Police Shut Down Largest DDoS-for-Hire Marketplace

A large marketplace that allowed users to rent distributed denial-of-service (DDoS) infrastructure from hackers has been shut down following a global law enforcement operation led by police agencies from the Netherlands and the UK. Known as webstresser.org, the marketplace had 136,000 registered users and was responsible for around 4 million attacks to date, according to..
Read more

Get Ready for Another Critical Drupal Patch Related to Drupalgeddon2

Developers of the popular Drupal content management system plan to release a critical out-of-band patch April 25 that’s related to the actively exploited Drupalgeddon2 vulnerability fixed late last month. “There will be a security release of Drupal 7.x, 8.4.x, and 8.5.x on April 25th, 2018 between 16:00 – 18:00 UTC,” the Drupal developers said in..
Read more

Internet Explorer Zero-Day Exploit Reportedly Exploited in Targeted Attacks

Researchers from Chinese internet security firm Qihoo 360 have uncovered a sophisticated targeted attack which, according to them, exploits an unpatched vulnerability in Microsoft’s Internet Explorer browser. The company made the announcement in a short Twitter message and said that it shared technical details about the flaw with Microsoft. A bit more information about the..
Read more

Security Boulevard’s 5 Most Read Stories for the Week, April 16-20

A new week, a new crop of security stories. Last week, sophisticated attackers, desktop security, healthcare data breaches and data security in GDPR made headlines, as well as Multi-Factor Authentication featured in the our latest cartoon series called, “Shimmytoons.” Missed out on any of the news? Here are the five most-read stories on Security Boulevard to help you out.
Read more

Oracle Fixes Critical Vulnerabilities in Business Applications

Oracle has released a new quarterly critical patch update (CPU) for its product portfolio, fixing 254 vulnerabilities across 20 product families. More than two-thirds of those flaws are located in business-critical applications and 42 are rated critical. According to security firm Onapsis, the business applications with critical vulnerabilities include Communications Applications, Financial Services, Fusion Middleware,..
Read more

Widely Used WebEx Clients Have Critical Vulnerability

Cisco Systems has released security updates for the software clients installed by users who attend WebEx-based meetings to fix a critical vulnerability that could allow remote attackers to compromise their computers. “An attacker could exploit this vulnerability by providing meeting attendees with a malicious Flash (.swf) file via the file-sharing capabilities of the client,” Cisco..
Read more

Mobile Surveillance Malware Found on Google Play

Researchers have found sophisticated Android mobile surveillance programs created by cyberespionage groups on Google’s official Play store. Such malware is generally distributed in targeted attacks by tricking victims into downloading and installing trojanized apps from third-party sources, but the ability of attackers to host them on Google Play makes them much more dangerous. Multiple malicious..
Read more

Security Boulevard’s 5 Most Read Stories for the Week, April 9-13

A new week, a new crop of security stories. Last week, sophisticated attackers, desktop security, healthcare data breaches and data security in GDPR made headlines, as well as Multi-Factor Authentication featured in the our latest cartoon series called, “Shimmytoons.” Missed out on any of the news? Here are the five most-read stories on Security Boulevard to help you out.
Read more

Cisco Strengthens Cloud Security Service

Cisco Systems at RSA Conference 2018 significantly expanded its Advanced Malware Protection (AMP) for Endpoints cloud security service by adding support for machine learning algorithms, analytics and modeling capabilities that collectively serve to thwart spear phishing and other types of cyberattacks launched via email. In addition, Cisco announced it has developed a new engine that..
Read more

Hackers Exploit Drupal Vulnerability to Install Cryptocurrency Miners

A highly critical vulnerability patched in the popular Drupal content management system two weeks ago is seeing a wave of exploits, some of which install cryptocurrency mining malware on servers. The vulnerability tracked as CVE-2018-7600 but also dubbed Drupalgeddon2, affects all versions of Drupal since version 6.x and was patched in late March. Due to..
Read more
Page 1 of 1612345...10...Last »