About
"Distrust and caution are the parents of security" - Benjamin Franklin
Attackers, purportedly hailing from Korea, have been targeting individuals in Russia’s aerospace, IT, education and telecommunication industries with hopes of extracting their passwords and credentials.
Hacktivist collective Team Ghostshell is claiming this morning to have spilled 1.6 million accounts from a handful of companies in the aerospace, nanotechnology, banking, law, education and government realm, a hack the group deems Project White Fox.The group claims White Fox is its “final stand” this year in a lengthy diatribe posted to Pastebin. The post goes on about internet freedom, espionage and trolling before addressing the actual leak.
Qualcomm has patched a handful of vulnerabilities in its devices that if exploited could leave Android OS kernels open to privilege escalation or denial of service (DoS) attacks.
Microsoft announced today that it plans on shipping seven bulletins, five critical, two important, for the December edition of its monthly patch Tuesday security bulletin release cycle.The year’s last scheduled batch of patches will address 11 vulnerabilities in all currently supported operating systems, including Microsoft Windows, Internet Explorer (IE 6-10), Office and the company’s Server Software.
Tis the season for predictions and security firm Trusteer checks in today with a handful for the upcoming New Year. In a post on the company’s blog, CTO Amit Klein distills Trusteer’s top ideas into an infographic,. The company predicts the security landscape will see more exploits, specifically Man-in-the-Browser malware, targeting Google’s Chrome browser, the further emergence of native 64-bit Windows malware and what the firm claims will be a more drawn out malware lifecycle.
Android malware developers in Japan continue to peddle their product across the Internet and through the Google Play marketplace, undeterred by recent arrests in the nation.
Highway traffic systems deployed across the United States could be open exploit via what a group of researchers has deemed an “insufficient entropy vulnerability” in the systems’ software.
Cybercriminals in the United Kingdom this week have launched two separate but similar scams intent on gaining access to users’ computers. Both scams impersonate e-mail notifications from popular British cell phone companies and both ultimately open a backdoor on the targeted computers.
Attackers continue to exploit the buzz behind the launch of Windows 8, Microsoft’s latest operating system. The latest attack attempts to trick users into using fake key generators that claim they’ll install the software to computers free of charge.
A spokesman at Go Daddy, the popular domain registrar and Web host company, believes that some of its users may have been phished – and that’s to blame for the barrage of ransomware some customers have been seeing in past week or so.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
