In my ongoing blog series “Hacker Mindset,” I’ll explore an attacker’s assumptions, methods and theory, including how information security professionals can apply this knowledge to increase cyber-vigilance on the systems and networks they steward.
Sometimes we get so focused on protecting our IT infrastructures, we forget that our families are just as susceptible.
Check Point today disclosed details about a set of four vulnerabilities affecting 900 million Android smartphones and tablets that use Qualcomm® chipsets. The Check Point mobile threat research team, which calls the set of vulnerabilities QuadRooter, presented its findings in a session at DEF CON 24 in Las Vegas.
The new Trojan can be used to steal information and passwords from compromised computers.
Two unpatched vulnerabilities in BMW's ConnectedDrive web portal create a mechanism to manipulate car settings, a security researcher warns.
Popular US food chain Wendy's has been hit by a massive cyber attack, the company has confirmed.
SOCIAL NETWORK Facebook, a firm not usually commended for its privacy-aware efforts, has revealed that it's started to test end-to-end encryption on the Messenger service.
JS/TrojanDownloader.FakejQuery.A is a trojan that redirects the browser to a specific URL location with malicious software.
Win32/Filecoder.CryptProjectXXX.E is a trojan that encrypts files on fixed, removable and network drives.
MSIL/Agent.OJF is a trojan that redirects results of online search engines to specific web sites.
CVE-2017-9303: Laravel 5.4.x before 5.4.22 does not properly constrain the host portion of a password-reset URL, which makes it easier for remote attackers to conduct phishing attacks by specifying an attacker-controlled host.
CVE-2017-9302: RealPlayer 18.104.22.168 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp4 file.
CVE-2017-9301: plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file.
CVE-2017-9300: plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file.