Viry a Červi

Malware, Sir? Jenkins ‘software butler’ tool gets many security fixes

Sophos Naked Security - 12 Duben, 2017 - 15:06
You patched the operarting system, you patched your apps, but did you patch your plugins?

Gordon Ramsay's in-laws admit plot to hack sweary celeb chef's biz

The Register - Anti-Virus - 12 Duben, 2017 - 14:35

Gordon Ramsay's father-in-law has admitted conspiring to hack into the computer systems of businesses run by the celebrity chef.…

Kategorie: Viry a Červi

Google boosts verification after wave of Maps fake listings fraud

Sophos Naked Security - 12 Duben, 2017 - 13:36
Just as platforms are turning to humans to verify news stories, verification procedures for business listings now seem to be heading in the same direction

Prisoners built two PCs from parts, hid them in ceiling, connected to the state's network and did cybershenanigans

The Register - Anti-Virus - 12 Duben, 2017 - 13:35
And they would have got away with it too, but for... Websense

We are impressed by five prisoners in the US who built two personal computers from parts, hid them behind a plywood board in the ceiling of a closet, and then connected those computers to the Ohio Department of Rehabilitation and Correction's (ODRC) network to engage in cybershenanigans.…

Kategorie: Viry a Červi

UK boffins steal smartmobe PINs with motion sensors

The Register - Anti-Virus - 12 Duben, 2017 - 08:27
W3C API exposes sensors, so attackers only need JavaScript to follow your fingers

Updated with Apple fix  The World Wide Web Consortium might want to take another look at its habit of exposing too much stuff to application interfaces: a UK researcher has demonstrated a JavaScript app can spy on smartphone sensors to guess the codes users employ to unlock the devices.…

Kategorie: Viry a Červi

TCP/IP headers leak info about what you're watching on Netflix

The Register - Anti-Virus - 12 Duben, 2017 - 07:29
Not even HTTPS can hide your secret Gilmore Girls fetish

An infosec educator from the United States Military Academy at West Point has taken a look at Netflix's HTTPS implementation, and reckons all he needs to know what programs you like is a bit of passive traffic capture.…

Kategorie: Viry a Červi

DARPA seeks SSITH lords to keep hardware from the Dark Side

The Register - Anti-Virus - 12 Duben, 2017 - 06:31
'Make chips secure', because nobody's thought of that before

America's Defense Advanced Research Project Agency reckons too many vulnerabilities arise from hardware design errors, so it wants experts and boffins to propose better hardware-level security mechanisms.…

Kategorie: Viry a Červi

Systems-on-a-chip are a huge, unaudited attack surface, says Project Zero's Wi‑Fi attack man

The Register - Anti-Virus - 12 Duben, 2017 - 03:03
What goes on when chip components chat? Nobody cares. But they should

The internal inter-chip communications of devices like smartphones are a “huge, mostly unaudited attack surface,” according to Gal Beniamini of Google’s Project Zero, in his promised follow-up to last week’s demonstration of how to attack Wi‑Fi chips over the air.…

Kategorie: Viry a Červi

Cowardly Microsoft buries critical Hyper-V, WordPad, Office, Outlook, etc security patches in normal fixes

The Register - Anti-Virus - 12 Duben, 2017 - 01:24
Patch Tuesday shakeup sucks

Microsoft today buried among minor bug fixes patches for critical security flaws that can be exploited by attackers to hijack vulnerable computers.…

Kategorie: Viry a Červi

Microsoft Patches Three Vulnerabilities Under Attack - 12 Duben, 2017 - 00:19
Microsoft Patch Tuesday fixes 45 vulnerabilities, one being an active zero-day bug used to spread the Dridex banking Trojan.
Kategorie: Viry a Červi

Microsoft patches Word zero-day booby-trap exploit

Sophos Naked Security - 11 Duben, 2017 - 23:31
All versions of Office on all versions of Windows are vulnerable to this zero-day that spreads malware, so make sure you patch quickly

Software dev cuffed for 'nicking proprietary financial trading code'

The Register - Anti-Virus - 11 Duben, 2017 - 22:34
Claims he was scared about losing his job

FBI agents have collared a devops engineer accused of stealing rifling through colleagues' user accounts and stealing proprietary stock trading software.…

Kategorie: Viry a Červi

Adobe Patches 59 Vulnerabilities Across Flash, Reader, Photoshop - 11 Duben, 2017 - 20:58
Adobe patched 59 vulnerabilities across five different products, including Flash Player, Acrobat/Reader, Photoshop, Adobe Campaign, and its Adobe Creative Cloud App on Tuesday.
Kategorie: Viry a Červi

Microsoft Patches Word Zero-Day Spreading Dridex Malware - 11 Duben, 2017 - 20:41
A Microsoft Word zero-day vulnerability is being used to spread the Dridex banking Trojan in attacks that have bypassed mitigation efforts.
Kategorie: Viry a Červi

News in brief: Macron vows encryption crackdown; mobile calls on planes ruled out; AI wins at poker

Sophos Naked Security - 11 Duben, 2017 - 19:49
Your daily round-up of some of the other stories in the news

Spammer’s Arrest Puts End to Kelihos Botnet - 11 Duben, 2017 - 19:43
Notorious spammer Peter Levashov was arrested over the weekend; Levashov is the alleged botmaster behind the Kelihos botnet.
Kategorie: Viry a Červi

Attackers using a Word zero-day to spread malware

Sophos Naked Security - 11 Duben, 2017 - 18:06
Microsoft expected to patch the vulnerability later today, but meanwhile, here's what we know and what you can do to protect yourself

Homes raided in North West over data thefts from car body repair shops

The Register - Anti-Virus - 11 Duben, 2017 - 17:01
ICO and cops storm homes in Macclesfield and Droylsden

Two properties in the North West of England were raided this morning as part of an ongoing investigation into nuisance calls related to data thefts from car body repair shops.…

Kategorie: Viry a Červi

Nothing is certain except death, taxes – and tax scams, phishing and ransomware

Sophos Naked Security - 11 Duben, 2017 - 16:46
It's the time of year when criminals turn their attention to honest taxpayers - here's our advice on what to look out for to avoid falling victim to their scams

Pwned at the factory: attackers think outside the box

Sophos Naked Security - 11 Duben, 2017 - 16:24
There are steps you can take to avoid ending up with a device that's been compromised even before you've started up your new phone, but nothing can guarantee you'll get a clean device
Syndikovat obsah