Necurs, the world’s largest spam botnet, is currently sending millions of spam emails that push an obscure cryptocurrency named Swisscoin. Such spam emails are known as pump-and-dump, and the technique relies on sending large quantities of spam to drive interest up towards a particular penny stock. Spammers usually buy stock in advance at a low price and sell it at a higher value when the...
Read More
What you don’t see won’t hurt you, must have been the reasoning of the threat actors who created the latest batch of extensions that make these browser hijackers even more difficult to remove. The extensions redirect users away from pages where they can disable or delete them in order to drive clicks up on YouTube videos or hijack searchers. The extensions, which have been found in both Chrome...
Read More
It is no easy feat to recall going through life without the vast variety of mobile devices that are now part of our day-to-day. What is more, it is downright impossible to imagine a future without these devices. Recent times have been marked by a diversity of trends that revolve around flexibility and that have by now become well established: Bring Your Own Device (BYOD), Choose Your Own...
Read More
Researchers routinely discover a variety of malicious apps on Google Play, some of which have been downloaded and installed on millions of devices worldwide. Here’s what infosec experts think about the security of Google Play, what they think Google should do better, and what users can do in order to protect themselves from malicious apps on the official Android app store. Google Play continues to...
Read More
A new long-running player emerged in the cyber arena, it is the Dark Caracal APT, a hacking crew associated with to the Lebanese General Directorate of General Security that already conducted many stealth hacking campaigns. Cyber spies belonging to Lebanese General Directorate of General Security are behind a number of stealth hacking campaigns that in the last six years, aimed to steal text messages, call...
Read More
Description: A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Impact: A remote attacker could exploit some of these vulnerabilities to obtain...
Read More
Earlier today, Microsoft published the January 2018 Patch Tuesday security updates, containing fixes for 56 vulnerabilities and three special security advisories with fixes for Adobe Flash, the Meltdown & Spectre flaws, and a defense-in-depth update for Office applications. This month, things were a little messy. On January 3, Microsoft released an emergency out-of-band security update with fixes for the now infamous Meltdown and Spectre vulnerabilities. That emergency update...
Read More
Wi-Fi is about to get more secure this year with the launch of the new WPA3 protocol, the industry body behind it has announced. The Wi-Fi Alliance — which is comprised of tech stakeholders including Apple, Cisco, Intel, Microsoft and Qualcomm — made the announcement at CES on Monday. When it lands later this year, WPA3 will offer new features to simplify and enhance security for users...
Read More
We are heading into an era which embraces the Internet of Things (IoT), artificial Intelligence (AI), and machine learning (MI) that have immensely overturned the tech world. With particular reference to IoT, it has profoundly impacted global commerce and lifestyle. If this existing pace remains consistent, then it wouldn’t be onerous to predict the trends that we might witness in the upcoming year. According to the predictions by Forecast, IoT is just...
Read More
The development team of phpMyAdmin has fixed a CSRF vulnerability in phpMyAdmin that could be exploited by attackers for removing items from shopping cart. Researcher Ashutosh Barot has discovered a critical CSRF vulnerability in phpMyAdmin that could be exploited by attackers to perform malicious operations like drop tables and delete records. phpMyAdmin developers released the version 4.7.7 that addresses the CSRF vulnerability found by Barot. “By deceiving a user to click on...
Read More
