Kapersky Labs - Thu, 14/03/2019 - 12:27
Increasingly, attackers are targeting the most vulnerable people inside companies and exploiting their weaknesses.
Categories: News

What do sexy selfies, search warrants, tax files have in common? They've all been found on resold USB sticks

The Register - Thu, 14/03/2019 - 06:58
You do know just dragging stuff to the delete folder doesn't wipe stuff, right? Apparently not

About two-thirds of USB memory sticks bought secondhand in the US and UK have recoverable and sometimes sensitive data, and in one-fifth of the devices studied, the past owner could be identified.…

Categories: News

Thought you were done patching this week? Not if you're using an Intel-powered PC or server

The Register - Thu, 14/03/2019 - 00:51
Here comes Chipzilla with a big bunch of security fixes for graphics drivers, server and workstation firmware, and more

Hot on the heels of this month's security updates from Microsoft, Adobe, and SAP, Intel has kicked out a batch of its own bug patches.…

Categories: News

Purveyor of Cracked Netflix, Hulu, Spotify Accounts Arrested

Kapersky Labs - Wed, 13/03/2019 - 19:44
A Sydney man is accused of selling nearly 1 million compromised accounts, for a significant profit.
Categories: News

Just Android things: 150m phones, gadgets installed adware-ridden mobe simulator games

The Register - Wed, 13/03/2019 - 19:33
Devs may have been duped into using dodgy SDK

Android adware has managed to find its way into as many as 150 million devices – after it was stashed inside a large number of those bizarre viral “mundane job simulator” games, we're told.…

Categories: News

Intel Windows 10 Graphics Drivers Riddled With Flaws

Kapersky Labs - Wed, 13/03/2019 - 18:29
Intel has patched several high-severity vulnerabilities in its graphics drivers for Windows 10, which could lead to code execution.
Categories: News

Open-source 64-ish-bit serial number gen snafu sparks TLS security cert revoke runaround

The Register - Wed, 13/03/2019 - 18:12
64 bits of cert ID on the wall, 64 bits of ID. Take the top bit down, don't pass it around, 63 bits of cert ID on the wall...

A bunfight over a controversial UAE mobile security company led to the discovery that millions of TLS security certificates have been improperly issued – thanks to a dodgy default configuration in popular certificate authority (CA) management software.…

Categories: News

MAGA ‘Safe Space’ App Developer Threatens Security Researcher

Kapersky Labs - Wed, 13/03/2019 - 15:58
The mobile app, dubbed a "Yelp for Conservatives," was found with an open API leaking reams of user data.
Categories: News

Three Ways DNS is Weaponized and How to Mitigate the Risk

Kapersky Labs - Wed, 13/03/2019 - 15:23
Why are hackers using the DNS infrastructure against us? The answer is more complex than you might think.
Categories: News

Threat Groups SandCat, FruityArmor Exploiting Microsoft Win32k Flaw

Kapersky Labs - Wed, 13/03/2019 - 14:15
Newly patched CVE-2019-0797 is being actively exploited by two APTs, FruityArmor and SandCat.
Categories: News

This is the Send, encrypted end-to-end, this is the Send, my Mozillan friend

The Register - Wed, 13/03/2019 - 06:38
Ride the fox, ride the fox

Mozilla's Firefox Send, a free encrypted file sharing service, graduated from test to official release on Tuesday after a year and half of refinement.…

Categories: News

Microsoft changes DHCP to 'Dammit! Hacked! Compromised! Pwned!' Big bunch of security fixes land for Windows

The Register - Tue, 12/03/2019 - 23:13
DHCP client has trio of remote-code exec vulns – plus SAP, Adobe issue updates

Patch Tuesday  It's the second Tuesday of the month, and you know what that means: a fresh dump of security fixes from Microsoft, Adobe and others.…

Categories: News

Federal Focus on Cyber Plays Out in President’s Budget, IoT Legislation

Kapersky Labs - Tue, 12/03/2019 - 21:05
Money earmarked for the Defense Department and DHS, and bipartisan bills to address the security of federal IoT devices, showcase growing federal cyber-efforts.
Categories: News


Subscribe to Sec Tec Limited aggregator - News