Feed aggregator

Microsoft Privacy Policy Promises No Targeted Advertisements

Threatpost for B2B - Fri, 06/13/2014 - 11:19
Microsoft doubles down on claims it does not scan user files or monitor user communication in order to target advertisements to its customer.

ISC Patches Critical DoS Vulnerability in BIND

Threatpost for B2B - Fri, 06/13/2014 - 11:10
A critical, remotely exploitable bug in some BIND domain name system (DNS) servers could cause a denial of service situation and trigger them to crash.

U.S. Marshals Auctioning Off Seized Silk Road Bitcoins

Threatpost for B2B - Fri, 06/13/2014 - 10:41
If any further evidence was required that up is down and black is white, the United States government is now in the business of selling Bitcoins. At least for one day.

Hot, Cold Reactions to New Google Play App Permissions

Threatpost for B2B - Thu, 06/12/2014 - 14:51
Google Play's new app permissions arrive with some privacy concerns.

Versatility of Zeus Framework Encourages Criminal Innovation

Threatpost for B2B - Thu, 06/12/2014 - 14:30
Ever since the Zeus source code leaked in late 2010, criminals have been creating highly customized, difficult-to-detect versions of it that target very specific services.

Facebook Set to Let Users Edit Own Advertising Info

Threatpost for B2B - Thu, 06/12/2014 - 13:15
Facebook announced it will soon be rolling out a new feature to give its users more control when it comes to the types of advertisements they see on the site.

A Day To Forget For Teen At Center Of TweetDeck Shutdown

Threatpost for B2B - Thu, 06/12/2014 - 12:19
An Austrian teen at the center of yesterday's TweetDeck security incident explains how things went wrong and what the last 24 hours have been like.

VMware Patches ESXi Against OpenSSL Flaw, But Many Other Products Still Vulnerable

Threatpost for B2B - Thu, 06/12/2014 - 09:38
While the group of vulnerabilities that the OpenSSL Project patched last week hasn't grown into the kind of mess that the Heartbleed flaw did, the vulnerabilities still affect a huge range of products.

Blog: Cybercriminals targeting obsolete Japanese blogging tool

Secure List feed for B2B - Thu, 06/12/2014 - 06:00
Cybercriminals are very actively targeting web sites which are not well-managed, so as to abuse them for their malicious activities. Damage to web sites in Japan has increased since last year, which is alarming to Japanese Internet users. Kaspersky Labs Japan has observed more than 2,800 compromised web sites between January and March 2014. WordPress is a popular blogging tool worldwide, but it is often plagued by vulnerabilities which can result in compromised web sites . A similar Japanese-made tool, “Web Diary Professional” (WDP), also experiences such problems. WDP is widely used in Japan, with its Japanese user interface and tutorials.However, it is no longer supported. A new tool has already been introduced as its successor, and the developers have recommended that people migrate. However, a significant number of web site administrators are still using the obsolete WDP, exposing themselves to the threats of cybercriminals.

TweetDeck Taken Down in Wake of XSS Attacks

Threatpost for B2B - Wed, 06/11/2014 - 13:45
TweetDeck said it temporarily has taken down its services after cross-site scripting exploit code circulated today.

Token Abuse Exposes Gmail Addresses

Threatpost for B2B - Wed, 06/11/2014 - 13:07
Google patched a vulnerability that a researcher was able to exploit in order to collect every Gmail address.

DDoS Attacks Take Down Feedly, Evernote

Threatpost for B2B - Wed, 06/11/2014 - 10:58
News aggregator Feedly and note-taking service Evernote were both knocked offline by distributed denial of service attacks in the last 24 hours.

Mozilla Patches Seven Flaws in Firefox 30

Threatpost for B2B - Wed, 06/11/2014 - 10:31
Mozilla has fixed seven security vulnerabilities in Firefox 30, including five critical flaws that could enable remote code execution.

Analysis: Social network frauds

Secure List feed for B2B - Wed, 06/11/2014 - 10:00
In 2013 phishing sites imitating social network websites were to blame for more than 35% of cases when the Anti-phishing heuristic component was triggered.
Syndicate content