Android gets patches for critical flaws in media handling, hardware drivers
Android has received security fixes for over one hundred vulnerabilities, including 29 critical flaws in the media processing server, hardware-specific drivers and other components.
View ArticleShodan search engine starts unmasking malware command-and-control servers
There's now a new tool that could allow researchers and companies to quickly block communications between some malware families and their constantly changing command-and-control servers.
View ArticleXen hypervisor faces third highly critical VM escape bug in 10 months
The Xen Project has fixed three vulnerabilities in its widely used hypervisor that could allow operating systems running inside virtual machines to access the memory of the host systems, breaking the...
View ArticleFinancial cybercrime group abuses Windows app compatibility feature
The FIN7 financially motivated cybercrime group is abusing the Windows Application Compatibility Infrastructure, a feature that makes it possible for enterprises and developers to quickly resolve...
View ArticleSnake cyberespionage malware is ready to bite Mac users
A sophisticated Russian cyberespionage group is readying attacks against Mac users and has recently ported its Windows backdoor program to macOS.
View ArticleCyberspies tap free tools to make powerful malware framework
Over the past year, a group of attackers has managed to infect hundreds of computers belonging to government agencies with a malware framework stitched together from JavaScript code and publicly...
View ArticleSupply chain attack hits Mac users of HandBrake video converter app
Hackers compromised a download server for HandBrake, a popular open-source program for converting video files, and used it to distribute a macOS version of the application that contained malware.
View ArticleMicrosoft fixes remote hacking flaw in Windows Malware Protection Engine
Microsoft released an update for the malware scanning engine bundled with most of its Windows security products to fix a highly critical vulnerability that could allow attackers to hack computers.
View ArticleMicrosoft fixes 55 vulnerabilities, 3 exploited by Russian cyberspies
Microsoft released security patches Tuesday for 55 vulnerabilities across the company's products, including three flaws that have already been exploited in targeted attacks by cyberespionage groups.
View ArticleMicrosoft finally bans SHA-1 certificates in Internet Explorer and Edge
The Tuesday updates for Internet Explorer and Microsoft Edge forces those browsers to flag SSL/TLS certificates signed with the ageing SHA-1 hashing function as insecure.
View ArticleLatest firmware updates for Asus routers fix CSRF security flaws
Users of Asus RT-N and RT-AC series routers should install the latest firmware updates released for their models because they address vulnerabilities that could allow attackers to hijack router settings.
View ArticleNew ransomware Jaff demands $3,700 payments
Attackers behind the highly successful Locky and Bart ransomware campaigns have returned with a new creation: A malicious file-encrypting program called Jaff that asks victims for payments of around...
View ArticleGoogle will review web apps that want access to its users' data
In response to recent attacks where hackers abused Google's OAuth services to gain access to Gmail accounts, the company will review new web applications that request Google users' data.
View ArticleWannaCry attacks are only the beginning
As the WannaCry ransomware attack evolves, more cybercriminals are likely to attempt to profit from the vulnerability it exploits and similar flaws in the future.
View ArticleShadow Brokers teases more Windows exploits and cyberespionage data
A group of hackers that previously leaked alleged NSA exploits claims to have even more attack tools, as well as intelligence gathered by the agency on foreign banks and ballistic missile programs.
View Article