Crooks breaking into enterprise networks are holding data they steal for ransom under the guise they are doing the company a favor exposing a flaw.
Tag Archives: Vulnerabilities
Cybercrime Hit Businesses Hardest in 2015, says IC3 Report
Businesses were hit hardest by inbox-based scams in 2015 that robbed U.S. companies of $263 million.
Researcher Pockets $30,000 in Chrome Bounties
Mariusz Mlynski is having a May to remember, earning $30,000 in bounties from Google for vulnerabilities he discovered and disclosed, on top of another $15,500 earlier this month from the same program.
Microsoft Moves Against Bad Passwords
Microsoft says enterprises need to ban common passwords and rethink outdated ideas about what makes a strong password.
Wekby APT Gang Using DNS Tunneling for Command and Control
Wekby attackers are turning to the technique known as DNS tunneling in lieu of more conventional HTTP delivery of command and controls for remote access control of infected computer networks.
APT Groups Finding Success with Patched Microsoft Flaw
Researchers at Kaspersky Lab have identified six APT groups using exploits for a Microsoft Office flaw that was patched in September 2015.
LinkedIn is Latest Contributor to Breach Fatigue
Expert Troy Hunt waxes on last week’s LinkedIn data dump of 117 million credentials and how it reflects on a new breed of hackers.
Persistent EITest Malware Campaign Jumps from Angler to Neutrino
The tenacious EITest malware campaign is being refueled by the fact it is shifting from the Angler exploit kit to the Neutrino exploit kit.
Three Exploit Kits Spreading Attacks for Recent Flash Player Zero Day
The Angler Exploit Kit is exploiting the latest Flash zero day and is moving Dridex banking malware. The Magnitude and Neutrino exploit kits have also integrated the 0day.
Instagram Patches Brute-Force Authentication Flaws
Facebook paid researcher Arne Swinnen a $5,000 bounty for a pair of authentication vulnerabilities in Instagram that enabled brute-force attacks against usernames and passwords.