Zeljka Zorz
Mass login attempts compromise 24,000 Nintendo site accounts
Some 24,000 user accounts – but luckily no user financial information – were compromised in mass login attempts to the Club Nintendo website. The global website is …
Multi-platform Java RAT targeting government agencies
A new spear-phishing campaign targeting government agencies mostly in the US, Canada, Australia, a few European countries and the Russian Federation has been spotted by …
“Pinterest Tool” scam aimed at stealing login credentials
Last week we warned about fake “Password changed” emails targeting users of the popular photo-sharing website, but there has been a general uptick in …
Critical Cryptocat group chat bug fixed
A critical security vulnerability in Cryptocat versions older than 2.0.42 has been patched and developers are urging users to update to the latest available version of the …
Trojanized Android app collects info, comments on NSA surveillance
An unusual Android Trojan has been recently unearthed by McAfee’s researchers, embedded in a pirated version of a legitimate music app. The app in question is Jay Z …
Fake Pinterest “Password changed” email leads to malware
Pinterest users beware: an email purportedly coming from the popular pinboard-style photo-sharing website and notifying you of a successful password reset is fake: If you …
Android bug allows app code change without breaking signatures
Researchers from Bluebox Security have discovered a critical Android flaw that allows attackers to modify the code of any app without breaking its cryptographic signature, and …
Aggressive Android adware masquerading as Wi-Fi password cracking app
Statistics say that Android malware and aggressive adware is on the rise, so the fact that researchers occasionally find some of it on legitimate online app markets should not …
Darkleech Apache module injection campaign delivers malware
One of the most successful malware infection campaigns ever is still going strong, and researchers have not come closer to discovering how the attackers are compromising web …
System Doctor 2014: A fake AV for the upcoming year
In an effort to keep one step ahead of security solutions and attentive users, peddlers of fake AV solutions often change the name of the malware they are trying to sell. …
“Blizzard Entertainment IP Restrictions” phishing email doing rounds
Blizzard Entertainment has acknowledged that the notification email that has been hitting users’ inboxes and has been purportedly sent by the company is, in fact, a …
Information Security Risk Assessment Toolkit
It is a truth universally acknowledged that in order to know what company IT assets you should protect and how, you need to first perform a risk assessment. But how do to go …
Featured news
Resources
Don't miss
- China-linked Murky Panda targets and moves laterally through cloud services
- Five ways OSINT helps financial institutions to fight money laundering
- DevOps in the cloud and what is putting your data at risk
- Russian threat actors using old Cisco bug to target critical infrastructure orgs
- AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged