RiskIQ analyzed 120 mobile app stores and more than 2 billion daily scanned resources. In listing and analyzing the app stores hosting the most malicious mobile apps and the most prolific developers of malicious apps, their Q3 mobile threat landscape report documents an increase in blacklisted apps over Q2, as well as the continued issues of imitation and trojan apps in official app stores and...
Read More
Hackers compromised computer systems at an Australian Airport and stole sensitive security details and building plans. The man was identified and arrested. Hackers compromised computer systems at the Australian Perth Airport and stole sensitive security details and building plans. The culprit has a name, he is the Vietnamese citizen Le Duc Hoang Hai (31) who accessed the systems in March last year using credentials of a third-party contractor. “A skilled hacker in...
Read More
Attackers demonstrated the power of an IoT-fueled botnet in 2016 when the Mirai botnet took down major websites like Reddit, Twitter and GitHub. Despite the damages, no significant changes to the IoT industry occurred. As a matter of fact, consumers continue to purchase and deploy IoT devices with little care outside the guarantee that the device works and the price tag is cheap. Manufacturers continue to pump...
Read More
Netflix is home to more than 100 million users from around the world and since it is a paid service the chances of online threats against the service are higher than usual. Recently, HackRead detected a phishing scam that targets personal and financial data of Netflix users in the name of updating their payment method. Although there is nothing new about Netflix scams, when a phishing email comes right in your...
Read More
In a Dark Web marketplace, one can buy anything from illegal drugs to weapons, fake documents to malicious software and even stolen databases, etc. Although after the shut down of Hansa and AlphaBay marketplace, buying and selling have slowed down. It does not, however, mean it has been fully curbed. Recently, a dark web monitoring firm 4iQ discovered a massive trove of 41GB data file containing 1.4 billion billion login credentials including emails and...
Read More
Despite the huge impact WannaCry and NotPetya had on organizations, the two ransomware campaigns earlier this year did little to affect budgets or boardroom interest in security, according to a new study. AlienVault polled over 230 information security professionals around the world to see if anything had changed following the two major attack campaigns of May and June. The bad news is that only 14% have...
Read More
The Indian Defence Ministry has advised troops stationed on the Chinese border to uninstall Chinese-made apps from their smartphones. In an advisory sent to troops at the end of November, Indian authorities warned soldiers that Chinese apps transmit user data back to servers located in China, and the Chinese government may use data collected by these services to pinpoint their location across the border. Advisory...
Read More
HP has released driver updates for hundreds of notebook models to remove debugging code that an attacker could have abused as a keylogger component. The keylogging code was present in the SynTP.sys file, which is part of the Synaptics Touchpad driver that ships with some HP notebook models. “The logging was disabled by default but could be enabled by setting a registry value,” said Michael Myng,...
Read More
Description: A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with...
Read More
A vulnerability in the mobile apps of major banks could have allowed attackers to steal customers’ credentials including usernames, passwords, and pin codes, according to researchers. The flaw was found in apps by HSBC, NatWest, Co-op, Santander, and Allied Irish bank. The banks in question have now all updated their apps to protect against the flaw. Uncovered by researchers in the Security and Privacy Group...
Read More