The First Stop For Security News
Aktualizace: 32 min 1 sek zpět
An Android app that falsely claimed to be a tool for keeping smartphones up-to-date with the latest version of the OS was found surreptitiously tracking the physical location of it users using spyware called SMSVova.
Microsoft fixed a bug in Skype last month that could have allowed an attacker to execute code on the system it was running on, phish Skype credentials and crash the application.
Last Friday's ShadowBrokers dump, Microsoft ditching passwords, and a new car dongle hack are all discussed.
Google asked for MLAT reform, and released its biannual Transparency Report revealing it received a record number of government requests for user data.
A white hat hacker is believed responsible for the Hajime IoT botnet because its main objective appears to be to secure IoT devices vulnerable to the notorious Mirai malware.
Google fixed a vulnerability that could've let an attacker carry out phishing attacks with Unicode domains in Chrome but Mozilla is holding off - for now.
Researchers say more than 100,000 Linksys routers in use today could be vulnerable to 10 flaws found in 20 separate router models made by the company.
Endpoints are still encountering exploits for the LNK vulnerability, one of the principal infection mechanisms used by the Stuxnet worm.
Drupal released a point update for its core engine to patch a critical access bypass vulnerability.
Microsoft announced this week its giving users a new way to sign into their accounts without long and complicated passwords.
Two vulnerabilities were identified in Bosch’s Drivelog Connect OBD-II dongle and smartphone app that allowed researchers to shut off the engine of a vehicle.
Oracle released a record 299 patches, including a fix for a Solaris vulnerability disclosed by the ShadowBrokers, and another for the recently disclosed Apache Struts 2 flaw.
InterContinental Hotels Group said on Friday that it found malware designed to access payment card data at more than 1,000 of its hotels.
At F8 today, Facebook released SDKs and documentation for the integration of Delegated Account Recovery into Java, NodeJS and Ruby applications.
A new ransomware-as-a-service called Karmen appeals to ransomware newbies with a low price, easy setup and developer updates.
A rash of Java-based remote access Trojans is targeting tax filers with bogus IRS attachments.
Microsoft eased some anxiety over the latest ShadowBrokers dump of Windows zero days with news most of the vulnerabilities had already been patched.
VMware patched a critical vulnerability in its vCenter Server platform late last week that could have let an attacker execute arbitrary code in some scenarios.
The latest ShadowBrokers dump includes exploits that allowed the NSA to target SWIFT data managed by outsourced service bureaus in the Middle East.
At the Kaspersky Lab Security Analyst Summit, Android Security Team malware analyst Elena Kovakina explained Google’s strategy for countering ransomware on Android.