The issue of hacked WordPress sites continues to persist, as evidenced by one victimized URL being used to host links to thousands if not millions or billions of shady pharmaceutical sites without the knowledge of the owners.
Patch Tuesday: December 2013
Eleven Microsoft bulletins including ten critical vulnerabilities – some of which are already being actively exploited – affecting all supported versions of Windows, Office, SharePoint, Exchange, and Lync make for a busy last month of a busy year (106 …
Obamacare-baited Malware Scam Mashes Up iPhones, Video Players
The old adage of “if it’s too good to be true that it usually is,” continues to hold water. An elaborate social engineering lure using the Affordable Care Act as bait is unfolding, with the end goal of serving up an executable file containing malware.
Cyber-espionage Campaign Ahead of G20 Summit Compromised Several European Ministries
Ahead of the G20 summit in Russia in late summer, a group of perpetrators (who may be Chinese) carried out a targeted attack on diplomatic missions, including ministries of foreign affairs (MFA), using the crisis in Syria as social engineering bait.
Major Browsers Block an Improperly Issued Certificate
SSL certificates are designed to provide trust in the internet. They are issued by trusted Certificate Authorities to prove that a site is indeed the site it claims to be. But if a certificate is forged, lost, or improperly issued, it provides false tr…
NSA/GCHQ Turn World of Warcraft into World of Spycraft
Online gamers use false names and characters to meet, chat and interact with other people from all over the world anonymously. NSA and GCHQ began to suspect that criminals and terrorists were using these virtual worlds, such as World of Warcraft, XBox …
FBI Can Activate Webcams Remotely Without the Light Coming On
Whether hackers are able to remotely switch on victims’ webcams without the camera light giving the game away has been the subject of some debate. Now we learn that not only can it be done, it is done by the FBI.
Lawyer Throws Spanner in EU Data Protection Regulation
Two months after European justice ministers agreed the principle of the ‘one-stop-shop’ for data protection rulings, Hubert Legal (head of legal services for the European Council; that is, the member states) declared it would be a bad outcome likely in…
Ultimate Pentesting PwnBox (2013) – Utilite Pro
We’re always on the lookout for and interesting ARM hardware for Kali Linux. Whether it’s a Galaxy Note or a USB stick sized SS808, we want to see Kali run on it. You can therefore imagine our excitement, when we first laid our eyes on the …
Dexter POS Malware Returns to Target Holiday Shoppers
At least three distinct versions of the Dexter point of sale (POS) malware are making the rounds this holiday season, designed to steal credit and debit card data from unwitting shoppers.