A new denial-of-service (DoS) vulnerability was discovered in BIND DNS, updates available

A serious vulnerability was discovered in multiple versions of BIND DNS software that allows a remote attacker to conduct denial-of-service (DoS) attack. BIND is the most widely used Domain Name System (DNS) on the internet that enables you to publish your Domain Name System (DNS) information on the Internet, and to resolve DNS queries for your users. On Unix-like operating systems it...

96 total views, 2 views today


European Banks targeted by new version of ‘SmsSecurity’ Android malware

In 2014, Trend Micro discovered a cybercriminal operation, called ‘Operation Emmental’, that uses malicious apps to intercept SMS messages and hijack victim’s banking session. They uncovered that the malicious applications were posing as a banking application that supposedly generates one-time passwords (OTPs) in order to trick victims. These fake OTP generators were named as ‘SmsSecurity’. Two years later, Trend Micro researchers...

460 total views, no views today


New CryptoLuck ransomware infects victims through legitimate GoogleUpdate.exe application and DLL hijacking

A Proofpoint security researcher has discovered a new ransomware, called CryptoLuck, that infects target computers through the legitimate GoogleUpdate.exe executable and DLL hijacking. According to security researcher and exploit kit expert ‘Kafeine‘, CryptoLuck ransomware has been spotted being distributed via RIG-E exploit kit after redirection from compromised websites and malvertising. While Kafeine only specifically saw this sample through advertising in the Adult web site...

400 total views, 1 views today


Cisco ASR 5000 series router vulnerability allows remote attackers to cause DoS

A  vulnerability was reported in Cisco ASR 5000 and 5500 series routers that allows an unauthenticated remote attacker to conduct denial of service (DoS) attack by sending specially crafted Internet Key Exchange (IKE) messages. Cisco ASR 5000/5500 series routers are popular devices that provide single Multimedia Core Platform for common services across Wi-Fi, 3G, 4G packet core and small cells. These devices also uses...

361 total views, no views today


Three Mobile data breach: 6 million customers’ personal data at risk

Three Mobile, one of Britain’s biggest mobile operators has admitted that hackers have managed to successfully access its customer upgrade database. It has been reported that the data accessed included names, phone numbers, addresses and dates of birth of some 6 million ‘Three Mobile’ customers. Luckily, sensitive financial data were not exposed, according to Telegraph report. It has been revealed that cyber criminals used...

338 total views, no views today


Massive security hole in iOS allows anyone to bypass iPhone’s passcode and access personal data

A critical security flaw was discovered in iOS 8 and newer versions of the Apple OS, including 10.2 beta 3, that allows anyone to bypass iPhone’s passcode on Lockscreen and gain acces to personal data. Passcode is simply a password that consist of 4-digits (6 digits or alphanumeric characters on some devices) which helps to prevent other people from accessing your device....

1,264 total views, 1 views today


Linux vulnerability grants Root Shell access by pressing ‘Enter’ for 70 seconds!

Cyber security researchers Hector Marco and Ismael Ripoll have discovered a serious vulnerability in many Linux distributions, including Debian, Ubuntu, Fedora and Red Hat Enterprise Linux, that allows both remote and local attackers to bypass authentication and launch a shell with ROOT permissions just by pressing the ‘Enter’ key for 70 seconds! This vulnerability is specially serious in environments like libraries, ATMs,...

366 total views, no views today


Telecrypt ransomware uses Telegram Messenger to communicate with C&C. Here is how to decrypt your files.

Kaspersky Lab researchers have discovered a new ransomware, called Telecrypt, that uses Telegram Messenger as a covert channel between the Command and Control (C&C) server and the compromised device. By using Telegram Messenger’s communication protocol, Telecrypt ransomware performs secure key exchange with the C&C server, which becomes hard to track through network traffic monitoring. It is also noticed that Telecrypt is the first ransomware...

356 total views, 2 views today


5 major Russian banks hit by a wave of powerful DDoS attacks

It is reported that at least five major Russian Banks, including Sberbank and Alfabank were hit by a wave of powerful DDoS attacks. According to a source close to Russia’s Central Bank, the attacks began Tuesday afternoon and continued for two days. Sberbank and Alfabank confirmed the DDoS attacks. ‘We registered a first attack early in the morning … the next attack in...

532 total views, 1 views today


F5 BIG-IP ASM Web Application Firewall vulnerability allows remote attackers to launch DoS attack

A ‘high severity’ vulnerability was discovered in ‘F5 Networks BIG-IP Application Security Manager (ASM)’ web application firewall that allows a remote attacker to conduct denial-of service (DoS) attack. BIG-IP ASM is one of the popular enterprise web application firewalls (WAF). According to F5 Networks, it is deployed in more data centers than any enterprise WAF.  It is available as an appliance, virtual...

404 total views, 2 views today