OpenDNS went public with a new analytics tool that can be used to detect malicious domains used in APT and cybercrime campaigns.
Browsing Category: Hacks
The Mandarin Oriental luxury hotel chain is investigating a data breach that affects credit cards used in an “isolated number” of its hotels in the United States and Europe. Company officials said that the attack involved “undetectable” malware on some of its systems and emphasized that only credit card data, and no other personal information,[…]
As a public service, the Threatpost team, Mike Mimoso, Dennis Fisher, Brian Donohue and Chris Brook, watched the first episode of CSI: Cyber and kept a running chat log of the “action”. Enjoy.
D-Link is in the midst of pushing out firmware updates for eight of its home router models, addressing three serious remote code injection vulnerabilities.
The Angler Exploit Kit has begun using domain shadowing as a technique to avoid detection and blocking, researchers at Cisco Talos said.
For the nth time in the last couple of years, security experts are warning about a new Internet-scale vulnerability, this time in some popular SSL clients. The flaw allows an attacker to force clients to downgrade to weakened ciphers and break their supposedly encrypted communications through a man-in-the-middle attack. Researchers recently discovered that some SSL[…]
A pharming attack has been detected targeting home routers distributed from Brazil’s largest telco, a rare instance of a web-based attack changing DNS settings in order to redirect traffic.
Twitter has revised and simplified its rules and process for reporting abusive behavior on the service, and users now have the ability to report people who are posting their personal information. The change essentially gives Twitter users a method to combat doxing, which is the process of dumping a victim’s personal information online. This often[…]
The EFF’s Decentralized SSL Observatory turned up 1,600 certificates that should have been rejected but instead passed browser checks because they were manipulated by Komodia’s SSL Digester interception module.
On May 30, 2014, law enforcement officials from the FBI and Europol seized a series of servers that were being used to help operate the GameOver Zeus botnet, an especially pernicious and troublesome piece of malware. The authorities also began an international manhunt for a Russian man they said was connected to operating the botnet,[…]