Skip the navigation

More Malware and Vulnerabilities News

Using Instagram on public Wi-Fi risks account hijack

A configuration problem in Facebook's popular Instagram application for Apple devices could allow a hacker to hijack a person's account if they're both on the same public Wi-Fi network.

Attackers install DDoS bots on Amazon cloud, exploit Elasticsearch weakness

Attackers are exploiting a vulnerability in distributed search engine software Elasticsearch to install DDoS malware on Amazon and possibly other cloud servers.

Until the Tails privacy tool is patched, here's how to stay safe

Vulnerabilities in the Tails operating system could reveal your IP address, but you can avoid trouble by taking a couple of precautions.

Russian gov't is willing to pay for a way to ID Tor users

The Russian Ministry of Interior is willing to pay 3.9 million roubles, or around $111,000, for a method to identify users on the Tor network.

Bugcrowd guide aims to smooth the way for reporting software flaws

Handling a software flaw can be messy, both for a security researcher who found it and for the company it affects. But a new set of guidelines aims to make that interaction less mysterious and confrontational.

Thousands of sites compromised by WordPress plug-in flaw

A critical vulnerability found recently in a popular newsletter plug-in for WordPress is actively being targeted by hackers and was used to compromise an estimated 50,000 sites so far.

Firm says vulnerability in Tails contained in I2P component

A vulnerability broker published a video demonstrating one of several flaws it has found in the privacy-focused Tails operating system, which is used by those seeking to make their Web browser harder to trace.

File-encrypting Android ransomware 'Simplocker' targets English-speaking users

A ransomware threat that encrypts files stored on the SD memory cards of Android devices has been updated to target English-speaking users with FBI-themed alerts.

SQL injection flaw opens door for Wall Street Journal database hack

A vulnerability in a web-based graphics system led to a breach of The Wall Street Journal's network by a hacker, the newspaper acknowledged late Tuesday.

Tor Project working to fix weakness that can unmask users

Developers of Tor software believe they've identified a weakness that was scheduled to be revealed at the Black Hat security conference next month that could be used to de-anonymize Tor users.

EFF releases Chrome, Firefox plugin to block third-party tracking

The Electronic Frontier Foundation, a digital privacy rights group, has released a downloadable plugin for Chrome and Firefox designed to stop third parties from tracking people's Web browsing.

Open Wireless Router project aims for better router security, network performance

Advocacy group the Electronic Frontier Foundation wants to address the poor security track record of home routers with a new firmware project that will encourage users to share their Internet connection publicly by setting up guest Wi-Fi networks.

Stealthy ransomware 'Critroni' uses Tor, could replace Cryptolocker

Cybercriminals are spreading a new file-encrypting ransomware program that's more powerful and resilient than Cryptolocker, a threat recently shut down by the U.S. Department of Justice.

Home router security to be tested in Defcon contest

Researchers are gearing up to hack an array of different home routers during a contest next month at the Defcon 22 security conference.

Aloha point-of-sale terminal, sold on eBay, yields security surprises

Matt Oh, a senior malware researcher with HP, recently bought a single Aloha point-of-sale terminal -- a brand of computerized cash register widely used in the hospitality industry -- on eBay for $200.

Emergency vBulletin patch fixes SQL injection vulnerability

Developers of the popular vBulletin Internet forum software have issued emergency patches Wednesday in order to fix a SQL injection vulnerability that could allow attackers to read and manipulate information stored in the databases of vBulletin-based sites.

Flaw exposes some Cisco home wireless devices to hacking

Nine of Cisco's home and small office cable modems with router and wireless access point functionality need software updates to fix a critical vulnerability that could allow remote attackers to completely compromise them.

Almost a million fake apps are targeting your phone

Fake apps dressed up to look like official ones but actually designed to steal user data are increasingly targeting Android phone users, according to a study by Trend Micro.

Google sets up a cybercrime-busting task force -- Project Zero

Google has set up an internal task force that will work to expose the activities and techniques of malicious Internet wrongdoers, aiming to cut down on the number of targeted cyberattacks.

Feds declare big win over Cryptolocker ransomware

A status update filed in Pennsylvania by the U.S. Department of Justice said that both the Gameover Zeus botnet and Cryptolocker 'remained neutralized.'