vulnerabilities – Computer Security Articles

A week in security (May 13 – 19)

May 20, 2019 admin Android, bloatware, breaches, crysis ransomware, DDos attack, dharma, hacking, healthcare cybersecurity, mds, meltdown, microsoft, ransomware, Security world, server vulnerabilities, spectre, typosquatting, VPN, vulnerabilities, Week in security, WhatsApp

Credit to Author: Malwarebytes Labs| Date: Mon, 20 May 2019 15:57:29 +0000

A roundup of security news from May 13–19, including ransomware attacks on the upswing, website hacking, pseudo-VPNs, bloatware, and more.

Categories:

Tags: Android bloatware breaches crysis ransomware DDos attack dharma hacking healthcare cybersecurity mds Meltdown microsoft ransomware server vulnerabilities Spectre typosquatting vpn vulnerabilities whatsapp

(Read more…)

The post A week in security (May 13 – 19) appeared first on Malwarebytes Labs.

Kaspersky Security

One call on WhatsApp is enough to establish surveillance

May 14, 2019 admin Exploits, messengers, news, Pegasus, spyware, Threats, vulnerabilities, WhatsApp

Credit to Author: Alex Perekalin| Date: Tue, 14 May 2019 12:27:07 +0000

A newly discovered vulnerability allows hackers to eavesdrop on WhatsApp users, read their chats, and install spyware just by calling them. Update the app now!

MalwareBytes Security

Vulnerabilities in financial mobile apps put consumers and businesses at risk

May 8, 2019 admin 101, app vulnerabilities, client-side injection, development hygiene, exposure of database parameters and sql queries, financial, financial mobile app flaws, FYI, implicit trust of all certificates, insecure data storage, insecure random number generator, lack of binary protections, Man In The Middle, man-int-the-middle, MITM, private key exposure, secure app development, security hubris, SQL Injection, unintended data leakage, vulnerabilities, weak encryption

Credit to Author: Jovi Umawing| Date: Wed, 08 May 2019 16:30:00 +0000

It’s good to know that your bank’s website boasts that little green padlock, promotes secure communication, and follows a two-factor authentication (2FA) scheme. But are their mobile apps equally secure?

Categories:

Tags: app vulnerabilities client-side injection development hygiene exposure of database parameters and sql queries financial financial mobile app flaws implicit trust of all certificates insecure data storage insecure random number generator lack of binary protections man-in-the-middle man-int-the-middle mitm private key exposure secure app development security hubris SQL injection unintended data leakage vulnerabilities weak encryption

MalwareBytes Security

Electrum Bitcoin wallets under siege

April 16, 2019 admin bitcoin, bitcoins, Botnet, cybercrime, ddos, Electrum, exploit kit, Exploits, RIG, RIG EK, Social engineering, vulnerabilities, wallet

Credit to Author: Malwarebytes Labs| Date: Tue, 16 Apr 2019 15:00:00 +0000

Threat actors are relentlessly phishing and attacking Electrum Bitcoin wallet users, racking up millions of dollars.

Categories:

Tags: bitcoin bitcoins botnet ddos Electrum exploit kit exploits RIG RIG EK vulnerabilities wallet

(Read more…)

The post Electrum Bitcoin wallets under siege appeared first on Malwarebytes Labs.

Kaspersky Security

CVE-2019-0859: A zero-day vulnerability in Windows

April 15, 2019 admin APT, Business, CVE, SMB, vulnerabilities

Credit to Author: Pavel Shoshin| Date: Mon, 15 Apr 2019 10:00:10 +0000

Our proactive security technologies uncovered an attempt to exploit another zero-day vulnerability in win32k.sys.

Kaspersky Security

Microsoft Office and its vulnerabilities

April 11, 2019 admin #TheSAS2019, Business, office, SAS, SAS 2019, Security Analyst Summit, SMB, vulnerabilities

Credit to Author: Kaspersky Team| Date: Thu, 11 Apr 2019 07:19:51 +0000

The Microsoft Office threat landscape, and the technologies that help us catch related zero-day exploits, were the focus of this talk at the SAS 2019 conference.

MalwareBytes Security

Who is managing the security of medical management apps?

April 10, 2019 admin 101, Business, Data Privacy, health apps, healthcare, HIPPA, medical apps, medical management apps, vulnerabilities

Credit to Author: Kacy Zurkus| Date: Wed, 10 Apr 2019 15:00:00 +0000

Because medical records are such a lucrative data set, attackers often target the healthcare industry, seeking out and eventually finding the weakest link in the supply chain. That’s why it’s important for stakeholders to consider the broader implications of cybersecurity weaknesses in medical management apps. But who should be held responsible?

Categories:

101
Business

Tags: Data privacy health apps healthcare HIPPA medical apps medical management apps vulnerabilities

Kaspersky Security

Potential problems with third-party Web plugins

April 3, 2019 admin CMS, internet, news, plugins, Supply chain, vulnerabilities, web

Credit to Author: Sergey Golubev| Date: Wed, 03 Apr 2019 20:08:26 +0000

Do you use plugins on your website? Make sure they are updated regularly.

Kaspersky Security

MSPs as a threat vector

March 27, 2019 admin Business, MSP, ransomware, SMB, vulnerabilities

Credit to Author: Nikolay Pankov| Date: Wed, 27 Mar 2019 20:42:52 +0000

Attackers display active interest in MSPs, exploiting vulnerabilities to infect their clients with cryptomalware.

Kaspersky Security

RSAC 2019: Seeking the perfect patching strategy

March 26, 2019 admin Business, news, patches, RSA conference, RSA2019, RSAC, SMB, Updates, vulnerabilities

Credit to Author: Alex Drozhzhin| Date: Tue, 26 Mar 2019 12:37:56 +0000

Researchers at RSAC 2019 reported on the current vulnerability landscape and built a model that helps with effective patching strategy.

MalwareBytes Security

A week in security (March 18 – 24)

March 25, 2019 admin bandersnatch, bec. cdc spam, Business Email Compromise, center for disease control and prevention, cybersecurity, Education, Epic Games, Facebook, formjacking, gandcrab, google photos, iPhone, kiddle, learn4life, malicious app, NETFLIX, Network Security, Password reuse, phishing, privacy, security fatigue, Security world, steam, vulnerabilities, Week in security

Credit to Author: Malwarebytes Labs| Date: Mon, 25 Mar 2019 15:46:38 +0000

A roundup of cybersecurity news from March 18–24, including Facebook’s privacy pivot, password reuse, new research on hospital phishing attacks, infected iPhone apps, and more.

Categories:

Tags: bandersnatch bec. cdc spam Business Email Compromise center for disease control and prevention cybersecurity education epic games facebook formjacking gandcrab google photos iPhone kiddle learn4life malicious app netflix network security Password reuse phishing privacy security fatigue steam vulnerabilities

(Read more…)

The post A week in security (March 18 – 24) appeared first on Malwarebytes Labs.

← Previous