Malware & Vulnerabilities

Malware & vulnerabilities news, trends, analysis and practical advice

Scary ghosts haunted scream

Parrot AR Drone can be infected with malware for surveillance

Drones infected with malware can drop from the sky or be hijacked for surveillance

A security engineer infected a Parrot AR Drone with Maldrone malware, which creates a persistent backdoor, so an attacker can remotely control the infected drone, cause it to drop from the sky, be hijacked for surveillance, or spread...

blackphone2 100248426 orig

Blackphone super-secure communications app had serious flaw

The SilentText secure messaging application bundled with Blackphone had a serious vulnerability that would have allowed attackers to decrypt messages, read contact information, gather location data and even execute malicious code on...

'Ghost' flaws poses high risk to Linux distributions

A fault in a widely used component of most Linux distributions could allow an attacker to take remote control of a system with just a malicious email.

DNS hijacking flaw affects D-Link DSL router, possibly other devices

A vulnerability found in a DSL router model from D-Link allows remote hackers to change its DNS settings and hijack users' traffic.

snowden

Link between NSA and Regin cyberespionage malware becomes clearer

Keylogging malware that may have been used by the NSA shares signficant portions of code with a component of Regin, a sophisticated platform that has been used to spy on businesses, government institutions and private individuals for...

internet security with lock

6 DNS services protect against malware and other unwanted content

A good DNS service can protect users from a variety of unwanted Web intruders, including phishing sites and botnets. We look at six of them.

Adobe pushes critical Flash Player update to fix latest zero-day

Users with automatic updates enabled in Flash Player have already started receiving the new patch

Hackers

Thousands of U.S. gas stations vulnerable to cyberattacks

Automated tank gauges used to trigger alarms in case of problems at gas stations such as fuel spills are vulnerable, according to Rapid7.

Adobe logo and products reflected in displays.

Adobe fixes just one of two zero-day flaw in Flash Player

Emergency updates for Flash Player released Thursday fix a vulnerability that is now being exploited by attackers, but leave a separate flaw unpatched.

Fujitsu psychology tool profiles users for risk of cyberattacks

Fujitsu wants to make computer security more personalized with profiling software that can assess cyberattack risks.

Attackers are exploiting a zero-day flaw in Flash Player

Attackers are using compromised websites to exploit a new and currently unpatched vulnerability in Flash Player.

Critical Java updates fix 19 vulnerabilities, disable SSL 3.0

Oracle released new security updates for Java to fix 19 vulnerabilities and disable default support for SSL 3.0, an outdated version of the secure communications protocol that is vulnerable to attacks.

first-aid medicine cure patch remedy

Oracle to fix 167 vulnerabilities, including a backdoor-like flaw in its E-Business Suite

Oracle's monster batch of security updates is expected Tuesday.

cybercrime

This tool may make it easier for thieves to empty bank accounts

Banks and payment services are in a constant fight to detect account fraud, employing sophisticated ways to detect abnormal activities. One of those ways is "fingerprinting" a Web browser, or analyzing its relatively unique software...

The NSA not only creates, but also hijacks, malware with Quantumbot

In addition to having its own digital arsenal, the National Security Agency also hijacks and repurposes third-party malware.

Flawed Verizon My FiOS mobile app exposed email accounts

Verizon has fixed a serious vulnerability in its My FiOS mobile application that had allowed unfettered access to email accounts.

New York Post Twitter account hacked, UPI's compromised, too

The Twitter account of the New York Post was hacked, and UPI's was also apparently hit today.

microsoft bug

Google goes public with more Windows bugs

Google this week publicized two new disclosures of Windows vulnerabilities before Microsoft was able to patch them, the third and fourth times it's done so in 17 days.

Load More