Viry a Červi

Keybase adds end-to-end encryption to messages on the web

Sophos Naked Security - 31 Květen, 2017 - 17:11
Chrome extension means that users can send encrypted messages on services such as Twitter, Facebook and Reddit that have enabled Keybase

UK council fined £150k for publishing traveller family's personal data

The Register - Anti-Virus - 31 Květen, 2017 - 17:08
Medical details exposed in online planning application

An Essex council has been fined £150,000 for publishing highly sensitive personal data, including medical information, of a traveller family via online planning documents.…

Kategorie: Viry a Červi

Plastic surgery patients face extortion in wake of clinic data breach

The Register - Anti-Virus - 31 Květen, 2017 - 16:05
Nip/tuck hack

Thousands of private photos have been leaked by cybercriminals following the hack of a Lithuanian cosmetic surgery clinic.…

Kategorie: Viry a Červi

Privacy Issue Fixed in Yopify Ecommerce Notification Plugin

VirusList.com - 31 Květen, 2017 - 15:05
Ecommerce sites using the Yopify plugin were leaking customers’ names, locations and purchases.
Kategorie: Viry a Červi

Chrome bug that lets sites secretly record you ‘not a flaw’, insists Google

Sophos Naked Security - 31 Květen, 2017 - 12:59
Definitely not a security issue, says Google, as it moves to address flaw that could have you inadvertently starring in someone else's movie

UK surveillance law raises concerns security researchers could be 'deputised' by the state

The Register - Anti-Virus - 31 Květen, 2017 - 12:51
Could govt press-gang you into 'helping'?

Provision in the UK's controversial surveillance laws create a potential means for the UK government to press-gang "any" UK computer expert into working with GCHQ. Computer scientists and researchers are concerned about the provision - even though the consensus is that it is unlikely to be applied in practice because it would damage wider co-operation.…

Kategorie: Viry a Červi

WannaCrypt: Pwnage is a fact of life but cleanup could and should be way easier

The Register - Anti-Virus - 31 Květen, 2017 - 10:03
Shame on you for not going back in time

Comment  WannaCry is Microsoft's fault. Microsoft, of course, blames the victims and system administrators get fired. But every one of us is to blame because we refuse to force our governments to hold software-makers to account.…

Kategorie: Viry a Červi

Windows XP crashed too much to spread WannaCrypt

The Register - Anti-Virus - 31 Květen, 2017 - 09:00
What a time to be alive: the BSOD has become a useful feature

Yes, WannaCrypt can infect all those machines that still run Windows XP, but because XP is so flaky the zombie boxen are unlikely to have contributed much to the spread of the worm.…

Kategorie: Viry a Červi

Android apps punched out by Judy malware

The Register - Anti-Virus - 31 Květen, 2017 - 01:44
More than 36 million users feared infected

As many as 36.5 million Android users may have been infected by advertising fraud malware that could have been lurking in Google Play Store for years.…

Kategorie: Viry a Červi

NORK spy agency blamed for Bangladesh cyberheist, Sony Pictures hack

The Register - Anti-Virus - 30 Květen, 2017 - 21:18
Group-IB IDs Lazarus Group

A fresh analysis, from a slightly different perspective, once again fingered North Korea as the likely culprit behind hacks against Sony Pictures and the $81m heist from an account held by the Central Bank of Bangladesh.…

Kategorie: Viry a Červi

FreeRADIUS Update Resolves Authentication Bypass

VirusList.com - 30 Květen, 2017 - 20:39
Developers behind FreeRADIUS, an open source implementation of the networking protocol RADIUS, are encouraging users to update to address an authentication bypass found in the server.
Kategorie: Viry a Červi

News in brief: no laptop ban from EU for now; China warns on new laws; bug bounty scheme for DHS

Sophos Naked Security - 30 Květen, 2017 - 19:55
Your daily round-up of some of the other stories in the news

Shadow Brokers double down on zero-day subscription service

Sophos Naked Security - 30 Květen, 2017 - 19:13
Should you dive in and help with the crowdfunding move to access the data they claim they have? It's not what we'd advise - but what do you think?

ShadowBrokers Put Price on Monthly Zero Day Leaks

VirusList.com - 30 Květen, 2017 - 17:47
The ShadowBrokers announced details on how to subscribe to its Monthly Dump Service, which is available for 100 Zcash.
Kategorie: Viry a Červi

Security of medical devices ‘is a life or death issue’, warns researcher

Sophos Naked Security - 30 Květen, 2017 - 16:40
Concern rises as one study finds more than 8,000 vulnerabilities in seven pacemakers while another highlights wider issues in medical devices

Shadow Brokers lay out pitch – and name price – for monthly zero-day subscription service

The Register - Anti-Virus - 30 Květen, 2017 - 14:32
$21k lucky dip for exploits

Shadow Brokers, the group that leaked stolen NSA hacking tools including the vulnerability that proved key to the WannaCrypt outbreak, has launched a new exploit subscription service.…

Kategorie: Viry a Červi

Why you should avoid Star Hop and Candy Link in Google Play

Sophos Naked Security - 30 Květen, 2017 - 13:58
Both games look harmless enough, but they contain a payload that ensures you'll be hammered with spam

VB2016 video: Last-minute paper: Malicious proxy auto-configs: an easy way to harvest banking credentials

Virus Bulletin News - 30 Květen, 2017 - 12:56
In a VB2016 last-minute presentation, Jaromír Horejší and Jan Širmer looked at Retefe, a trojan that has targeted banks in several European countries and used malicious proxy auto-config filesto redirect users' traffic to a server controlled by the attackers. A recording of their presentation is now available to view on our YouTube channel.

Read more
Kategorie: Viry a Červi

Tuesday review – the hot 24 stories of the week

Sophos Naked Security - 30 Květen, 2017 - 11:24
Welcome back after the holiday weekend! Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.

Popular RADIUS server exploitable with TLS session caching

The Register - Anti-Virus - 30 Květen, 2017 - 01:34
'Inner authentication' has bad karma, allows strangers to log in without credentials

Sysadmins with FreeRADIUS – the most widely deployed Remote Authentication Dial-In User Service server – in their boxen need to run an upgrade because there's a bug in its TTLS and PEAP implementations.…

Kategorie: Viry a Červi
Syndikovat obsah