Viry a Červi

Fortnite Hacked Via Insecure Single Sign-On

VirusList.com - 16 Leden, 2019 - 17:16
Leaky Fortnite single sign-on mechanism could have allowed hackers to access game accounts.
Kategorie: Viry a Červi

Magecart Returns with Advertising Library Tactic

VirusList.com - 16 Leden, 2019 - 16:11
The threat group also has a new subsidiary, Magecart Group 12.
Kategorie: Viry a Červi

Epic's Fortnite fail: Ancient UT2004 server used for login-stealing proof-of-concept

The Register - Anti-Virus - 16 Leden, 2019 - 15:13
A tale of XSS, SQL injection and OAuth implementation

Crafty infosec bods exploited XSS vulns on dusty corners of Epic Games’ web infrastructure to steal Fortnite gamers’ login tokens and compromise their accounts – using a genuine Epic Games URL to phish their marks.…

Kategorie: Viry a Červi

VOIPO Database Exposes Millions of Texts, Call Logs

VirusList.com - 16 Leden, 2019 - 15:00
VOIPO acknowledged that a development server had been accidentally left publicly accessible, and took the server offline.
Kategorie: Viry a Červi

Microsoft sends a raft of Windows 10 patches out into the Windows Update ocean

The Register - Anti-Virus - 16 Leden, 2019 - 14:35
Whoa - is that an Access 97 iceberg dead ahead?

Microsoft has released a second raft of fixes for Windows 10 following the monthly Patch Tuesday excitement last week. It has also issued some fixes for its latest Windows Insider build.…

Kategorie: Viry a Červi

Are you sure those WhatsApp messages are meant for you?

Sophos Naked Security - 16 Leden, 2019 - 13:26
Abby Fuller got a shock when she logged into WhatsApp using a new telephone number. She found someone else’s messages waiting for her.

Intel patches another security flaw in SGX technology

Sophos Naked Security - 16 Leden, 2019 - 13:19
Of the six advisories Intel released last week, the most interesting is a flaw discovered in the company’s Software Guard Extensions (SGX).

Beware buying Fortnite’s V-Bucks, you could be funding organised crime

Sophos Naked Security - 16 Leden, 2019 - 12:50
Credit card thieves are laundering money by purchasing the in-game currency V-Bucks, then selling it back at a discount to players.

Feds can’t force you to unlock your phone with finger or face, says judge

Sophos Naked Security - 16 Leden, 2019 - 12:02
The landmark decision asserts the same legal protection for biometrics that we're given for passcodes.

EDGAR Wrong: Ukrainians hacked SEC, stole docs for inside trading, says Uncle Sam

The Register - Anti-Virus - 16 Leden, 2019 - 00:55
Crooks banked $270,000 in just one move, it is claimed

A pair of Ukranian hackers broke into America's financial watchdog to swipe insider info for stock traders, it is claimed.…

Kategorie: Viry a Červi

IDenticard Zero-Days Allow Corporate Building Access, Location Recon

VirusList.com - 15 Leden, 2019 - 23:43
Multiple hardcoded passwords allow attackers to create badges to gain building entry, access video surveillance feeds, manipulate databases and more.
Kategorie: Viry a Červi

'It's like they took a rug and covered it up': Flight booking web app used by scores of airlines still vuln to attack – claim

The Register - Anti-Virus - 15 Leden, 2019 - 23:26
Security hole can still be exploited to tamper with journeys, warn infosec bods

Exclusive  A security hole in a widely used airline reservation system remains open to exploit, allowing miscreants to edit strangers' travel details online, The Register has learned. A fix to close the vulnerability was incomplete, and thus ineffective, it is claimed.…

Kategorie: Viry a Červi

Data Breach Roundup: U.S. Healthcare, Cryptopia, SingHealth and Experian

VirusList.com - 15 Leden, 2019 - 22:44
January is off to a running start on the data breach front, while Experian is predicting new attack frontiers ahead.
Kategorie: Viry a Červi

Judge: Law Enforcement Can’t Force Suspects to Unlock iPhones with FaceID

VirusList.com - 15 Leden, 2019 - 19:53
A ruling found that coercing suspects to open their phones using biometrics violates the fourth and fifth amendments.
Kategorie: Viry a Červi

ThreatList: $1.7M is the Average Cost of a Cyber-Attack

VirusList.com - 15 Leden, 2019 - 19:38
Brand damage, loss of productivity, falling stock prices and more contribute to significant business impacts in the wake of a breach.
Kategorie: Viry a Červi

Yes, you can remotely hack factory, building site cranes. Wait, what?

The Register - Anti-Virus - 15 Leden, 2019 - 17:36
Authentication is simply AWOL for remote RF control equipment, says Trend Micro

Did you know that the manufacturing and construction industries use radio-frequency remote controllers to operate cranes, drilling rigs, and other heavy machinery? Doesn't matter: they're alarmingly vulnerable to being hacked, according to Trend Micro.…

Kategorie: Viry a Červi

Windows 7 users get fix for latest updating woe

Sophos Naked Security - 15 Leden, 2019 - 13:31
Microsoft has vexed its Windows 7 users with a misbehaving update that caused licensing and networking errors.

Blockchain burglar returns some of $1m crypto-swag

Sophos Naked Security - 15 Leden, 2019 - 13:10
In an interesting move for villainy, a thief who stole over $1 million from the Ethereum Classic blockchain has given some of it back.

Facebook to start fact-checking fake news in the UK

Sophos Naked Security - 15 Leden, 2019 - 12:45
Facebook's relying on demotion instead of removal, so users will still be able to share content, even if Full Fact rates it inaccurate.

Is fake-news sharing driven by age, not politics?

Sophos Naked Security - 15 Leden, 2019 - 12:32
Researchers say people over 65 are seven times more likely to share fake news than 18 to 29-year-olds.
Syndikovat obsah