In my ongoing blog series “Hacker Mindset,” I’ll explore an attacker’s assumptions, methods and theory, including how information security professionals can apply this knowledge to increase cyber-vigilance on the systems and networks they steward.More
Sometimes we get so focused on protecting our IT infrastructures, we forget that our families are just as susceptible.More
Check Point today disclosed details about a set of four vulnerabilities affecting 900 million Android smartphones and tablets that use Qualcomm® chipsets. The Check Point mobile threat research team, which calls the set of vulnerabilities QuadRooter, presented its findings in a session at DEF CON 24 in Las Vegas.More
The new Trojan can be used to steal information and passwords from compromised computers.More
Two unpatched vulnerabilities in BMW's ConnectedDrive web portal create a mechanism to manipulate car settings, a security researcher warns.
Popular US food chain Wendy's has been hit by a massive cyber attack, the company has confirmed.
SOCIAL NETWORK Facebook, a firm not usually commended for its privacy-aware efforts, has revealed that it's started to test end-to-end encryption on the Messenger service.
A total of 105 credit card fraud suspects have been arrested in Asia and Europe following a complex months-long investigation across two continents.
SECURITY OUTFIT Symantec has warned customers that security flaws in the firm's systems outed by Google's Project Zero last month won't be fixed until mid-July.
JS/TrojanDownloader.FakejQuery.A is a trojan that redirects the browser to a specific URL location with malicious software.
Win32/Filecoder.CryptProjectXXX.E is a trojan that encrypts files on fixed, removable and network drives.
MSIL/Agent.OJF is a trojan that redirects results of online search engines to specific web sites.
CVE-2017-9303: Laravel 5.4.x before 5.4.22 does not properly constrain the host portion of a password-reset URL, which makes it easier for remote attackers to conduct phishing attacks by specifying an attacker-controlled host.
CVE-2017-9302: RealPlayer 184.108.40.206 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp4 file.
CVE-2017-9301: plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file.
CVE-2017-9300: plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file.