The Full Disclosure security mailing list, which has been one of the main discussion forums for vulnerability and exploit information for 12 years, is shutting down because “‘one of our own’ would undermine the efforts of the last 12 years”, one of the creators said.
Browsing Tag: malware
Trying to enumerate the compromised sites on the Internet is a Sisyphian task. Luckily, it’s not a task that anyone really needs to perform any longer, especially now that Barracuda Labs has released its new Threatglass tool, a Web-based frontend that allows users to query a massive database of compromised sites to get detailed information[…]
The NSA on Thursday responded to media reports that it has been impersonating Facebook and other sites in order to compromise surveillance targets’ machines, saying that the agency “does not use its technical capabilities to impersonate U.S. company websites.”
A recent watering-hole attack targeted firms in the energy sector and led victims to a separate site that used the LightsOut exploit kit to compromise their machines.
Researchers looking into the recently uncovered Turla, or Snake, cyber espionage campaign have discovered some similarities connecting it to older pieces of malware such as Agent.btz and Red October.
Research this week makes it’s clear that many attackers are still using point of sale malware, namely Dexter and Project Hook, in active attacks.
A new piece of ransomware known as BitCrypt is deploying a brand of encryption that is incredibly weak and easily broken.
The Internet Bug Bounty program, a cooperative effort among security experts and vendors, paid out its first $10,000 bounty this week for a serious Flash vulnerability. The flaw, which Adobe fixed in December, was a serious one that has been used in targeted attacks. Started in November, the Internet Bug Bounty is a system set[…]
Cisco’s UCS Director infrastructure management product contains a set of default credentials that any remote attacker can exploit to take complete control of any vulnerable machine. The flaw is in UCS Director versions 22.214.171.124 and below. The Cisco UCS Director software is designed to allow administrators to manage a variety of storage, networking, virtualization and[…]
There are at least two different groups running attacks exploiting the recently published zero day vulnerability in Internet Explorer 10, and researchers say one of the groups used the bug to impersonate a French aerospace manufacturer and compromise victims visiting the spoofed Web page.