This is part two of a recent email interview with a Turkish web site, with part one made available here for the...
Regular readers will be aware that, unlike many people in the security industry, people in this research team tend to be enthusiastic...
So, back in harness. I’ve been away for a couple of weeks: not on holiday as such, though I did take some...
Perhaps I imagined it, but a few days ago when I allowed Firefox to update to fix security vulnerabilities my privacy settings...
As I previously pointed out http://www.eset.com/threat-center/blog/2009/08/04/calling-adobe%E2%80%99s-bluff, Adobe is at best deceptive about claims of the security and privacy of Flash. Even if...
There’s been a certain amount of buzz in the past couple of days about messages claiming to link to Wire Transfer information,...
We’ve had reassuring responses from Slideshare about the recent problem with a malicious slide deck and the company’s timely removal of the...
You probably aren’t looking for trouble, but there’s a good chance you’ll find it when you search the internet. An article in...
No, nothing to do with drive-by downloads… Our colleagues in Europe came up with a nice idea: an article on the dangers...
We know that spam works: well, it works well enough for spammers to keep devoting time and money into pumping sewage into...
The results (released yesterday) from a study conducted by the Ponemon Institute yielded some interesting data points. The most visible of these...
I recently read an article about Facebook security problems at http://www.securitymattersmag.com/security-matters-magazine-article-detail.php?id=411 in which some advice on passwords was given. Some of the...
The news broke a short time ago that pop star Michael Jackson died of a heart attack. It is all too predictable...
The City of Bozeman, Montana effectively joined the ranks of phishers when they asked job candidates for their usernames and passwords for...
When I first went to university at the end of the 1960s (yes, I really am that old, though not quite old...
Just last Saturday, June 6th; there was a new posting on the Full Disclosure mailing list from a source that calls themselves...
Some of you may have recently read of researchers discovering a botnet that is using Mac computers. Are you surprised? Well, perhaps...
We all have recently endured a week or so of extensive media hype about a worm called “Conficker”. Phrases such as “One...
When I write about Mac issues, I usually find myself abused by individuals convinced that there are no Mac viruses, never were...
I’ve mentioned here before that targeted malware, often delivered by “spear phishing” carried by apparently “harmless” documents such as PDFs, .DOCs and...
Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers
Eternal Malware: CVE-2024-3400 Rootkits Persist Through Palo Alto Firewalls Updates and Resets
Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023
Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw
Bogus npm Packages Used to Trick Software Developers into Installing Malware
New ‘Brokewell’ Android Malware Spread Through Fake Browser Updates
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
Network Threats: A Step-by-Step Attack Demonstration
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage