New configurations of the Shylock financial malware inject attacker-controlled phone numbers into the contact pages of online banking websites, according to security researchers from antivirus vendor Symantec.
Lucian Constantin |
08 Aug |
Read more
A typical Web application is the target of an attack at least one in three days on average, according to a report released by data security firm Imperva.
Lucian Constantin |
07 Aug |
Read more
Criminals are sending malicious emails that purport to come from payroll services firms in order to infect with malware the computers of payroll administrators from various companies, according to researchers from the SANS Internet Storm Center (ISC).
Lucian Constantin |
06 Aug |
Read more
Graphics chip maker Nvidia released a new version of its Unix driver on Friday in order to address a high-risk vulnerability that can be exploited by local users to gain root privileges on Linux systems.
Lucian Constantin |
06 Aug |
Read more
Microsoft has released Attack Surface Analyzer 1.0, a free tool that can help system administrators, IT security professionals or software developers understand how newly installed applications can affect the security of a Windows OS.
Lucian Constantin |
03 Aug |
Read more
Version 3.5.5 of the LibreOffice free personal productivity suite contains fixes for multiple security vulnerabilities that could be exploited to execute arbitrary code with the privileges of the active user, according to The Document Foundation -- the organization overseeing the software's development.
Lucian Constantin |
02 Aug |
Read more
Security researchers disclosed critical vulnerabilities in routers from Chinese networking and telecommunications equipment manufacturer Huawei at the Defcon hackers conference on Sunday.
Lucian Constantin |
30 Jul |
Read more
Security researcher Michael Coppola demonstrated how small and home office (SOHO) routers can be compromised and turned into botnet clients by updating them with backdoored versions of vendor-supplied firmware.
Lucian Constantin |
30 Jul |
Read more
Security researcher Jonathan Brossard created a proof-of-concept hardware backdoor called Rakshasa that replaces a computer's BIOS (Basic Input Output System) and can compromise the operating system at boot time without leaving traces on the hard drive.
Lucian Constantin |
29 Jul |
Read more
Security researchers released two tools at the Defcon security conference that can be used to crack the encryption of any PPTP (Point-to-Point Tunneling Protocol) and WPA2-Enterprise (Wireless Protected Access) sessions that use MS-CHAPv2 for authentication.
Lucian Constantin |
29 Jul |
Read more
National Security Agency Director General Keith B. Alexander addressed the attendees of the Defcon hacker conference in Las Vegas on Friday and asked for their help to secure cyberspace.
Lucian Constantin |
28 Jul |
Read more
Security researcher and Columbia University PhD student Vasilis Pappas was announced the winner of the Microsoft BlueHat Prize contest for an exploit mitigation technology called "kBouncer" which is designed to detect and prevent return-oriented programming (ROP), a popular vulnerability exploitation technique.
Lucian Constantin |
27 Jul |
Read more
The judging panel of the Pwnie Awards, which are handed out every year at the Black Hat security conference for achievements and failures in IT security, have recognized the Windows Update hack used by the Flame cyberespionage malware as the most impressive compromise of the past 12 months.
Lucian Constantin |
26 Jul |
Read more
Three widely deployed payment terminals have vulnerabilities that could allow attackers to steal credit card data and PIN numbers, according to a pair of security researchers from penetration testing firm MWR InfoSecurity in the U.K.
Lucian Constantin |
26 Jul |
Read more
A tool for testing if Web application firewalls (WAFs) are vulnerable to around 150 protocol-level evasion techniques was released at the Black Hat USA 2010 security conference on Wednesday.
Lucian Constantin |
26 Jul |
Read more