Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Information Security News - Internet Security | DShield Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

1 day ago Symantec Revokes Wrongly Issued Certificates

SecurityWeek View Synopsis+1

Symantec has revoked numerous wrongly issued certificates, including for domains such as example.com and test.com. This is not the first time the security firm's certificate issuance practices have come under scrutiny.

22 hours ago Expert Hacks Internal DoD Network via Army Website

SecurityWeek View Synopsis+1

A security researcher who took part in the Hack the Army bug bounty program managed to gain access to an internal Department of Defense (DoD) network from a public-facing Army recruitment website.

1 day ago Fans of the Shark Tank

IT Toolbox Blogs View Synopsis+1
Computerworld's Sharky

1 day ago From statues to doormats, here's what annoys Asian nations

Yahoo Security View Synopsis+1

How can you get under the skin of an Asian country? Diplomatic body searches, bomber flights, shrine statues and even doormats have set governments on edge.

1 day ago United Airlines flights suspended after technical glitch

ZDNet View Synopsis+1
The IT issue, which has since been resolved, grounded all domestic flights on Sunday evening.

Top News

10 hours ago "‹Cyber experts to brief Australian political leaders

ZDNet View Synopsis+1
The prime minister will take his political opponents through a cyber defence training session next month in a bid to ready the country for a cyber attack.

10 hours ago Western Union coughs up $586m for turning a blind eye to fraudsters

The Register View Synopsis+1
Helping internet scammers proved profitable, for a while

Western Union will forfeit more than half a billion dollars after admitting it broke money laundering laws.

9 hours ago Widely used WebEx plugin for Chrome will execute attack code - patch now!

ArsTechnica View Synopsis+1
Publicly known "magic string" lets any site run malicious code, no questions asked.

7 hours ago Old Android malware still infecting millions of users

Yahoo Security View Synopsis+1
Remember HummingBad ? It's an "old" malware from early-to-mid 2016, which was discovered and addressed at the time. However, it looks like it wasn't killed, and a version of it called HummingWhale has been found in the Google Play store, inside over 20 apps that were downloaded several million times by unsuspecting users. HummingWhale comes with "cutting edge techniques" that let it perform fraud better than before, Check Point says . That's the same group that identified the first strain of the malware, which affected more than 10 million users last year. Check Point also discovered its creators and concluded that the malware was able to generate some $300,000 per month from fraudulent advertising. That's right, this malware doesn't steal sensitive data from you. Instead, it hijacks ad views for profit. The new Google Play apps seem to be camera-related apps uploaded under names of fake Chinese developers. Each of these apps has an encrypted file that's "suspiciously large." The malware can be used to download and execute other apps. Moreover, the app can use an Android plugin to upload fraudulent apps on a virtual machine. "First, the Command and Control server (C&C) provides fake ads and apps to the installed malware, which presents them to the user," Check Point writes. "Once the user tries to close the ad, the app, which was already downloaded by the malware, is uploaded to the virtual machine and run as if it is a real device. This action generates the fake referrer id, which the malware uses to generate revenues for the perpetrators." The malware is more sophisticated than its predecessor in many ways. It can install apps without getting elevated permissions, and it can install an infinite number of fraudulent apps without actually overloading the device. That means the user would not even notice that something is wrong. Additionally. HumingWhale also tries to increase its Google Play reputation using fraudulent comments and ratings. Check Point told BGR that it informed Google About these new malware apps, which were removed from Google Play. This is how you check if your phone or tablet was infected with a HummingBad strain, although the tools might not necessarily detect HummingWhale as well.

7 hours ago Why Cyborg Essentials should be your penetration testing platform

TechRepublic View Synopsis+1
Penetration testing is essential for knowing where your network and systems are weak. Jack Wallen says the right tool for that task is the Debian-based Cyborg Essentials.

7 hours ago IP: Sending One Fragment in a Datagram

IT Toolbox Blogs View Synopsis+1
Procedure ipfsend creates and sends a single fragment. It allocates a new buffer for the copy, calls ipfhcopy to copy the header and IP options, copies the data for this fragment into the new datagram, and passes the result to netwrite.

2 hours ago Cisco WebEx Extension Flaw Allows Code Execution

SecurityWeek View Synopsis+1

Google Project Zero researcher Tavis Ormandy has discovered a critical remote code execution vulnerability in the Cisco WebEx browser extension. Cisco's initial fix does not appear to be complete, which has led to Google and Mozilla temporarily removing the add-on from their stores.

1 hour ago Is Trump Militarizing Civilian Cyber Defense?

InfoRiskToday View Synopsis+1
This ISMG Security Report leads with comments from President Donald Trump that suggest the U.S. military will take the lead in defending civilian-owned critical infrastructure. Also, how insider defenses changed since Chelsea Manning's WikiLeaks data dump.

20 hours ago Alexa, Cortana And Siri Are About To Diagnose Your Health

Forbes View Synopsis+1
Diagnosing serious diseases and conditions via just listening to voice snippets is possible. Are we about to get a doctor in every room thanks to Alexa, Siri and Google Home?

Latest News

6 minutes ago Facebook Vulnerability Allowed Removal of Any Video

SecurityWeek View Synopsis+1

Facebook has awarded a researcher $10,000 for finding a serious vulnerability that could have been exploited remotely to delete any video from the social media website.

20 minutes ago China cracks down on 'unauthorized' VPNs

ZDNet View Synopsis+1
The censorship state wants to enforce government control over software which can circumvent China's Great Firewall.

20 minutes ago This new ransomware 'bluff' trick is costing victims big, even though their files are never really in danger

ZDNet View Synopsis+1
Firms are paying five-figure ransoms after being tricked into thinking they have been hit by ransomware.

20 minutes ago How to delete any video on Facebook

ZDNet View Synopsis+1
All it takes is exploiting some exposed code to take control of any video on the social network.

1 hour ago Saudi Arabia warns destructive computer virus has returned

Yahoo Security View Synopsis+1
Saudi Arabia is warning that a computer virus that destroyed the systems of its state-run oil company in 2012 has returned. A state-run television channel aired comments on Monday suggesting that 15 government ...

2 hours ago Comparing SAP with mobile phone tech companies like Nokia and Blackberry

IT Toolbox Blogs View Synopsis+1
Comparing mobile companies with SAP may not be the best comparisons but people are doing it anyway.

2 hours ago Furby Rickroll demo: What fresh hell is this?

The Register View Synopsis+1
Toy-makers, please quit this rubbish, you're NO GOOD at security

Here's your future botnet, world: connected kids toys that will Rickroll their owners while hosing big servers and guessing the nuclear codes.

4 hours ago HummingBad malware returns in new, more annoying variant

The Register View Synopsis+1
Is it a bird? Is it a plane? No, it's a HUMMINGWHALE

The HummingBad malware first discovered in February 2016 is making a return visit to the charts.

6 hours ago Furby Rickroll demo: what fresh hell is this?

The Register View Synopsis+1
Toy-makers, please quit this rubbish, you're NO GOOD at security

Here's your future botnet, world: connected kids toys that will Rickroll their owners while hosing big servers and guessing the nuclear codes.

7 hours ago IP: The Implementation Of Fragmentation

IT Toolbox Blogs View Synopsis+1
In the example code, procedure ipputp makes the decision about fragmentation: