Hacking News

Researchers identified a new ransomware family called Magniber that uniquely targets only users in South Korea and the Asia-Pacific regions. The ransomware is primarily being distributed by the Magnitude exploit kit, a primary distribution vehicle in the past for Cerber ransomware. Because of Magniber’s close affiliation to both the Magnitude EK and and Cerber, researchers […]

Hackers are rushing to exploit a zero-day Flash vulnerability to plant surveillance software before organisations have time to update their systems to patch the weakness. Uncovered by researchers at Kaspersky Lab on Monday, the CVE-2017-11292 Adobe Flash vulnerability allows attackers to deploy a vulnerability which can lead to code execution on Windows, Mac, Linux, and Chrome OS systems. The exploit

There were questions from Chase Bank about an applying for a credit card that someone was attempting to open in his name. Mifflin, who exists in San Antonio, says he called the bank and was told the identity thieves have my Social Security number. He set up fraud warnings with the three major credit recording

The most exciting new features support for OpenType variable fonts, the full statement of the Network Quality Estimator API, the capacity to capture and stream DOM elements, and HTTP warnings for the browser’s Natural and Incognito mode. While for most users this wouldn’t seem like a big opportunity, the most important new feature attached in

Organizations that have their PeopleSoft installations exposed to the internet should pay special attention to a remote code execution vulnerability patched on Tuesday as part of Oracle’s massive quarterly Critical Patch Update. The flaw, CVE-2017-10366, allows an attacker to gain remote code execution on a server running PeopleSoft software. The flaw is in the core engine,

A post-intrusion technique developed by researchers at CyberArk Labs called BoundHooking allows attackers to exploit a feature in all Intel chips introduced since Skylake. The attack technique allows for the execution of code from any process without detection by antivirus software or other security measures, researchers said. According to CyberArk, a BoundHooking attack exploits the

An espionage group is launching cyber attacks against organisations in the maritime and defence sectors in what’s highly likely to be an effort to steal confidential information and research data. Dubbed Leviathan, the group has been active since at least 2014 and takes particular interest in maritime industries, naval defence contractors and associated university research

On Windows 10 PCs, connecting to a network is normally as simple as plugging in a network cable or entering a passphrase at a Wi-Fi prompt. The networking tips in this category cover administrative tasks, such as weeding out saved Wi-Fi credentials and looking up your IP address, as well as occasional troubleshooting demands. Unfortunately,

Internet connected smartwatches for children have been found to contain security vulnerabilities which allow hackers access to track the wearer’s location, eavesdrop on conversations or even communicate with the child user. And with some of these devices, data is transmitted and stored without encryption, says an investigation by the Norwegian Consumer Council (NCC). Working alongside

Security experts are urging Lenovo customers to update their Android tablets and handsets to protect themselves against a handful of critical vulnerabilities impacting tens of millions of vulnerable Lenovo devices. On Oct. 5, Lenovo quietly rolled out four patches impacting all of its Android tablets, Vibe and Zuk phones, and the Moto M (XT1663) and