vulnerabilities – Computer Security Articles

Cyberattack Lateral Movement Explained

August 12, 2019 admin 0 Comments cybercrime, Security, vulnerabilities, XDR

Credit to Author: Mark Nunnikhoven (Vice President, Cloud Research)| Date: Mon, 12 Aug 2019 15:11:56 +0000

[Lightly edited transcript of the video above] Hi there, Mark Nunnikhoven from Trend Micro Research, I want to talk to you about the concept of lateral movement. And the reason why I want to tackle this today is because I’ve had some conversations in the last few days that have really kind of hit that…

The post Cyberattack Lateral Movement Explained appeared first on .

Kaspersky Security

Update to iOS 12.4 right away

July 30, 2019 admin iMessage, iOS, iPhone, mobile devices, spying, Threats, vulnerabilities

Credit to Author: Alex Drozhzhin| Date: Tue, 30 Jul 2019 14:16:37 +0000

Six severe vulnerabilities in iMessage that allow remote execution and data stealing with no user interaction? Sounds like a good reason to update to iOS 12.4 as soon as possible.

MalwareBytes Security

Labs report: Malicious AI is coming—is the security world ready?

June 19, 2019 admin AI, Anomaly Detection, Artificial Intelligence, deep learning, deepfakes, fake news, machine learning, social media, vulnerabilities

Credit to Author: Malwarebytes Labs| Date: Wed, 19 Jun 2019 15:00:00 +0000

Malwarebytes Labs’ latest report looks at the near-future reality of malicious artificial intelligence (AI), evaluating how the technology is being used today, and how it realistically might be abused in the next few years.

Categories:

Artificial Intelligence

Tags: AI Anomaly Detection artificial intelligence deep learning deepfakes fake news machine learning social media vulnerabilities

MalwareBytes Security

A week in security (May 13 – 19)

May 20, 2019 admin Android, bloatware, breaches, crysis ransomware, DDos attack, dharma, hacking, healthcare cybersecurity, mds, meltdown, microsoft, ransomware, Security world, server vulnerabilities, spectre, typosquatting, VPN, vulnerabilities, Week in security, WhatsApp

Credit to Author: Malwarebytes Labs| Date: Mon, 20 May 2019 15:57:29 +0000

A roundup of security news from May 13–19, including ransomware attacks on the upswing, website hacking, pseudo-VPNs, bloatware, and more.

Categories:

Tags: Android bloatware breaches crysis ransomware DDos attack dharma hacking healthcare cybersecurity mds Meltdown microsoft ransomware server vulnerabilities Spectre typosquatting vpn vulnerabilities whatsapp

(Read more…)

The post A week in security (May 13 – 19) appeared first on Malwarebytes Labs.

Kaspersky Security

One call on WhatsApp is enough to establish surveillance

May 14, 2019 admin Exploits, messengers, news, Pegasus, spyware, Threats, vulnerabilities, WhatsApp

Credit to Author: Alex Perekalin| Date: Tue, 14 May 2019 12:27:07 +0000

A newly discovered vulnerability allows hackers to eavesdrop on WhatsApp users, read their chats, and install spyware just by calling them. Update the app now!

MalwareBytes Security

Vulnerabilities in financial mobile apps put consumers and businesses at risk

May 8, 2019 admin 101, app vulnerabilities, client-side injection, development hygiene, exposure of database parameters and sql queries, financial, financial mobile app flaws, FYI, implicit trust of all certificates, insecure data storage, insecure random number generator, lack of binary protections, Man In The Middle, man-int-the-middle, MITM, private key exposure, secure app development, security hubris, SQL Injection, unintended data leakage, vulnerabilities, weak encryption

Credit to Author: Jovi Umawing| Date: Wed, 08 May 2019 16:30:00 +0000

It’s good to know that your bank’s website boasts that little green padlock, promotes secure communication, and follows a two-factor authentication (2FA) scheme. But are their mobile apps equally secure?

Categories:

Tags: app vulnerabilities client-side injection development hygiene exposure of database parameters and sql queries financial financial mobile app flaws implicit trust of all certificates insecure data storage insecure random number generator lack of binary protections man-in-the-middle man-int-the-middle mitm private key exposure secure app development security hubris SQL injection unintended data leakage vulnerabilities weak encryption

MalwareBytes Security

Electrum Bitcoin wallets under siege

April 16, 2019 admin bitcoin, bitcoins, Botnet, cybercrime, ddos, Electrum, exploit kit, Exploits, RIG, RIG EK, Social engineering, vulnerabilities, wallet

Credit to Author: Malwarebytes Labs| Date: Tue, 16 Apr 2019 15:00:00 +0000

Threat actors are relentlessly phishing and attacking Electrum Bitcoin wallet users, racking up millions of dollars.

Categories:

Tags: bitcoin bitcoins botnet ddos Electrum exploit kit exploits RIG RIG EK vulnerabilities wallet

(Read more…)

The post Electrum Bitcoin wallets under siege appeared first on Malwarebytes Labs.

Kaspersky Security

CVE-2019-0859: A zero-day vulnerability in Windows

April 15, 2019 admin APT, Business, CVE, SMB, vulnerabilities

Credit to Author: Pavel Shoshin| Date: Mon, 15 Apr 2019 10:00:10 +0000

Our proactive security technologies uncovered an attempt to exploit another zero-day vulnerability in win32k.sys.

Kaspersky Security

Microsoft Office and its vulnerabilities

April 11, 2019 admin #TheSAS2019, Business, office, SAS, SAS 2019, Security Analyst Summit, SMB, vulnerabilities

Credit to Author: Kaspersky Team| Date: Thu, 11 Apr 2019 07:19:51 +0000

The Microsoft Office threat landscape, and the technologies that help us catch related zero-day exploits, were the focus of this talk at the SAS 2019 conference.

MalwareBytes Security

Who is managing the security of medical management apps?

April 10, 2019 admin 101, Business, Data Privacy, health apps, healthcare, HIPPA, medical apps, medical management apps, vulnerabilities

Credit to Author: Kacy Zurkus| Date: Wed, 10 Apr 2019 15:00:00 +0000

Because medical records are such a lucrative data set, attackers often target the healthcare industry, seeking out and eventually finding the weakest link in the supply chain. That’s why it’s important for stakeholders to consider the broader implications of cybersecurity weaknesses in medical management apps. But who should be held responsible?

Categories: