Websites running unsupported versions of the Linux 2.6 kernel are being compromised in a large-scale malware redirection campaign.
Browsing Tag: malware
UPDATE–The iOS platform has been remarkably resistant to malware infections over the years and attackers interested in mobile devices mainly have focused their efforts on Android. But the developer of a little-known bot that has the ability to run on Linux and Windows machines now has a version that apparently can run on iOS as[…]
New exploits for a two-year-old PHP vulnerability popped up in October that allow hackers to run code on websites running vulnerable versions of the web development framework.
The Full Disclosure security mailing list, which has been one of the main discussion forums for vulnerability and exploit information for 12 years, is shutting down because “‘one of our own’ would undermine the efforts of the last 12 years”, one of the creators said.
Trying to enumerate the compromised sites on the Internet is a Sisyphian task. Luckily, it’s not a task that anyone really needs to perform any longer, especially now that Barracuda Labs has released its new Threatglass tool, a Web-based frontend that allows users to query a massive database of compromised sites to get detailed information[…]
The NSA on Thursday responded to media reports that it has been impersonating Facebook and other sites in order to compromise surveillance targets’ machines, saying that the agency “does not use its technical capabilities to impersonate U.S. company websites.”
A recent watering-hole attack targeted firms in the energy sector and led victims to a separate site that used the LightsOut exploit kit to compromise their machines.
Researchers looking into the recently uncovered Turla, or Snake, cyber espionage campaign have discovered some similarities connecting it to older pieces of malware such as Agent.btz and Red October.
Research this week makes it’s clear that many attackers are still using point of sale malware, namely Dexter and Project Hook, in active attacks.
A new piece of ransomware known as BitCrypt is deploying a brand of encryption that is incredibly weak and easily broken.