Feed aggregator

Usbkill Script Can Render Computers Useless

Threatpost for B2B - Tue, 05/05/2015 - 11:17
The idea of needing to disable a computer quickly as the police--or another potential adversary--comes through the door typically has been the concern of criminals. But in today's climate activists, journalists, and others may find themselves wanting to make their laptops unusable in short order, and that's where usbkill comes in.

Angler Exploit Kit, Bedep Malware Inflating Video Views

Threatpost for B2B - Tue, 05/05/2015 - 08:00
Cybercriminals are using the Angler exploit kit to infect users with the Bedep Trojan, which then uses their computer resources to perform click-fraud and artificially inflate video views.

Netflix Releases FIDO Incident Response Tool

Threatpost for B2B - Tue, 05/05/2015 - 07:11
Engineers at Netflix have released another one of the company's bespoke security tools as an open-source application, this time an incident-response system known as FIDO.

Rombertik Malware Can Overwrite MBR if Audited

Threatpost for B2B - Mon, 05/04/2015 - 16:26
Cisco Talos reports a new strain of spyware called Rombertik that escalates its anti-detection capabilities by destroying the Master Boot Record if the code is audited.

Google Updates Password Alert Extension, But Some Bypasses Still Work

Threatpost for B2B - Mon, 05/04/2015 - 14:07
For the second time in less than a week, Google has updated its Password Alert extension for Chrome to address a method for bypassing the warning screens that alert users that they’re entering data on a non-Google site. However, the researcher who discovered the most-recent bypass method said his technique still works on the latest […]

Sally Beauty Investigating Second Data Breach

Threatpost for B2B - Mon, 05/04/2015 - 13:26
Sally Beauty is investigating a potential data breach for the second time in as many years, according to a Brian Krebs report.

Google Patches Clickjacking Bug

Threatpost for B2B - Mon, 05/04/2015 - 13:13
Google paid out a $1,337 bounty to a researcher who found a clickjacking vulnerability in Google API Explorer.

Researchers, FBI Warn of Nepal Earthquake Scams

Threatpost for B2B - Mon, 05/04/2015 - 10:38
The earthquake that hit Nepal late last month has caused untold damage in the region and kicked off a massive relief and aid effort. Attackers are loathe to let a chance like that go by, and they have concocted a number of schemes to deprive victims of their money and hope for relief funds. Aid organizations […]

Attackers Peddling Malware via CareerBuilder

Threatpost for B2B - Mon, 05/04/2015 - 09:37
Attackers have recently taken to the job searching website CareerBuilder to spread Microsoft Word documents that masquerade as job hopefuls' resumes, but in reality, are laden with malware.

Mozilla Moving Toward Full HTTPS Enforcement in Firefox

Threatpost for B2B - Fri, 05/01/2015 - 12:20
The Mozilla Foundation announced yesterday that it is in the process making HTTP connections incompatible with its popular Firefox Web browser.

Researcher Finds Method to Bypass Google Password Alert

Threatpost for B2B - Fri, 05/01/2015 - 11:47
A security researcher has developed a method–actually two methods–for defeating the new Chrome Password Alert extension that Google released earlier this week. The Password Alert extension is designed to warn users when they’re about to enter their Google passwords into a fraudulent site. The extension is meant as a defense against phishing attacks, which remain […]

Threatpost News Wrap, May 1, 2015

Threatpost for B2B - Fri, 05/01/2015 - 11:38
Dennis Fisher and Mike Mimoso discuss the post-RSA news, including the MySQL bug, the progress of the OpenSSL overhaul and the wildly entertaining House hearing on crypto backdoors.

Dyre Banking Trojan Jumps Out of Sandbox

Threatpost for B2B - Fri, 05/01/2015 - 09:48
Researchers at Seculert have found a new version of the Dyre banking malware, one that is adept at avoiding sandbox detection.

Unpatched Router Vulnerability Could Lead to Code Execution

Threatpost for B2B - Thu, 04/30/2015 - 14:07
A critical vulnerability in popular household routers such as D-Link and Trendnet could be exploited by attackers to run arbitrary code on devices.

New Spam Campaign Pushing CTB-Locker Ransomware

Threatpost for B2B - Thu, 04/30/2015 - 13:28
The SANS Institute reports a new strain of CTB-Locker ransomware moving this week via spam messages.
Syndicate content