Microsoft’s advanced notification of its December 2013 Patch Tuesday security updates includes a patch for the TIFF zero day. Microsoft will release 11 bulletins, five of the critical.
Browsing Author: Michael Mimoso
Arbor Networks researchers report the discovery of two servers hosting Dexter and Project Hook point of sale malware.
Attackers are able to bypass the reflective cross-site scripting filter in Internet Explorer; the weakness is accepted by Microsoft as part of its design philosophy for the filter and will not be fixed.
A Pony botnet controller has been discovered with two million stolen credentials, most of them for online services from Facebook, Twitter, Yahoo, Google and the ADP payroll service.
How is the NSA beating or breaking SSL? Cryptographer Matthew Green lays out a number of possibilities.
German scientists have come up with a way of transmitting small bits data, such as passwords, over an acoustical mesh network between air-gapped computers.
D-Link has patched a backdoor vulnerability in a number of different versions of its routers that could allow an attacker using a particular string to access the router’s admin panel and make any changes.
Microsoft issued an advisory warning of a local privilege escalation zero day in Windows XP being exploited in the wild. Experts, meanwhile, renew their calls to move off XP, which will no longer be supported as of April 2014.
A researcher may have found the quickest route to learning which files are encrypted in CryptoLocker ransomware infections.
A self-replicating banking Trojan called Neverquest has attempted to infect thousands of victims who have accounts with any of more than 100 banks. Researchers expect the malware to ramp up infection attempts over the holidays.