The top cybersecurity officials in the United States on Wednesday said that China is harming the potential for an open Internet through its policies of censorship, and also said the country’s continued cyberespionage operations are damaging the two countries’ relationship. In a piece co-authored in Politico with Ambassador Robert Holleyman and Alex Niejelow, the chief […]
Tag Archives: Hacks
Latest Flash 0Day Under Attack; Possible Ties to Group Behind Angler EK
The third Adobe Flash Player zero day in two weeks is also currently under attack. Researchers at Trustwave found an exploit for it in the HanJuan exploit kit, which could be tied to the group behind the Angler kit.
New Wave of CTB-Locker/Critroni Ransomware Hitting Victims
There is a new wave of attacks delivering the CTB-Locker or Critroni crypto ransomware, arriving through spam messages with a variety of lures in several different countries. CTB-Locker is one of the newer variants in the crypto ransomware family, a kind of malware that encrypts victims’ hard drives and demands a relatively large payment in order […]
Female Skype Avatar Sinks Syria Opposition Fighters
A cyberespionage campaign pulled off by pro-Syrian hackers against Assad opposition fighters used social engineering to steal military planning documents.
Of Ghost glibc Vulnerability Patching and Exploits
Experts urge system administrators to patch the Ghost vulnerability in glibc immediately, but counter that as well that exploiting the bug may be challenging.
Analysis of Flash Zero Day Shows Layers of Obfuscation
The Flash zero day that made its way into the Angler exploit kit was wrapped in multiple layers of obfuscation and has the ability to inject its malicious payload straight into users’ browsers. In the last week, since the news broke of the Adobe Flash zero-day flaw appearing in the Angler kit, security researchers have […]
Researchers Link Regin to Malware Disclosed in Recent Snowden Documents
Kaspersky Lab has found shared code and functionality between the Regin malware platform and a keylogger described in recently disclosed Snowden documents.
Adobe Patches One Zero Day in Flash, Will Patch a Second Flaw Next Week
UPDATE–Adobe has released an emergency update for Flash to address a zero-day vulnerability that is being actively exploited. The company also is looking into reports of exploits for a separate Flash bug not fixed in the new release, which is being used in attacks by the Angler exploit kit. The vulnerability that Adobe patched Thursday is […]
Bypass Demonstrated for Microsoft Use-After-Free Mitigation in IE
A researcher has developed a bypass for Microsoft’s latest memory corruption mitigations in Internet Explorer, Heap Isolation and Delay Free.
Oracle Patches Backdoor Vulnerability, Recommends Disabling SSL
Oracle’s January 2015 Critical Patch update includes a fix for a backdoor found in the Oracle E-Business Suite by researcher David Litchfield. The patch is among 169 released in the CPU.