Join thousands of people who receive the latest breaking cybersecurity news every day.
A pharming attack has been detected targeting home routers distributed from Brazil’s largest telco, a rare instance of a web-based attack changing DNS settings in order to redirect traffic.
A Brazilian political website has been compromised and is injecting iFrames that attempt to change the victim’s router DNS settings.
DailyMotion, one of the most popular websites on the Web, is still serving fake AV malware three weeks after it was notified of a compromise.
Legitimate Web sites that have been hijacked and used to serve malicious content greately outnumber malicious sites on a list of the most-trafficked sites on Google’s blacklist, according to analysis by security firm Zscaler.
Researchers at the security firm M86 report that hackers have compromised hundreds of Web sites that use the Wordpress content management system. The sites, mostly small Web pages and blogs, are being used to fool spam filters and redirect unwitting visitors to drive by download Websites that will install malicious software on vulnerable systems.
Amnesty International’s United Kingdom website was compromised late last week and was being used to exploit a known Java runtime environment hole on machines belonging to unwitting visitors to the site, according to Barracuda Labs researcher, Paul Royal.
Poor design and usability issues make leading online privacy management tools ineffective, according to researchers at CMU’s Cylab. The report said the results suggest that the current system of industry-led opt out protections is “fundamentally flawed.”
Amid an increase in defacements of legitimate websites over the past few weeks, Fraser Howard, a researcher from Sophos, has discovered that the groups behind the attacks are increasingly using sophisticated filtering and dynamic content to avoid detection by search engines and web filtering firms.
We recently reported on a massive drive-by-download campaign affecting some 90,000 Web pages. In the less than two weeks since that report, the same campaign is now affecting more than six million pages.
Join thousands of people who receive the latest breaking cybersecurity news every day.Subscribe now