Monthly Archives: May 2016
Russian FindFace App Is The New Privacy Threat
Sainsbury's Bank Insurance Spam Scam Causes Confusion
Google Chrome Will Switch Off Flash Content By Default
Cybercrime on the rise as economic crime ‘goes digital’
Incidents of cybercrime are on the rise, with a new study from PwC reporting it as the “only economic crime to have registered an increase”.
The post Cybercrime on the rise as economic crime ‘goes digital’ appeared first on We Live Security.
Ukrainian Hacker Admits Stealing Corporate Press Releases for $30 Million Profit
A 28-year-old Ukrainian hacker has pleaded guilty in the United States to stealing unpublished news releases and using that non-public information in illegal trading to generate more than $30 Million (£20.8 Million) in illicit profits.
Vadym Iermolovych, 28, admitted Monday that he worked with two other Ukrainian hackers to hack into computer networks at PR Newswire, Marketwired and Business
Apple Patches DROWN, Lockscreen Bypass Vulnerability, With Latest Round of Updates
Apple on Monday rolled out a series of patches for nearly all of its operating systems, including fixes for March’s DROWN vulnerability in OS X and a lockscreen bypass vulnerability in iOS.
CVE-2016-0306
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.41, 8.0 before 8.0.0.13, and 8.5 before 8.5.5.10, when FIPS 140-2 is enabled, misconfigures TLS, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors.
CVE-2016-0323
The Auto-Scaling agent in Liberty for Java in IBM Bluemix before 2.7-20160321-1358 allows remote authenticated users to disable X.509 certificate validation, and consequently bypass an intended HTTPS trust-management feature, via unspecified vectors.
CVE-2016-3627
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.