Mike Mimoso and Chris Brook discuss the news of the week, including the back and forth around whether or not TeamViewer was hacked, the fallout around the years-old MySpace and Tumblr breaches, and a 90K Windows zero day.
IT security firm Trustwave has been sued by a Las Vegas-based casino operator for conducting an allegedly “woefully inadequate” investigation following a network breach of the casino operator’s system.
Affinity Gaming, an operator of 5 casinos in Nevada and 6 elsewhere in the United States, has questioned Trustwave’s investigation for failing to shut down breach that directly resulted in
Attackers have been carrying out attacks on sites running old, unpatched versions of Joomla following the disclosure of a critical SQL injection vulnerability in the software last week
Joomla released a new version of its CMS Thursday, 3,4,5, that addresses a critical SQL injection vulnerability that could have let attackers gain access to data in the backend of any site running the platform.
A new version of the Rig Exploit Kit is fueling a malware campaign that has already claimed close to one million victims.
RubyGems maintainers patched a vulnerability, reported by Trustwave and OpenDNS, that allows RubyGem clients to be redirected to an attacker-controlled gem server.
A phishing campaign that spiked this week is pushing the Dridex banking Trojan via malicious macros embedded in XML file attachments.
An automated attack targeting users of the open source Rejetto webserver and file-sharing application tried to inject the IptabLes DDoS tool.
A reseller of the Rig Exploit Kit has leaked some of the source code behind the pack after parting ways with the kit’s developer. Experts don’t expect a spike in Rig-based attacks.
The recent Flash zero-day vulnerabilities and exploits have uncovered the relatively quiet Hanjuan exploit kit, and further exposed the dangers of malvertising.