Browsing Author: Dennis Fisher

Categories: Government, Malware

Ransomware has emerged as major threat to consumers and businesses in recent years, and law enforcement agencies and security researchers have taken note. Authorities last year disrupted the Cryptolocker ransomware operation and now Dutch police have arrested two young men they believe are involved in the CoinVault ransomware. The arrests came Monday in the Netherlands[…]

Read more...

Categories: Malware, Web Security

A day after researchers detailed a technique that attackers are using to upload malicious firmware images to Cisco routers, academic researchers say they have scanned the entire IPv4 address space and discovered a total of 79 likely compromised routers. The researchers at the University of Michigan used their Zmap tool, which can scan the Internet in about[…]

Read more...

Cisco routers are built into the fabric of the Internet and enterprise networks, a fact that makes them highly attractive targets for attackers. Researchers at FireEye have come across attacks recently in which hackers have been modifying the firmware of Cisco routers and using that foothold to maintain persistence on the victim’s network. Such a technique[…]

Read more...

The maintainers of Debian have released new packages to fix several vulnerabilities, including a number of bugs in PHP and an unspecified flaw in Oracle’s VirtualBox application. Among the patches is one for the VirtualBox bug, which is difficult to describe, because Oracle no longer publishes any security information on VirtualBox. “This update fixes an unspecified[…]

Read more...

There is a series of stack buffer overflows in nearly 20 ICS products manufactured by Japanese vendor Yokogawa that can lead to remote code execution.  The bugs affect a long list of the company’s products, which are used in a variety of industries around the world. The Yokogawa products are mainly control systems, plant-management systems, event-analysis[…]

Read more...

Categories: Web Security

Excellus BlueCross BlueShield, a large health care provider in New York state, says it was hit by an attack that began in 2013 and wasn’t discovered until last month, resulting in the compromise of members’ personal information, including Social Security numbers, addresses, financial and account information. The company did not specify how many people potentially[…]

Read more...