Security Bulletins
Latest Malware Updates
Downloader.Busadom!g102/27/2015Infostealer.Posteal02/26/2015Downloader.Busadom02/26/2015Trojan.Ladocosm02/26/2015SONAR.SuspDocRun02/25/2015SONAR.SuspHelpRun02/25/2015W32.Tempedreve.D!inf02/25/2015SONAR.PUA!AlnadInsta02/25/2015SONAR.Infostealer!g502/25/2015SONAR.Infostealer!g402/25/2015 |
News
Microsoft released Fix it tool for the zero-day vulnerability in GDI component in Microsoft Windows and OfficeThe flaw allows remote execution of arbitrary code on the target system via a specially crafted TIFF image. 11/07/2013Open source hardware can protect against NSA spyingIt will more effectively detect backdoors and vulnerabilities that are built by NSA or other government agencies in the system of certain companies. 10/11/2013vBulletin Vulnerability allows unauthorized administrative accessExploit for this vulnerability has already spread over hacking forums. 10/11/2013Microsoft to drop cookiesThe company is going to apply its own technology that will store this sort of information on Redmond’s servers. 10/11/2013A fake Facebook login page steals user credentialsThe phishers can also get access to personal and financial information. 10/10/2013Google to bounty fixing bugs in non-Google open source code softwareInitially, the bounty program will be active for OpenSSL and OpenSSH libraries, BIND DNS and security critical components in Linux kernel. 10/10/2013CMU researchers created leak-proof messenger appMessages remain encrypted until recipient gets them due to end-to-end method of encryption. 10/09/2013BlackHole exploit kit developer arrested in RussiaMinistry of Internal Affairs of the Russian Federation did not comment on the arrest. 10/09/2013EFF to sue FBI for usage of facial recognition softwareThe Electronic Frontier Foundation has filed a suit against the Federal Bureau of Investigation. 07/01/2013Facebook paid 20 grand for critical bugUK-based security researcher was awarded with $20, 000 for discovery of critical vulnerability. 07/01/2013U.S. Department of Defense blocked The Guardian websiteAccording to authorities, the resource published secret documents, access to which should be restricted. 06/28/2013Expert: Apple can get access to your iMessagesThis is possible because the storage of messages in iCloud. 06/27/2013Researchers have doubted the relevance of the Common Vulnerability Scoring SystemAccording to experts, the system does not provide the most relevant information on whether a vulnerability is used in real time for attacks on computer systems. 06/26/2013Backdoor in HP StoreOnceSecurity experts discovered unchangeable admin account in HP StoreOnce SAN system software. 06/26/2013Attacker, distributing Ghost RAT Trojan, arrested in TaiwanThe virus spread via phishing email-messages. 06/25/2013Symantec: Pretending to be antivirus, malware blocks mobile devicesTo unblock the device Fakedefender asks for a special code. 06/25/2013Carberp banking Trojan source code leakedGuys from Russian security firm GROUP-IB published screen shots of a famous banking trojan Carberp. 06/25/2013CIA illegally read SMS of the ChineseSnowden claimed that U.S. intelligence hacked the Chinese mobile operators’ databases. 06/24/2013Anonymous attack oil companies around the worldHackers perform DDoS-attacks, compromise accounts of social networks, companies’ servers and websites, as well as hijack confidential data. 06/24/2013LinkedIn users were redirected to the false site because of the domain name registrar's errorNetwork Solutions suffered from a DDoS-attack and replaced 5 000 DNS records, which affected LinkedIn services. 06/21/2013Microsoft to pay up to $100,000 for new vulnerabilities in Windows 8.1 products“New Bounty Programs” for finding flaws in Windows 8.1 Preview starts on June 26. 06/21/2013China to establish agency on cyber diplomacyMinistry of Foreign Affairs of China told about creating secretariat to deal with diplomatic issues in the field of cyber security. 06/20/2013About 12% small businesses are ready to protect their customers’ personal dataStrengthening cybersecurity is hindered by a lack of funds and lack of awareness of the possible consequences of being compromised. 06/19/2013Hackers paralyzed the U.S. NSA site for 13 hoursIn such a manner hackers expressed their outrage at the usage of the spy program PRISM by the govenment. 06/19/2013Assange: Google is an arm of US governmentAssange is sure that the representatives of Google - are agents of the State Department. 06/18/2013France disconnects torrent users from the internetAuthorities started to apply stricter penalties, which are covered in the antipiracy law, adopted in 2010. 06/17/2013Microsoft provides security services with information about existing flaws before the release of patchesMany other U.S. telecommunication companies provide security services with information on voluntary basis. 06/17/2013Anonymous initiated a campaign against the government of GreeceHackers broke into the website of one of the courts of Athens and broadcasted on it the programs from the Greek radio and television ERT. 06/14/2013Experts now know the price of user’s personal dataThe cost may vary due to importance of collected information. 06/14/2013Edward Snowden: USA has been hacking China since 2009For the several past years, USA has organized hundreds of cyberattacks against targets in China. 06/13/2013Gartner: By 2016, the global market of cyber security will reach $ 86 billionFormation of the market can be carried out basing on three different tendencies: mobile security, “big data” and sophisticated targeted attacks. 06/13/2013Edward Snowden wants to reveal more information about PRISMSnowden gave the Guardian some really important material, and it will be published really soon. 06/11/2013British police offers ‘kill switch’ to disable stolen mobile handsetsEmergency lock button makes the device unusable. 06/10/2013Fraudsters earned $ 200 mln, selling stolen credit card dataCriminals have created a special web portal for their operations. 06/06/2013Windows 8.1 will provide an option to secure folders with fingerprintsThe operating system will recognize fingerprints without any additional software. 06/05/2013Google developer posted description of a 0-day vulnerability in WindowsResearcher asked other specialists to find a way to use the flaw. 06/05/2013Russia Today hacked by AntiLeaksAs the result of attack, three websites became unavailable. 06/04/2013Researchers will hack iOS devices, using a modified chargerThe hack will be demonstrated at the Black Hat security conference by the team from Georgia Institute of Technology. 06/04/2013Jailbreak creator advised Apple to create an alternative version of iOS 7According to the developers, in this case hackers won’t need to look for vulnerabilities to create a jailbreak and Apple representatives – to fix them. 06/03/2013Major internet-companies won’t spy on British usersCompanies state that Theresa May’s plan is too expensive and contentious. 06/03/2013Google wants vendors to fix 0day vulnerabilities within one weekCompany demands that software vendors issue a fix or at least suggest temporary solution for zero-day bugs. 05/31/2013Motorola wants to replace passwords with pills and tattoosStill the company doubts that the alternative means of authentication will appear in the nearest future. 05/31/2013FBI ran child porn website for two weeks to track its usersCourt records indicate the site continued to distribute child pornography online while under FBI control. 05/30/2013U.S. government to use videogames in developing cyber war strategiesPentagon is working on Plan X to make cyber warfare as comprehensible and easy as firing a gun. 05/29/2013Chinese hackers stole Australian intelligence dataThe attackers now own documents detailing the ASIO building's communication cable layouts, server locations and security systems. 05/28/2013U.S. military accuses China of compromising advanced weapons designsU.S. intelligence agencies believe that hackers from China were able to obtain data on more than 20 cutting-edge developments. 05/28/2013Brian Krebs on Liberty Reserve being closed and accounts being frozenWhen payments were made, the owners of the system did not check users’ documents properly. 05/27/2013British company Sky – a victim of Syrian hackersAs a result of an incident, the users of Sky News, Sky Sports News and Sky WiFi may be affected. 05/27/2013Journalists accused of hacking after reporting data breachThe company, which leaked the data, accuses journalists of illegal access to information and the violation of Computer Fraud and Abuse Act. 05/23/2013Kim Dotcom claims he invented two-factor authenticationResearcher filed patent back in 1998. 05/23/2013HD Moore: Embedded systems vendors are carelessWhile systems administrators are doing their best to protect systems, they can not deal with threats contained in routers, modems, handsets, etc. 05/22/2013The number of Russian sites with child pornography declined by halfThe greatest number of resources with child pornography is now registered in the Netherlands and the United States. 05/21/2013Guantanamo jail disconnectedThe American military has turned off its Wi-Fi service following threats by Anonymous. 05/21/2013Developers hacked Google GlassAt the company’s I/O developer conference Google showed how to root the device. 05/20/2013The Conpot honeypot helps catching hackers targeting SCADA-systemsConpot detects cybercriminals scanning IP addresses for SCADA systems and then tracking their activities. 05/17/2013Symantec: Hackers attack European companies with Shadesrat TrojanCybercriminals begin attacks with a phone call to one of the victim’s employee. 05/17/2013Chinese university accused of cyberattacks on USAU.S. intelligence agencies suspect the representatives of Wuhan University. 05/16/2013ZPanel website hacked after abusive message of one of the developers of the control panelUse of unsafe method of encoding in ZPanel was repeatedly criticized. 05/16/2013Vulnerability in Apache mod_rewriteThe flaw allows executing arbitrary command when viewing the log file by the server administrator. 05/15/2013Hacker gets 1 year of house arrest for PlayStation Network hack23- year-old man destroyed all evidence and authorities couldn’t prove he was involved in the hack. 05/14/2013U.S. government – biggest buyer of malwareWhite House owns not only data centers that perform DoS-attacks against enemies’ systems, but also such software as Stuxnet. 05/14/2013Critical vulnerability in NGINX fixedVulnerability allowed execution of arbitrary code on the target system. 05/08/2013D-Link fixes vulnerabilities in several models of routers and IP camerasBug allowed unauthenticated users to gain access to video stream. 05/07/2013Zero-day vulnerability in Microsoft Internet ExplorerAttackers used a zero-day vulnerability to perform the attack on visitors of federal institutions websites. 05/06/2013CWE weaknesses explainedGuys from High-Tech Bridge did a good job creating glossary that explains CWE classification of different vulnerabilities in software. 05/03/2013FaaS offerings marketed via FacebookThere are distinct sale items being offered by the developers of the Zeus-like botnets. 04/30/2013Reuters employee fired for assisting AnonymousThe suspect assisted to commit attacks on The Tribune Company. 04/23/2013Face recognition system could not identify Boston terroristsAccording to experts, the system did not work because the photos were of poor quality. 04/22/2013One more way to unlock MS Office 2007/2010 documentsSpecially created program allows opening any document protected by a password. 04/22/2013LulzSec hacker gets a year in prison for Sony breachThe attack cost Sony Corporation $ 600 000 in damage. 04/19/2013Microsoft releases fix for MS13-036Company created a program capable of removing the bad update automatically. 04/19/2013Google paid $ 30 thousand for vulnerabilities in Chrome OSVulnerabilities were found by a researcher who wrote demo exploit code and a detailed description of flaws. 04/18/2013The House of Representatives will reconsider CISPAIntelligence Committee approved the introduction of legislation for a second vote on Wednesday. 04/16/2013New details on bug on PayPal’s websiteThe critical flaw allowed hackers to inject commands through the vulnerable web app. 04/15/2013Bitcoin-exchange Mt. Gox suffered second DDoS-attackExchange was not available for the users most of the day on April 11. 04/12/2013Researcher hacks airplanes navigation systemsHugo Teso used Android-based smartphone to perform the attack. 04/11/2013Jimmy Wales offers three solutions of blocking Wikipedia in RussiaThe founder of the online encyclopedia said that the situation can be managed in three ways. 04/10/2013Microsoft account getting two-factor authentication soonExperts will create special password generator for devices that do not support the functionality. 04/10/2013Microsoft, Nokia and Oracle: Google violates antitrust lawsThe complaint filed against Google concerns the mobile operating system Android. 04/09/2013Saudi Arabia wants Skype, Viber and WhatsApp to comply with government rulesAuthorities state that the apps will be banned if they fail to follow their recommendations. 04/04/2013New Trojan targets computers in the Middle EastBaneChant contains fileless malicious code and uses short URL or dynamic DNS-servers for users’ redirection. 04/03/2013Hundreds of Android apps for Google Play infected with malwareMore than two hundred apps containing ‘XXX’ content are infected with malware that uses “one-click fraud” technology. 04/03/2013Anonymous stole 15 thousand passwords from North Korean siteHackers oppose to North Korea government’s dictatorship. 04/02/2013Vulnerabilities in Apple iMessage allow performing DoS-attacks and blocking the deviceThe attacks appear to have originated with a Twitter account involved in selling UDIDs. 04/02/2013Backdoor uses Evernote as C&C serverMalware also uses the service as a drop-off point for hijacked data. 03/29/2013One of Anonymous arrested for attack on Koch IndustriesHacker is convicted of helping Anonymous to take down the Koch Industries’ website. 03/28/2013Experts: Any mobile phone user can be easily identifiedResearchers need only four locations and times to identify a particular user. 03/26/2013Matthew Garrett: Samsung notebooks’ UEFI-firmware gets locked when memory is fullAccording to the security expert, in order to function normally, the variable store must be less than 50% full. 03/26/2013Windows Blue Build LeakedThe developers managed to grant users with higher level of personalization control. 03/25/2013Five critical vulnerabilities found in Android-smartphonesSamsung was notified about the problems in January 2013 but didn’t respond to the researcher’s messages. 03/22/2013NATO: Killing hackers is justifiedCommissioners made a couple of suggestions on how to make cyberwars more peaceful. 03/22/2013Chameleon botnet steals $ 6.2 million from advertisers per monthThe botnet has about 120,000 hosts, located in the United States. 03/20/2013Trend Micro: SCADA-systems are the main target of hackersExperts analyzed attacks on ICS / SCADA-device by setting up honeypot. 03/19/2013Google will pay $ 7 million for illegal interception of data transmitted over Wi-FiThe company is accused of American citizens’ privacy breach while using the Street View program. 03/13/2013Attacks on Microsoft and Facebook carried out using mobile app development sitesNearly 40 companies were the victims of such attacks over the last few months, including car manufacturers, U.S. government agencies and a candy company. 03/12/2013“Reporters Without Borders” named main enemies of the InternetInternational organization published a new report containing a list of countries that are the main threat to the freedom of the Web. 03/12/2013Chinese authorities use Skype to spy on usersDatabase of tracked keywords of the Chinese Skype version contains thousands of items and is continually enlarging. 03/11/201361-year-old hacker convicted in corporate hacking caseThe former president of transportation logistics firm Exel hacked into the servers of his former employer. 03/06/2013SCADA-sandbox allows testing the impact of cyberattacks on critical infrastructureThe new organization, which operates in Montreal, is capable of finding methods to block cyberthreats in real time. 03/05/2013PayPal: The era of online passwords comes to an endThe company wants to use embedded fingerprint scanners on mobile phones to authenticate users. 02/28/2013US start unprecedented counter-attack on Chinese hackersSuch measures will be held as a response to attacks of Chinese hackers who are accused of stealing American industrial secrets. 02/22/2013Fake Chrome extension compromises Facebook profilesHackers use malware which allows them to gain full control over Facebook profiles. 02/21/2013KrebsOnSecurity: Bit9 Breach Started in July 2012The custom-made malicious software was deployed last year in attacks against U.S. Defense contractors. 02/21/2013Hacker attacked the computers of Apple’s employeesThe company said in a statement that sensitive information was not compromised. 02/20/2013More Than 6 000 Users Signed Microsoft’s “Scroogled” PetitionAnalysts call Microsoft’s campaign a failure, if taking into account that only 0.002 percent of Google’s users signed the petition. 02/15/2013Rodpicom worm aims at infecting Skype and MSN Messenger usersThe worm installs a backdoor on the user's system to download additional malware, sends spam, and connects to the C&C server to download its new versions. 02/13/2013YouTube will be blocked in Egypt for “Innocence of Muslims”Google was not notified about the recent court ruling and didn't receive any orders. 02/11/2013Researchers warn about Whitehole Exploit KitNew toolkit is notable for an ability to hide itself from antimalware detections. 02/07/2013MITRE: Three Possible Ways of New CVE IdentificationNew ways of identifying will give a possibility to register about 999 999 vulnerabilities per year. 02/07/2013Fortinet on “Crime-as-a-Service”According to the company’s report, criminals are trying to create a definite structure in order to organize cybercrimes. 02/07/2013FBI busted cybercriminal ring responsible for $850 lossesCriminals infected the computers of Facebook users with the malware ‘Yahos’. 12/12/2012Iranian authorities have opened access to GmailGmail is now available as users can no longer switch from Gmail to YouTube. 10/01/2012Operation b70: Microsoft has the right to take over domainsUS District Court ruling allows Microsoft to take over domains related to the Nitol virus. 09/14/2012Insiders assisted the hackers to breach Saudi AramcoThe attack was carried out with the help of Shamoon - virus, which was distributed to the company’s intranet and deleted all the data from computers’ hard drives. 09/07/2012The Big Brother gathers IPs of BitTorrent usersThe lists of BitTorrent users are usually updated once in three hours. 09/05/2012Antisec leak data on 12 million Apple clientsHackers posted a file with 1 million Unique Device Identifiers. 09/04/2012Hackers repeatedly broke into Saudi AramcoThe second attack allowed the hackers to steal company’s confidential information. 08/29/2012Saudi Arabia's National Oil Company attacked with virus originated from external sourcesIn the official statement the company noted that roughly 30,000 workstations were affected via cyberattack. 08/27/2012Google: USA needs to ditch software patentsAccording to Google, software patents are not helpful to innovation. 08/23/2012Multiple vulnerabilities in Flash Player, Apache and Foxit Reader found and patchedNaked-Security.com recommends users to install security patches as soon as possible. 08/22/2012Crooks use iPhone rush to exploit fresh Flash Player flawThe malicious .doc attachments contain CVE-2012-1535 exploit. 08/21/2012Krebs got new details about Grum botnetThe researcher claimed that the Grum control server hosted a large number of email addresses — more than 350 GB. 08/20/2012Court: Dotcom has the right to see FBI evidence against himAccording to the judge, suppression of evidence limits Dotcom lawyers’ ability to participate in hearings. 08/17/2012Washington uses TrapWire technology to spy on peopleSecret documents revealing the government spy network that uses ordinary surveillance cameras were leaked on WikiLeaks. 08/15/2012Google will punish pirate sites with low search rankingsSearch ranking will depend on valid takedown notices from right holders. 08/13/2012"Kaspersky Lab" found new cyber-weapons used in the Middle EastThe new virus affected the customers of Citibank and of the payment system Paypal. 08/10/2012Twitter disclosed the data of the user who threatened to attack people at the Broadway theatreSubpoena allowed the NYPD to get the needed information and continue the investigation of the incident. 08/08/2012LinkedIn spent $1 million on data breach investigationThe company wants to implement more reliable technologies for users’ data protection to prevent data breaches in the future. 08/07/2012Breaking iCloud account allowed hackers to remotely wipe iPhone, iPad and MacBook AirHackers got access to journalist’s account via Apple tech support and some clever social engineering that let them bypass security questions. 08/06/2012Missile Defense Agency staff banned from surfing porn sitesAccess to the pornography resources can result in disciplinary action for agency staff. 08/03/2012Linux-based systems affected by bogus leap secondExperts believe that under the guise of another time synchronization, Linux-based systems were the target of DoS-attack. 08/02/2012Ubisoft patch critical Uplay vulnerabilityThe Uplay flaw allowed specially crafted web pages to run arbitrary files. 07/31/2012Report: Free mobile apps pose security threatsThe Appthority’s report indicates risks that top 50 free apps bring. 07/30/2012Leak cost Global Payments more than $100 millionGlobal Payments has paid $84 million for investigation and compensation and is going to pay additional $25-35 million next year. 07/27/2012Dr. Web discovers new cross platform TrojanThe BackDoor.DaVinci.1 malware features a special bomb module that can destroy an OS installation completely. 07/26/2012Intego spots new Mac OS X TrojanCrisis malware could compromise a system with low level of privileges. 07/25/2012US President calls for Cybersecurity act 2012Barack Obama encourages Congress to send him comprehensive legislation on cybersecurity. 07/23/2012Russian hacker arrested in CyprusThe man is accused of conducting DDoS attacks on Amazon, Ebay and Priceline. Criminals who stole money from bank accounts were arrested in RussiaCriminals had a hidden remote access to banks’ computers and that helped them to steal the money. 07/17/2012German police investigates Anonymous activitiesGerman law enforcement agencies are interested in actions of the hacking group Anonymous aimed at the struggle against the spread of child pornography on the Internet. 07/16/2012American journalists can be prosecuted for leaked informationLawmakers claim that journalists publish confidential information for personal gain, endangering U.S. national security. 07/13/2012The founder of poker site stole $ 430 million operating a Ponzi schemeFull Tilt Poker CEO is accused of gambling, bank fraud, and money laundering offenses. 07/13/2012453,000 Yahoo! user creds leakedHackers claim that they used a union-based SQL injection method to penetrate Yahoo! subdomain. 07/12/2012Copyright infringement in Japan may result in jail sentenceThe Recording Industry Association of Japan has developed a spying system, that automatically detects the unauthorized music downloads. 06/27/2012Malware writers develop pricing systemAccording to Trusteer, malware writers implement an “a la carte” pricing system. 06/26/2012US Senate seeks control of data breach notification processThe government is trying to improve the process of notifying users about leaks of personal data. 06/25/2012Two co-founders of The Pirate Bay to appeal with the European Court of Human RightsThe process in the European Court of Human Rights can last for 4-5 years. 06/22/2012Fresh IE bug being actively exploitedIE 8 users are strongly recommended to upgrade or patch the browser. 06/20/2012Google calls government requests to censor Internet content “alarming”Governments of different countries want to block mainly political content. 06/18/2012Skype is officially illegal in EthiopiaEthiopia authorities consider VoIP a threat to national security. 06/15/2012LinkedIn e-mail alerts erroneously considered to be spamSocial network reported that stolen user data was not compromised. 06/14/2012Last.fm passwords leakedPopular internet radio confirmed the leak of the user passwords and reported the beginning of the investigation. 06/08/2012RIAA: Google and Bing should censor pirate sitesSearch engines should implement specific mechanisms to reduce the number of pirate sites in search results. 06/07/2012Facebook notifies users of DNSChanger infectionA message from Facebook will contain a link to the DNSChanger Working Group's website, which provides all the necessary data about malware and instructions on how to remove it. 06/06/2012Kaspersky Lab labeled Mac OS X “really vulnerable”Kaspersky Lab has recently initiated the analysis of the Mac platform. 05/15/2012Critical flaw in PHP found & patchedThe vulnerability allows attacker to execute arbitrary code. 05/04/2012Children suffer from identity theft 35 times more often than adults.Hackers are interested in identity of young children as they have yet to apply for anything to start a credit history. 05/04/2012“The Unknowns” attack NASA, ESA and US Air ForceThe information posted on Pastebin includes usernames, passwords and other data obtained from the breached sites. 05/03/2012Iranian police finds evidence of cyberattacks on country’s ministriesHackers recently attacked some of Iranian ministries and companies. 05/02/2012VKontakte used its users as bots in a DDoS attackThe most popular social network in Russia “VKontakte” used its users as bots in a DDoS attack against another Russian project antigate.com. 04/27/2012Chinese filmmakers accused YouTube of copyright infringementThe Hong Kong Motion Pictures Industry Association (MPIA) has found more than 500 illegally posted clips of 200 Hong Kong films on YouTube. 04/26/2012Windows 8 cred steal hole foundHack tool will be presented by security expert called gentilkiwi. 04/26/2012Hackers attacked Iranian oil terminalSensitive information about Iran’s oil industry was not affected. 04/24/2012YouTube lost a lawsuit in Germany over music videosDuring the court hearing the German industry group claimed that YouTube had not done enough to stop copyrighted clips being posted. 04/23/2012Anonymous launched a site to post any material with complete anonymityThe new site offers 256-bit AES encryption at the browser level. 04/19/2012"Dr. Web" informed about a botnet with 1,5 million hostsVirus Win32.Rmnet.12 enables the attacker to execute any command on the user’s computer and even to crash down the operating system. 04/18/2012The Dutch Pirate Party filed a lawsuit against the anti-piracy organizationThe Dutch Pirates claim that the actions of the anti-piracy organization are the violation of human rights. 04/17/2012Backdoor in HP ProCurve switches, act ASAPHewlett Packard issued a security advisory about HP ProCurve 5400 zl switches containing malware on CompactFlash (CF) cards. 04/12/2012Chinese app stores contain security vulnerabilitiesThe Chinese authorities are concerned about the security level in the app stores run by mobile operators China Mobile and China Telecom. 04/12/2012Backtrack Linux 1.7.2 released, patched security holePrivilege escalation vulnerability was spotted during Ethical Hacking class organized by InfoSec Institute. 04/12/2012Former Intel’s employee stole company’s sensitive information worth $400 millionAt the trial the defendant pleaded guilty to illegally downloading the valuable computer chip manufacturing and design documents. 04/10/2012Virus Flashback affected 550,000 PCsMalware was able to infect 550,000 computers based on Mac OS X. 04/09/2012Twitter starts fighting spammers in courtTwitter has filed a lawsuit in San Francisco federal court against five "most aggressive" spammers. 04/06/2012Arizona officials intend to censor the InternetAccording to the bill, any use of electronic and digital devices for intimidation, threats, harassment or abuse of people is considered to be illegal and prohibited. 04/04/2012Kelihos.B had found a new and social way to expandThe researchers claim that criminals are able to regain control of the infected computers. 04/03/2012At least 1,5 million Visa and MasterCard credit card numbers were compromisedVisa and MasterCard credit card numbers have been compromised by the Global Payments security breach. 04/02/2012Google patches 9 vulnerabilities in ChromeThree of the fixed vulnerabilities have a high risk rank. 03/30/2012US authorities caught the most dangerous carderChris Aragon pled guilty to 50 felony counts and property damage of more than $ 1 million. 03/29/2012AWOL soldier stole Microsoft co-founder’s identityAWOL soldier is accused of trying to conduct more than $15,000 using the debit card, he illegally obtained. 03/28/2012Internet Watch Foundation: Paedophiles hide child abuse images in web shopsThe sites used by abusers look legitimate but paedophiles can reach the images via a route, which takes them to a specific section of the site. 03/27/2012French users of terrorist Web sites will be criminally punishedUsers in France are banned from visiting web-sites that encourage terrorism or hate crimes. 03/23/201214 bank websites contain XSS vulnerabilitiesCriminals could use XSS vulnerabilities to hack into bank accounts of their victims. 03/23/2012LulzSec Welcome BackThe hacking group LulzSec announced that they would reboot on April 1, 2012. 03/22/2012Duqu development team is still operationalCreators of Duqu Trojan are developing their threat and using it in attacks. 03/21/2012CIA plans to use bugs in home appliancesCIA director is confident that home appliances with bugs will transform the art of spying. 03/21/2012Law enforcement agencies will use Microsoft PhotoDNA technology to fight child pornographyThe technology will help to carry out child sex abuse investigations, rescue the victims and bring abusers to justice. 03/20/2012Thai authorities block 5 thousand sites insulting royalsSome critics claim that such actions of Thai authorities are just an attempt to censor the Internet more harshly. 03/15/2012Microsoft: Dorkbot operators built a botnet with substantial number of zombiesWorm Win32/Dorkbot features rootkit component and uses a simple IRC protocol to communicate with C&C servers. 03/14/2012Microsoft patches Remote Control Desktop Protocol bugThe bug would allow network execution without any authentication, and has all the ingredients for a class worm. 03/14/2012Yahoo! claims Facebook infringes 10 of its patentsThe patents, mentioned by Yahoo!, are essential for the social network Facebook. 03/13/2012Google gave out $120 000 as Pwnium prizeTwo security researchers managed to bypass Chrome’s sandbox. 03/12/2012Sabu cooperated with FBI immediately after his arrestSabu helped U.S. authorities to arrest five other members of the hacking group LulzSec. 03/12/2012Ukrainian government plans to impose taxes on Skype usersUsers of Skype and other similar applications used for communication might be taxed. 03/06/2012Hackers stole Michael Jackson’s music catalogue from Sony50,000 Michael Jackson’s music files were stolen as a result of security breach at Sony Music. Anonymous DoS tool included Zeus TrojanThe Trojan was built into the tool that Anonymous use to perform DDoS attacks the same day as the FBI Megaupload raid. 03/02/2012Ireland passed a local SOPAIrish authorities claim that the bill will be enforced with respect for the ISPs. 03/02/2012Irish Senators want ISPs to block child abuse material onlineIrish ISPs were accused of dealing with the problems of copyright infringement more than child abuse images. Interpol arrested 25 members of hactivists group AnonymousThe arrests were made in Argentina, Chile, Colombia and Spain, 250 items of computer equipment and cellphones were seized. 02/29/2012Megaupload founder remains a free manIn court Dotcom and his wife asked for permission to have access to $185,130 to pay rent of their mansion, security guards and other household staff’s services. Microsoft warned about possible financial information leakMicrosoft Store India web-site hack could cause customers’ financial information leak. 02/28/2012Google will give $1 million for Chrome hackingDevelopers claim that exploits for vulnerabilities in Chrome browser will help them to learn and develop. Five million Stratfor emails published by WikiLeaksStratfor claims that WikiLeaks actions are an attempt to silence and intimidate the company. USA put the usage of personal data under controlCompanies should provide users appropriate control over their personal data, clear description why they need it and how they will use it. 02/24/2012Web firms agreed to support do-not-track technologyDo-not-track technology will provide people with more control over the personal data collected about them. Megaupload founder released on bailKim Dotcom was released on bail, as he had no resources to flee New Zealand. 02/22/2012Credentials exposure vulnerability discovered in WindowsLocal administrator can disclose credentials of authenticated users. 02/21/2012British ISPs might block The Pirate BayAccording to UK high court, The Pirate Bay unlawfully shared copyrighted music. Regime’s supporters in Syria use spyware against opposition activistsMalware steals personal information of its victims and sends it to a server of a government-owned telecommunications company in Syria. Most of DNS server implementations are vulnerable to DNS-poisoning attacksA study revealed that cybercrooks can keep the domain names that had been deleted by upper level DNS servers resolvable. 02/17/2012Anonymous threaten to “kill” the InternetAfter cutting DNS servers, the HTTP Internet will be disabled, because nobody will be able to perform a domain name lookup. 02/17/2012Ukrainian governmental web-sites faced heavy DDoS-attacks for closing file-sharing service ex.uaEx.ua, one of the largest file-sharing services, was shut down by officials in Ukraine. 02/02/2012Bosnian national collected and distributed a great amount of child pornThe agents of the Bosnian Federal Police’s cybercrime unit arrested a Bosnian hacker, after they discovered he stored and distributed a great deal of child porn pictures and videos. 11/25/2011LibreOffice fixes virus-friendly Word import flawThe latest version of the software contains a fix for the problem. 10/07/2011Developer function enables phishing at American ExpressThe vulnerability is found in a debugging function that is reachable over the Internet without further protection. 10/07/2011Mozilla to Firefox users: Ditch crashtastic McAfee pluginMozilla is advising Firefox users to disable a McAfee plugin that the open-source browser supplier blames for a high volume of crashes. 10/06/2011Rackspace spins up OpenStack FoundationRackspace is letting go of key components of the OpenStack Linux-for-the-cloud initiative it is helping to lead, with the creation of an OpenStack Foundation. 10/05/2011Does Gove’s webmail policy breach Data Protection Act too?Does the use of Gmail or Hotmail by a Minister's Private Office (in order to evade Freedom of Information (FOI) obligations) also lead to breaches in the Data Protection Act? Well, I can see how this could be the case. 09/29/2011Mac malware uses Windows-style PDF camouflage ruseMac malware creators are adopting Windows malware camouflage trickery in a bid to trick users into running their malicious creations. RBS megahack maestro sells flats to pay fineA high-profile cybercrook who masterminded the $9m RBS Worldpay ATM heist in 2008 has sold two of his St Petersburg flats to pay off his fines. 09/21/2011Another Apache update due to byte range flawThe new version corrects and complements the first fix, which was released only two weeks ago. 09/14/2011Sabu hacked a website forum alleged to be distributing child pornSabu has taken over a website dedicated to Asian games. In actual fact the site was distributing child porn 08/30/2011Kaspersky study finds Adobe software is biggest security riskAccording to its newly released threat report for Q2 2011, software from anti-virus specialist Kaspersky Labs detected an average of twelve security vulnerabilities on its users' Windows systems. 08/16/2011The Case of Aaron Schwarz goes to CourtSchwarz is facing 35 years in prison and a $ 1 million fine under indictment. 07/29/2011Asian scammers hacked Irish computers to steal bank account detailsPseudo workers of Microsoft tricked Irish computer users. 07/26/2011WLAN Security Megaprimer DVD ReleasedSecurityTube.net released a DVD with over 40+HD videos containing 12+hours of Wireless Ownage. 07/22/2011UK police officers can check fingerprints on the spot nowUK police officers will have the new Mobile Identification service, which will allow them to scan the potential villain’s identity on the spot. 07/21/2011Lulz Security hackers attack Sun websiteA group of hackers attacked the website of the British newspaper The Sun, owned by News International. 07/19/2011Oracle to patch 78 vulnerabilitiesOracle has announced that it plans to close a total of 78 security vulnerabilities. 06/15/2011Security Breach Found in International Monetary FundForeign governments are accused of stealing sensitive information from International Monetary Fund. 06/13/2011Kino.to Shut Down by PoliceExecuted by Police raids in Germany, France, Spain and the Netherlands resulted in Kino.to shut down. 06/10/2011Sonny Suffers another Hack AttackPersonal information of 1 million Sony Pictures users has been exposed. 06/03/2011DIY – First Malware Kit for Mac OS X Just For $1 000A new malware kit discovered over this weekend brings advanced malware for Mac OS X users. 05/09/2011Mozilla Refused Homeland Security Request to Delete an Add-onMozilla decided to reject a request from the US Department of Homeland Security (DHS) to remove MAFIAAfire Redirector add-on. 05/06/2011Sony to Blame “Anonymous” for Successful Attacks on its NetworksDuring investigation security experts discovered that the intruders had planted a file on one of Sony`s Online Entertainment servers named “Anonymous” with the words “We are Legion.” 05/05/2011Adobe Implements Additional Privacy Enhancements for IE UsersAdobe announced that Flash Player 10.3 integrates with Internet Explorer`s Delete Browsing History. 05/05/2011Magix AG to Sue a Security ResearcherFor reporting vulnerability you might be sued by a vendor. 05/02/2011FBI to Destroy Coreflood BotnetA court has given the FBI permission to delete malware from infected computers. 04/29/2011Siemens May Have Helped to Create Stuxnet MalwareSiemens is accused of siphoning information about SCADA codes to a third party. 04/20/2011News 1 - 243 of 243 First | Prev. | 1 | Next | Last |
Security Advisories Database
Remote Code Execution Vulnerability in Microsoft OpenType Font DriverA remote attacker can execute arbitrary code on the target system. 07/21/2015Multiple Vulnerabilities in Linux kernel03/04/2015SQL Injection Vulnerability in PiwigoSQL inection vulnerability has been discovered in Piwigo. 02/05/2015Cross-site Scripting Vulnerability in DotNetNukeA cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke. 02/05/2015Cross-site Scripting Vulnerability in Hitachi Command SuiteA cross-site scripting vulnerability was found in Hitachi Command Suite. 02/02/2015Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk HandlingAn attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-ForwardsAn attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"An attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in Linux Kernel spliceAn attacker can perform a denial of service attack. 01/29/2015Denial of service vulnerability in Python Pillow Module PNG Text Chunks DecompressionAn attacker can perform a denial of service attack. 01/20/2015 |