You are here:-Tag:threatpost

Dixons Carphone Cyberattack Targets 5.9M Bank Cards | Threatpost

By | 2018-06-14T13:56:52+00:00 June 13th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |

European electronic and telecom retailer Dixons Carphone has discovered a massive cyber-attack that may have compromised millions of payment cards and personal data records, it said Wednesday. The U.K.-based retail giant, whose subsidiaries include Carphone Warehouse, Currys, PC World, Elkjøp and others, said there is no evidence so far that any cards have been used after the

June Patch Tuesday: Microsoft Issues Critical Fixes for DNS, Cortana | Threatpost

By | 2018-06-13T18:38:36+00:00 June 12th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |

Microsoft has fixed 11 critical bugs in its June Patch Tuesday update, including a Windows DNS-related remote code execution flaw. It also patched an easily exploitable problem in the Cortana voice engine. One of the most serious issues is a critical remote code execution vulnerability (CVE-2018-8225) in the Windows Domain Name System (DNS),

Android Devices With Misconfigured ADB, a Ripe Target for Cryptojacking Malware | Threatpost

By | 2018-06-13T17:07:59+00:00 June 12th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |

Poorly configured Android devices, where the Android Debug Bridge is left enabled, have become an attractive target for hackers. According to researchers, adversaries are using the common misconfiguration to install cryptojacking malware on a wide selection of Android-based IoT devices ranging from maritime computer systems, TVs, DVRs and some mobile phone models. Android

Bypass Glitch Allows Malware to Masquerade as Legit Apple Files | Threatpost

By | 2018-06-13T15:32:54+00:00 June 12th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |

Masquerading as an official Apple system file sounds like a wonderful way for malware to worm its way onto Macs – and a recently discovered code-signing bypass flaw allows bad code to do just that. The way some developers have implemented Apple’s official code-signing API can be exploited by attackers. Essentially, Apple makes

Foscam Issues Patches For Vulnerabilities in IP Cameras | Threatpost

By | 2018-06-12T13:44:54+00:00 June 11th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |

Foscam  is urging customers to update their security cameras after researchers found three vulnerabilities in that could enable a bad actor to gain root access knowing only the camera’s IP address. The vulnerability trifecta includes an arbitrary file-deletion bug, a shell command-injection flaw and a stack-based buffer overflow vulnerability according to the researchers at VDOO who found

InvisiMole Burrows into Targets with Rich Espionage Tools | Threatpost

By | 2018-06-12T21:17:40+00:00 June 11th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |

Researchers are expressing concern over a versatile spyware called InvisiMole that has been spotted in highly targeted campaigns targeting Windows PCs in Russia and the Ukraine. The malicious code, which comes in 32-bit and 64-bit versions, has a modular architecture, with two different, feature-rich backdoors that have overlapping functionality. Together they account for nearly

Report: Chinese Hackers Siphon Off ‘Massive’ Amounts of Undersea Military Data | Threatpost

By | 2018-06-12T18:46:54+00:00 June 11th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |

Nation-state attackers affiliated with the Chinese government have made off with a trove of undersea military secrets, according to a report. Hackers were able to mount a lateral attack after compromising the networks of a Navy contractor working for the Naval Undersea Warfare Center in Rhode Island, according to a Washington Post report,

Lenovo Finally Patches Ancient BlueBorne Bugs in Tab and Yoga Tablets | Threatpost

By | 2018-06-09T14:32:18+00:00 June 8th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |

Nine months after researchers warned of the BlueBorne remote code execution bug, Lenovo said Thursday a patch is finally available for three popular lines of its Android tablets. Lenovo, the world’s No. 3 Android tablet maker, said BlueBorne patches are now available for four Lenovo Tab models, 14 Tab Essential models and three

Creative Spam Thinks Outside the Macro with .IQY Attachments | Threatpost

By | 2018-06-09T20:09:21+00:00 June 8th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |

The Necurs botnet is driving a fresh spam campaign that uses Excel Web Query (.IQY) file attachments to skim under the antivirus radar. If successful, the attack ultimately delivers the remote access trojan (RAT) known as FlawedAmmyy. This is the third wave in an offensive that started in late May. The emails, posing

Google Tackles AI Principles: Is It Enough? | Threatpost

By | 2018-06-09T18:42:20+00:00 June 8th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |

Google has released its manifesto of principles guiding its efforts in the artificial intelligence realm – though some say the salvo isn’t as complete as it could be. AI is the new golden ring for developers, thanks to its potential to not just automate functions at scale but also to make contextual decisions,