News
13 CRITICAL REMOTE CODE EXECUTION BUGS FIXED IN SEPTEMBER ANDROID UPDATE
The most concerning vulnerabilities, as usual, concern Media Framework, Android’s lightweight media player. The framework includes the MediaServer, AudioServer, CameraServer, and ExtractorService ...
Xero-Spoofing Phishing Campaign Spreads Dridex Globally
A sophisticated phishing campaign is making the rounds, targeting victims by sending spoofed email messages appearing to come from Xero. If fooled, victims find themselves dealing with a banking ...
Android Toast Flaw Can Burn Users with Malware, DoS and Info-Theft
A vulnerability in the Android platform has been uncovered that could be used to take control of devices, lock them and/or steal information.
Trend Micro Blocks 38 Billion Threats in 1H 2017
The first half of the year saw a continued surge in ransomware, Business Email Compromise (BEC) and other threats, with Trend Micro blocking over 38 billion during the period, it claimed in a new ...
Average Company Subjected to Hundreds of Daily Web App Attacks
The average number of attacks against any company’s set of web applications is staggering: They range from 300 to 800 per day—and never fall below 140.
Spammers Get to Work: Tuesday is Prime Time
All in a week’s work: According to new research from IBM X-Force, Tuesday is the biggest day for spam.
Office 365 Campaign Attacks Companies from Within
Microsoft Office 365, which has more than 100 million monthly active subscribers—is the target of a widespread credential-harvesting campaign, where attackers attempt to steal logins and ultimately ...
Crypto-Ransomware Targets 20 Million Inboxes
Security researchers are warning of another major crypto-ransomware campaign which has so far been observed attacking 20 million user inboxes.
CyberSecurity Malaysia sounds 'trust and transparency' note at OIC-CERT AGM
National infosecurity agency CyberSecurity Malaysia has reconfirmed OIC-CERT's commitment to 'trust and transparency' at the 8th AGM and annual conference 2016 held recently in Saudi Arabia.
Hacker Mindset: SANS NetWars & Tools of the Trade
In my ongoing blog series “Hacker Mindset,” I’ll explore an attacker’s assumptions, methods and theory, including how information security professionals can apply this knowledge to increase ...
BSidesLV 2016: Mobile App Attack
Mobile devices are rapidly becoming the primary need of any user. Ease of use, portability, user-friendly GUI, robust computing, a wide variety of applications… all of these features makes a mobile ...
Social Media, Security and the Family
Sometimes we get so focused on protecting our IT infrastructures, we forget that our families are just as susceptible.