Sage and Satan Ransomware, Double TroubleMon, 23 Jan 2017 16:00:24 +0000 A spam campaign has started spreading Sage ransomware, while a ransomware service known as Satan allows users to customize distribution.
Massive Twitter Botnet Dormant Since 2013Mon, 23 Jan 2017 13:52:24 +0000 Researchers from the University College London have found a Twitter botnet of 350,000 bots that has been dormant since shortly after the accounts were registered.
Threatpost News Wrap, January 20, 2017Fri, 20 Jan 2017 16:50:04 +0000 Mike Mimoso, Tom Spring, and Chris Brook discuss security-wise what they hope will and won't change under a Trump presidency, then discuss the news of the week, including SHA-1 deprecation, Carbanak's return, and the WhatsApp "backdoor" debacle.
The Changing Face of CarbanakThu, 19 Jan 2017 20:35:52 +0000 Carbanak has moved away from its exclusive focus on financial services, branching out to attacks against hospitality and retail.
Locky Limps Back into Action After LullThu, 19 Jan 2017 19:07:25 +0000 Researchers say the Necurs spam botnet is limping back into action with two new campaigns that could be the telltale signs of a future full-scale attack.
# Reddit netsec
# Krebs On Security
Who is Anna-Senpai, the Mirai Worm Author?Wed, 18 Jan 2017 17:48:12 +0000 On September 22, 2016, this site was forced offline for nearly four days after it was hit with “Mirai,” a malware strain that enslaves poorly secured Internet of Things (IoT) devices like wireless routers and security cameras into a botnet for use in large cyberattacks. Roughly a week after that assault, the individual(s) who launched that attack -- using the name “Anna Senpai” -- released the source code for Mirai, spawning dozens of copycat attack armies online.After months of digging, KrebsOnSecurity is now confident to have uncovered Anna Senpai’s real-life identity, and the identity of at least one co-conspirator who helped to write and modify the malware.
Adobe, Microsoft Push Critical Security FixesWed, 11 Jan 2017 17:10:34 +0000 Adobe and Microsoft on Tuesday each released security updates for software installed on hundreds of millions of devices. Adobe issued an update for Flash Player and for Acrobat/Reader. Microsoft released just four updates to plug some 15 security holes in Windows and related software.
Extortionists Wipe Thousands of Databases, Victims Who Pay Up Get StiffedTue, 10 Jan 2017 18:06:47 +0000 Tens of thousands of personal and possibly proprietary databases that were left accessible to the public online have just been wiped from the Internet, replaced with ransom notes demanding payment for the return of the files. Adding insult to injury, it appears that virtually none of the victims who have paid the ransom have gotten their files back because multiple fraudsters are now wise to the extortion attempts and are competing to replace each other's ransom notes.
Libtiff 4.0.6 setrow Denial Of Service VulnerabilityTue, 17 Jan 2017 00:00 UTC The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable.
Linux Kernel 3 Denial Of Service VulnerabilityTue, 17 Jan 2017 00:00 UTC The buffers being passed in the invocation are copied from user memory into the context using copy_from_user. Lookup the buffer pointers from the context where it was copied rather than directly accessing it from the user memory.
Microsoft Windows Server 2008 Denial Of Service VulnerabilityTue, 17 Jan 2017 00:00 UTC Microsoft Windows Server is prone to a denial of service (DoS) vulnerability. This allow a remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources via certain vulnerable vectors.
Cisco IOS 12.2(44)ex1 Denial Of Service VulnerabilityWed, 18 Jan 2017 00:00 UTC Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause a denial of service (traffic-processing outage) via a crafted series of Common Industrial Protocol (CIP) requests, aka Bug ID CSCur69036.
Cisco IOS 15.6(1)t Cross Site Scripting VulnerabilityWed, 18 Jan 2017 00:00 UTC Cross-site scripting (XSS) vulnerability in the web framework in Cisco IOx Local Manager in IOS 15.5(2)T and IOS XE allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy19854.
Cisco Nx-os 4.1.(3) Denial Of Service VulnerabilityWed, 18 Jan 2017 00:00 UTC Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via malformed IPv4 DHCP packets to the DHCPv4 relay agent, aka Bug IDs CSCuq39250, CSCus21733, CSCus21739, CSCut76171, and CSCux67182.
almost all the content on this page comes from other sites and services - I make only minor attempts to sanitize it and take no responsability if it hurts you or your computer. for feedback please contact portal at b34tz.net.