Viry a Červi

Arm rages against the insecure chip machine with new Morello architecture

The Register - Anti-Virus - 1 hodina 26 min zpět
Prototypes now available for testing

Arm has made available for testing prototypes of its Morello architecture, aimed at bringing features into the design of CPUs that provide greater robustness and make them resistant to certain attack vectors. If it performs as expected, it will likely become a fundamental part of future processor designs.…

Kategorie: Viry a Červi

20K WordPress Sites Exposed by Insecure Plugin REST-API

VirusList.com - 1 hodina 28 min zpět
The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS.
Kategorie: Viry a Červi

McAfee Bug Can Be Exploited to Gain Windows SYSTEM Privileges

VirusList.com - 2 hodiny 34 min zpět
McAfee has patched two high-severity bugs in its Agent component, one of which can allow attackers to achieve arbitrary code execution with SYSTEM privileges.
Kategorie: Viry a Červi

Cryptocoin broker Crypto.com says 2FA bypass led to $35m theft

Sophos Naked Security - 3 hodiny 22 min zpět
The company has put out a brief security report that summarises the 'what', but not yet the 'how' or 'why'.

Spyware Blitzes Compromise, Cannibalize ICS Networks

VirusList.com - 5 hodin 37 min zpět
The brief spearphishing campaigns spread malware and use compromised networks to steal credentials that can be sold or used to commit financial fraud.
Kategorie: Viry a Červi

Why should I pay for that security option? Hijacking only happens to planes

The Register - Anti-Virus - 11 hodin 17 min zpět
But if I give him my bank details, I'll be rich!

On Call  Friday is here. We'd suggest an adult beverage or two to celebrate, but only if you BYOB. While you fill your suitcase, may we present an episode of On Call in which a reader saves his boss from a dunking.…

Kategorie: Viry a Červi

UK, Australia, to build 'network of liberty that will deter cyber attacks before they happen'

The Register - Anti-Virus - 11 hodin 45 min zpět
Enhanced 'Cyber and Critical Technology Partnership' will transport crime to harsh penal regime on the other side of the world

The United Kingdom and Australia have signed a Cyber and Critical Technology Partnership that will, among other things, transport criminals to a harsh penal regime on the other side of the world.…

Kategorie: Viry a Červi

Japan's Supreme Court rules cryptojacking scripts are not malware

The Register - Anti-Virus - 12 hodin 49 min zpět
Coinhive-slinger wins on appeal

A man found guilty of using the Coinhive cryptojacking script to mine Monero on users' PCs while they browsed the web has been cleared by Japan's Supreme Court on the grounds that crypto mining software is not malware.…

Kategorie: Viry a Červi

Russia's Putin out the idea of a broad cryptocurrency ban

The Register - Anti-Virus - 14 hodin 50 min zpět
Central bank worries that block-bucks reduce government control and are used by crims

Russia has floated the prospect of Putin a ban on cryptocurrencies.…

Kategorie: Viry a Červi

2FA Bypassed in $34.6M Crypto.com Heist: What We Can Learn

VirusList.com - 20 hodin 33 min zpět
In a display of 2FA's fallibility, unauthorized transactions approved without users' authentication bled 483 accounts of funds.
Kategorie: Viry a Červi

Crypto.com now says someone tried to drain $34m from hundreds of accounts

The Register - Anti-Virus - 20 Leden, 2022 - 23:29
Won't reveal net loss, says it stopped some withdrawals and has reimbursed those who had funds taken

Crypto.com on Thursday said in a roundabout way that an unidentified person stole or attempted to steal as much as $34m in cryptocurrency from customer accounts.…

Kategorie: Viry a Červi

For those worried about Microsoft's Pluton TPM chip: Lenovo won't even switch it on by default in latest ThinkPads

The Register - Anti-Virus - 20 Leden, 2022 - 21:44
Folks can enable or disable it, install Linux as normal. Just sayin'

PCs coming out this year with Microsoft's integrated Pluton security chip won't be locked down to Windows 11, and users will have the option to turn off the feature completely as well as install, say, Linux as normal, we understand.…

Kategorie: Viry a Červi

Critical Cisco StarOS Bug Grants Root Access via Debug Mode

VirusList.com - 20 Leden, 2022 - 20:35
Cisco issued a critical fix for a flaw in its Cisco RCM for Cisco StarOS Software that could give attackers RCE on the application with root-level privileges.
Kategorie: Viry a Červi

Microsoft: Attackers Tried to Login to SolarWinds Serv-U Via Log4j Bug

VirusList.com - 20 Leden, 2022 - 19:39
UPDATE: SolarWinds has fixed a Serv-U bug discovered when attackers used the Log4j flaw to try to log in to the file-sharing software.
Kategorie: Viry a Červi

UK mulls making MSPs subject to mandatory security standards where they provide critical infrastructure

The Register - Anti-Virus - 20 Leden, 2022 - 18:15
And to pay for the privilege. Consultation's open, though

Small and medium-sized managed service providers (MSPs) could find themselves subject to the Network and Information Systems Regulations under government plans to tighten cybersecurity laws – and have got three months to object to the tax hikes that will follow.…

Kategorie: Viry a Červi

Pervasive Apple Safari Bug Exposes Web-Browsing Data, Google IDs

VirusList.com - 20 Leden, 2022 - 17:50
The information-disclosure issue, affecting Macs, iPhones and iPads, allows a snooping website to find out information about other tabs a user might have open.
Kategorie: Viry a Červi

Red Cross Begs Attackers Not to Leak Stolen Data for 515K People

VirusList.com - 20 Leden, 2022 - 16:49
A cyberattack forced the Red Cross to shut down IT systems running the Restoring Family Links system, which reunites families fractured by war, disaster or migration.
Kategorie: Viry a Červi

Privacy is for paedophiles, UK government seems to be saying while spending £500k demonising online chat encryption

The Register - Anti-Virus - 20 Leden, 2022 - 16:06
So far we've got a pisspoor video and... er, that's it

Opinion  The British government's PR campaign to destroy popular support for end-to-end encryption on messaging platforms has kicked off, under the handle "No Place To Hide", and it's as broad as any previous attack on the safety-guaranteeing technology.…

Kategorie: Viry a Červi

'Now' would be the right time to patch Ubuntu container hosts and ditch 21.04 thanks to heap buffer overflow bug

The Register - Anti-Virus - 20 Leden, 2022 - 15:38
Red Hat agrees

The CVE-2022-0185 vulnerability in Ubuntu is severe enough that Red Hat is also advising immediate patching.…

Kategorie: Viry a Červi
Syndikovat obsah