Apple’s Q4 results show growth in ‘interesting times’
Apple remains the most resilient FAANG business. While other big tech firms (like Alphabet and Microsoft and Facebook) report grim news, Apple managed to set fresh records, increased Android-to-iPhone switching numbers, but still slightly missed expectations. To read this article in full, please click here more…Ransomware by the numbers: Reassessing the threat’s global impact
Kaspersky has been following the ransomware landscape for years. In the past, we’ve published yearly reports on the subject: PC ransomware in 2014-2016, Ransomware in 2016-2017, and Ransomware and malicious crypto miners in 2016-2018. In fact, in 2019, we chose ransomware as the story of the year, upon noticing the well-known threat was shifting its […] more…Patched GIF Processing Vulnerability CVE-2019-11932 Still Afflicts Multiple Mobile Apps
By Lance Jiang and Jesse Chang CVE-2019-11932, which is a vulnerability in WhatsApp for Android, was first disclosed to the public on October 2, 2019 after a researcher named Awakened discovered that attackers could use maliciously crafted GIF files to allow remote code execution. The vulnerability was patched with version 2.19.244 of WhatsApp, but the […] more…Ransomware: The Digital Plague that Still Persists
Ransomware began its reign of cyber terror in 1989 and remains a serious and dangerous threat today. In layman’s terms, ransomware is malware that employs encryption to lock users out of their devices or block access to critical data or files. A sum of money, or ransom, is then demanded in return for access to […] more…Shop till You’re Hacked? 3 Tips to Stay Secure this Holiday Season
With just days until Black Friday, the unofficial kick off to the holiday shopping season is quickly approaching. In anticipation of the busiest time of year for e-commerce, this year we conducted a survey, Stressed Holiday Online Shopping, to understand how financial pressure can impact buyer behavior when it comes to online purchasing and cybersecurity. […] more…Why do the Vast Majority of Applications Still Not Undergo Security Testing?
Did you know that 84% of all cyber attacks target applications, not networks? What’s even more curious is that 80% of Internet of Things (IoT) applications aren’t even tested for security vulnerabilities. It is 2018, and despite all the evidence around us, we haven’t fully accepted the problem at hand when it comes to software […] more…Resolved: Penn Stater Hub site Uninterruptible Power Supply (UPS) Replacement Change Number CHG0045464
PSUIT – ENCS/TNS will be replacing the Uninterruptible Power Supply (UPS) system that serves the Penn Stater HUB site on Tuesday, December 19th, 2017, starting at 5AM with work expected to be completed by 2PM. In order to perform this work, all equipment at the Penn Stater HUB site will only be supplied by EMERGENCY […] more…Mail-Order STD Tests Make Sharing Results as Easy as Sending a Snap
So. You’re single, it’s the weekend, and you don’t want a rerun of last Saturday night’s chocolate chip pancakes a la mode and Gilmore Girls bingefest. You’ve already Instagrammed this morning’s latte, two gritty urban feet shots, one still life with #buyyourowndamnflowers … and it’s still only six o’clock. Is it too early to fire […] more…Obama’s cybersecurity legacy: Good intentions, good efforts, limited results
President Obama is only a couple of weeks out of office, but his legacy on cybersecurity is already getting reviews – mixed reviews. According to a number of experts, Obama said a lot of good things, did a lot of good things and devoted considerable energy to making cybersecurity a priority, but ultimately didn’t accomplish […] more…Results of PoC Publishing
Dreams of a Threat Actor There are two crucial features of the Android OS protection system: it is impossible to download a file without user’s knowledge on a clean device; it is impossible to initialize installation of a third-party app without user’s knowledge on a clean device. These approaches greatly complicate malware writers’ lives: to […] more…Macro Malware: When Old Tricks Still Work, Part 1
Now comes a time when we are reminded of why this security warning prompt in Microsoft Word matters: Figure 1. Microsoft Word security warning for macros I went around my peers this afternoon and asked, “On the top of your head, can you give me a name of an effective macro malware? Better if its […] more…PwnPOS: Old Undetected PoS Malware Still Causing Havoc
We have been observing a new malware that infects point-of-sale (POS) systems. This malware may have been active since 2013, possibly earlier. Trend Micro will be naming this new malware family as PwnPOS to differentiate it from other known PoS malware families. In this blog post, we will discuss the technical details of this PoS […] more…2014 Spam Landscape: UPATRE Trojan Still Top Malware Attached to Spam
The malware UPATRE was first spotted in August 2013 following the demise of the Blackhole Exploit kit. It was since known as one of the top malware seen attached to spammed messages and continues to be so all throughout 2014 with particularly high numbers seen in the fourth quarter of the year. We have released […] more…Plesk Zero-Day Exploit Results in Compromised Webserver
We’re tracking a zero-day exploit affecting a still unpatched vulnerability in Plesk that enables an attacker to fully control a vulnerable webserver. Plesk is made by Parallels and is a popular hosting control panel. This vulnerability means all websites hosted on systems that use Plesk are at risk. This spells trouble not only for web […] more…Consumer Alert: McAfee Releases Results of Global Unprotected Rates Study
Security experts labelled 2011 “Year of the Hack,” with a string of high-profile attacks against corporations and consumers alike. There is no doubt cybercrime is increasing at an alarming rate. The question is: what can you do about it? McAfee set out to address this question by first understanding the overall level of consumer security […] more…How AI is shaping malware analysis
We just released our “Empowering Defenders: How AI is shaping malware analysis” report, where we want to share VirusTotal’s visibility to help researchers, security practitioners and the general public better understand the nature of malicious attacks, this time focusing on how AI complements traditional malware analysis tools by providing a new functionality, leading to very […] more…More information
- HTTPS is not a magic bullet for Web security
- Lazarus Campaign Targeting Cryptocurrencies Reveals Remote Controller Tool, an Evolved RATANKBA, and More
- How to turn off Java on your browser – and why you should do it now
- Tiny magnets could hold the secret to new quantum computers
- The US Says Chinese Hackers Went Too Far During the Covid-19 Crisis
- CA’s Strategy & Vision for Cloud IAM
- Oracle Releases 349 New Security Patches With July 2022 CPU
- Hospitals hacks put patient health at risk
- Security industry to female hackers: We want YOU!
- Software Supply Chain Security Firm Lineaje Raises $7 Million