Categories

Monthly Archives: November 2013

Potentially Unwanted Programs take the low road and steal users resources by installing Bitcoin Miners without their knowledge.

Malwarebytes finds an exploit in the Brazilian forum for TeamSpeak, a popular software among avid video game players.

Stuxnet: new light through old windows

A lesser known (and almost bypassed) version of Stuxnet shines new light on its attackers intentions and cyber arm capabilities.

Gmail Security Flaw Allows for Password Theft

A new vulnerability in Gmail allows for password theft of Google accounts.

Snoopy LG, smart TV spies on you.

A blogger reported his LG smart TV spying on him, under the guise of better targeted advertising shown on the dashboard of his LG smart TV.

Wireless carriers reject a “kill switch” which allow victims to brick their stolen smartphones.

Tracking the Locker

CryptoLocker has infected over 34,000 systems between September and early November with 79% of the infections have been located in the U.S. alone.

Hackers tampered with the popular forum software vBulletin and access customers data, like passwords. Rumours of zero day within the vBulletin software emerges.

An in-the-wild exploit targets Silverlight, a web plugin used by popular sites such as Netflix.

Cracked.com Found Serving Malware

In perhaps a bit of irony, the humor website cracked.com was flagged by Google’s Safe Browsing Technology. Cracked.com is a website derived from the original “Cracked” magazine back in the 1950′s. The website was formed in 2007 and has been making people laugh ever since. At least until it started infecting computers.

Mobile devices have become targets for malware and researchers alike, the latest news is on how our devices can be exploited to capture PIN codes. Researchers Laurent Simon and Ross Anderson from the University of Cambridge have created an app, PIN Skimmer, using the camera and microphone to capture the codes.

Back in July 2013, we had discovered a new method of spreading the infamous FBI ransomware by using JavaScript code and iframes to create an illusion that the victim’s browser was locked. After several months, the threat is still very much alive hopping from one domain name to the next. The message is still the same and […]

Bitcoins, Pools and Thieves

Bitcoin started out as a digital currency, free from duplication and free from centralization and assumed, free from organized crime. However over the last couple weeks, there have been two major incidents against online Bitcoin trading and storage that have resulted in the loss of approximately $5.4 Million in Bitcoins. The exchange rate currently lies […]

A lesser known aspect of the popular cloud storage Google Drive is its built-in site publishing feature that allows you to upload an entire directory containing static web files (HTML, JavaScript, CSS, etc.) and to publish your own website. Bad guys are uploading malicious scripts and using them as part of a well thought chain […]

[Update]: Microsoft has announced it will issue a patch for the newly discovered IE zero day tomorrow as part of the November Patch Tuesday. The vulnerability, now labeled CVE-2013-3918 affects an ActiveX control in Internet Explorer. More details can be found on Microsoft’s website. Last week we heard about a Windows zero day that allows attackers […]

Sourceforge Drives off Downloads, Ask why

Are we are starting to see the beginning of an exodus away from SourceForge as a hosting solution for software projects? Sourceforge is “a web-based source code repository. It acts as a centralized location for software developers to control and manage free and open source software development.”  as per their wiki. It has been a staple of many […]

Security: Finding the balance

A computer system can never be 100 percent secure. But there are steps you can take to be as safe and secure as you possibly can be.

New DoS Tool Discovered, Aimed at Healthcare.gov

As plenty of news coverage surrounding the technical difficulties on the Obamacare website continues, a new Denial of Service (DoS) tool has surfaced, designed to cause more disruptions. Researchers at Arbor Networks recently found the tool designed to perform attacks on the new healthcare website, found at https://www.healthcare.gov

Android Trojan gets an update

The Android Trojan Svpeng has some new functionality and is now capable of phishing and stealing banking information.

Hacked and Unpacked: The Piratebox

Build your own Piratebox, a small portable Wi-Fi access point modified with a custom firmware.

1 2

Subscribe to our YouTube Channel