Now here’s a first — crooks who realize the importance of customer service. It’s the latest twist in the global CryptoLocker ransomware attack. This diabolically nasty malware locks up all of the victim’s personal files — and in some cases, backup files, too — with state-of-the-art encryption. The bad guys have the only decryption key and […]
The NCA’s National Cyber Crime Unit are aware of a mass email spamming event that is ongoing, where people are receiving emails that appear to be from banks and other financial institutions. The emails may be sent out to tens of millions of UK customers, but appear to be targeting small and medium […]
Adobe’s systems have been hit by numerous “sophisticated attacks” that have compromised the information of 2.9 million customers, and accessed the source code of Adobe products. The company said on Thursday that it has been the victim of a major cyberattack and said hackers had accessed those millions of customer IDs and encrypted passwords. “We also believe […]
If you haven’t already read it, your homework for this week is the Mandiant APT1 Report. Don’t read someone else’s interpretation until you’ve read the report yourself, in full. Don’t read the analysis of others and consider it good. Read the entire report yourself, read and watch the appendices and draw your own conclusions, then read what other people have […]
Even when I was starting to study my degree just some 4 years ago in Digital Forensics and IT Security there appeared to be very little interest in the subject of IT as a whole, let alone Digital Forensics and Ethical Hacking from women. Some three women appeared in the lecture hall on the first day of the course […]
Out of nowhere Oracle has released an emergency update to address the zero-day vulnerabilities being exploited by many different criminal groups. Surprisingly they included some previously unknown vulnerabilities that we can only assume may also have been in use in the wild. The good news is customers who require Java in their environments can now deploy […]
A potent Java security vulnerability that first appeared earlier this week actually leverages two zero-day flaws. The revelation comes as it emerged Oracle knew about the holes as early as April. Windows, Mac OS X and Linux desktops running multiple browser platforms are all vulnerable to attacks. Exploit code already in circulation first uses a vulnerability to […]
The critical Java vulnerabilities that have security experts cautioning users to disable Java in their browsers are not new discoveries, a security firm claims. On the contrary, Oracle has known about them for months, and it has probably had a patch ready since before an exploit was discovered in the wild. Security Explorations, a startup based in […]
In recent years, the Java development platform has become a favored target for hackers, leading to a growing list of Java-specific vulnerabilities being discovered and exploited by various malware. As such, many security researchers and national computer security organizations caution users to limit their usage of Java, unless required for business reasons, or to remove […]
A new browser-based exploit for a Java vulnerability that allows attackers to execute arbitrary code on client systems has been spotted in the wild – and because of Oracle’s Java patch schedule, it may be some time before a fix becomes widely available. The vulnerability is present in the Java Runtime Environment (JRE) version 1.7 […]