An international effort between security organizations is needed to fight cybercrime, says the UK’s National Crime Agency.
The post UK’s NCA calls for global approach to cybercrime appeared first on We Live Security.
Monthly Archives: September 2015
D-Link Accidentally Leaks Private Code-Signing Keys
Private keys used to sign D-Link software were included in open-source firmware published by the company.
Intrusion At Ceph.com Makes Red Faces At Red Hat
Poker Players Targeted By Card-Watching Malware
Hacker Lexicon: A Guide To Ransomware
FBI Agent Urges Firms To Create Cyber Attack Plans
Bugzilla – Where Everyone Can Gain Access To Your Bugs
Just a couple of weeks ago we informed you in a blog post about Mozilla’s Bugzilla and how a hacker gainer access to a privileged account. Now the same thing could happen to you, if your organization uses Bugzilla as well as their email-based permissions.
The post Bugzilla – Where Everyone Can Gain Access To Your Bugs appeared first on Avira Blog.
Microsoft Security Bulletin Revision Increment For September, 2015
This bulletin summary lists one bulletin that has undergone a major revision increment for September, 2015.
The evolution of ransomware: From PC Cyborg to a service for sale
A look back at how ransomware – a type of malware used mostly for hijacking user data – has evolved from the days of PC Cyborg to today’s service for sale.
The post The evolution of ransomware: From PC Cyborg to a service for sale appeared first on We Live Security.
Windows CreateObjectTask TileUserBroker Privlege Escalation
The MicrosoftWindowsShellCreateObjectTask initializes a shell32 based ICreateObject COM server as local system. This is marked as being accessible from a normal user account so once created we can attach to it. The server only has one method, CreateObject which checks the CLSID against a list of known safe classes before allowing it to be instantiated. One of these classes is allows a user to set their account picture for the logon screen.