The SANS Internet Storm Center reports a rash of malicious spam pushing Kovter click-fraud malware.
The maintainers of BIND have patched a critical remotely exploitable vulnerability in the DNS software that can be used in a denial-of-service attack. The vulnerability affects all versions of BIND from 9.1.0 through 9.9.7. The vulnerability is in the way that BIND handles certain queries related to transaction key records. The bug is fixed in[…]
Hammertoss, a backdoor uncovered by researchers at FireEye, combines many previous communication venues used by APT29, a espionage outfit linked to the Russian government.
It’s been more than two years since Edward Snowden became a name as familiar to the millions of people who have no idea what the NSA actually does it is to the power players in Washington. In that time support for Snowden has waxed and waned, but the position of the White House on Snowden’s[…]
Apple recently patched a serious issue in its App Store and iTunes Store web apps that could have let a remote attacker inject their own malicious script code into invoices that come from Apple.
Researchers have found a new phishing campaign leveraging Google Drive in order to steal credentials.
The National Security Agency says that once its legal authority to conduct Section 215 bulk telephone surveillance ends on Nov. 29, its analysts no longer will be allowed to access the database that holds all of the collected Section 215 records. In May, an appeals court ruled that bulk telephone metadata collection as performed by[…]
Valve Software has patched a vulnerability in the Steam gaming platform that enabled account hijacking through its password reset mechanism.
Multiple critical vulnerabilities have existed, some for nearly five years, in PHP File Manager, a web-based file manager used by several high profile corporations.
The accumulation of automation and Internet-connected devices in many homes these days has led observers to coin the term smart homes. But as researchers take a closer look at the security of these devices, they’re finding that what these homes really are is naive. The latest batch vulnerabilities to hit home automation equipment are in the Tuxedo Touch[…]