Malware & Vulnerabilities

Malware & vulnerabilities news, trends, analysis and practical advice


first-aid medicine cure patch remedy

Why is Microsoft updating Windows PCs for a security bug on the server?

When Microsoft released a critical update for Windows Server this month, it also pushed out a fix for several versions of the Windows OS -- even the technical preview for Windows 10.

national security agency headquarters fort meade maryland

New tools offer practical help to block official spies

Online civil-rights groups and IBM accidentally struck a blow for individual freedom simultaneously with tools that limit covert surveillance from both hackers and governments

Critical XSS flaws patched in WordPress and popular plug-in

New security updates for the WordPress content management system and one of its popular plug-ins fix cross-site scripting vulnerabilities that could allow attackers to take control of sites.

Wikimedia (CC)

Russians easily 'hack' webcams, like others have for YEARS

Webcam hacking is in the news -- and it's bad stuff. But...haven't people been circumventing webcam security using default passwords for years now? How too could anyone forget, recent news about the NSA hacking webcams?

Hacking stealing password data.

Attackers use Citadel malware to target password management apps

Attackers are using the Citadel Trojan program to steal master passwords for password management applications and other authentication programs.

android malware

Android botnet could pose threat to corporate networks

An Android Trojan program that's behind one of the longest running multipurpose mobile botnets has been updated to become stealthier and more resilient.

band-aid patch bandage

Microsoft releases emergency patch to stymie Windows Server attacks

Microsoft today released an "out-of-band" security update to patch a vulnerability in all versions of its Windows Server software

Cyberespionage group tied to OnionDuke malware

A malware program distributed recently through a rogue server on the Tor network was also used in targeted attacks against European government agencies.

wirelurker

Suspected WireLurker malware creators arrested in China

Beijing police arrested three people suspected of developing the "WireLurker" malware that may have infected hundreds of thousands of Apple mobile devices.

Sonatype seeks to help developers reduce risk from open-source components

The Sonatype Component Lifecycle Management 2.0 tracks vulnerable third-party components used in software

Hacked, unlocked, unsafe.

NOAA confirms cyberattack on four weather sites

Four websites run by the U.S. National Oceanic and Atmospheric Administration have been compromised in recent weeks

patch fix wall bricks fix repair

Microsoft fixes critical crypto flaw, strengthens encryption for older systems

Microsoft fixed a critical vulnerability in the Windows cryptographic library that could expose Windows servers to remote attacks

malware keyboard

Adobe fixes 18 vulnerabilities in Flash Player

Adobe Systems released critical security updates for Flash Player to address 18 vulnerabilities, many of which can be remotely exploited to compromise underlying systems.

huge patch tuesday

33 bugs fixed in GIANT Patch Tuesday catch (one is from 1995)

Microsoft's trustworthy computing team has been working overtime this month: 14 patches, four are 'critical'. Among the flaws is the 'ancient' MS14-066, which affects every single supported version of Windows (and several older ones)....

Rights groups, NGOs struggle against malware attacks

Activist and human rights groups are hit with the same types of intrusions as larger organizations, but have fewer resources to defend themselves.

Exclamation point on screen.

Microsoft updates EMET security tool to fix compatibility issues, harden exploit mitigations

Microsoft's Enhanced Mitigation Experience Toolkit was updated Monday to harden the exploit mitigations that it adds to other programs and to address compatibility issues with some of them.

computer hacker aa006208

Hackers are targeting execs on the road through hotel networks

For four years a group of sophisticated hackers has compromised the luxury hotel networks in the Asia-Pacific region to launch malware attacks against corporate executives and entrepreneurs traveling on business.

Biggest ever Tor raid hits 410 underground sites; 17 arrested

Raids by law enforcement agencies in the U.S. and 16 European nations have closed hundreds of underground websites, including dozens dealing in weapons and drugs, and led to the arrest of 17 people.

Load More