Now here’s a first — crooks who realize the importance of customer service. It’s the latest twist in the global CryptoLocker ransomware attack. This diabolically nasty malware locks up all of the victim’s personal files — and in some cases, backup files, too — with state-of-the-art encryption. The bad guys have the only decryption key and […]
The NCA’s National Cyber Crime Unit are aware of a mass email spamming event that is ongoing, where people are receiving emails that appear to be from banks and other financial institutions. The emails may be sent out to tens of millions of UK customers, but appear to be targeting small and medium […]
Out of nowhere Oracle has released an emergency update to address the zero-day vulnerabilities being exploited by many different criminal groups. Surprisingly they included some previously unknown vulnerabilities that we can only assume may also have been in use in the wild. The good news is customers who require Java in their environments can now deploy […]
A potent Java security vulnerability that first appeared earlier this week actually leverages two zero-day flaws. The revelation comes as it emerged Oracle knew about the holes as early as April. Windows, Mac OS X and Linux desktops running multiple browser platforms are all vulnerable to attacks. Exploit code already in circulation first uses a vulnerability to […]
The critical Java vulnerabilities that have security experts cautioning users to disable Java in their browsers are not new discoveries, a security firm claims. On the contrary, Oracle has known about them for months, and it has probably had a patch ready since before an exploit was discovered in the wild. Security Explorations, a startup based in […]
In recent years, the Java development platform has become a favored target for hackers, leading to a growing list of Java-specific vulnerabilities being discovered and exploited by various malware. As such, many security researchers and national computer security organizations caution users to limit their usage of Java, unless required for business reasons, or to remove […]
A new browser-based exploit for a Java vulnerability that allows attackers to execute arbitrary code on client systems has been spotted in the wild – and because of Oracle’s Java patch schedule, it may be some time before a fix becomes widely available. The vulnerability is present in the Java Runtime Environment (JRE) version 1.7 […]
#DefCon 19 : Android Network Toolkit for Penetration Testing and Hacking Have an Android and wanna start pwning people, networks and machines like penetration testers do? Defcon 2011 is in full hacking swing, and Itzhak Avraham — “Zuk” for short — and his company Zimperium have unveiled the Android Network Toolkit for easy hacking on the […]
Hackers who stole bank account details for 200,000 Citigroup customers infiltrated the company’s system by exploiting a garden-variety security hole in the company’s website for credit card users, according to a report citing an unnamed security investigator. The New York Times reported that the technique allowed the hackers to leapfrog from account to account on […]
Facebook is being hit by another viral message, spreading between users’ walls disguised as a link to a saucy video. The messages, which are spreading rapidly, use a variety of different links but all claim to be a movie of a dad catching his daughters making a video on their webcam: [VIDEO] DAD CATCHES DAUGHTERS […]