Yahoo malware turned PCs into Bitcoin miners: The cybercriminals who infected the computers of European Yahoo users apparently wanted to create a huge Bitcoin network. Researchers at security firm Light Cyber revealed this week that one of the malware programs aimed to use the resources of infected PCs to perform the calculations necessary to run […]

Security analysis of mobile banking apps reveals significant weaknesses: A security analysis of mobile banking apps for iOS devices from 60 financial institutions around the world has revealed that many were vulnerable to various attacks and exposed sensitive information. Ariel Sanchez, a consultant at security firm IOActive, analyzed how the banking apps communicate with servers, […]

Default settings leave external hard drives connected to Asus routers wide open: Files on thousands of hard drives connected to broadband routers from Asus are easily accessible over the Internet due to unsecure default settings, according to industry experts and tests conducted by PC World Norway and TechWorld Sweden. Broadband routers with USB ports that […]

How the NSA is preventing another Snowden (and why you should do the same): On December 11th, the director of the National Security Agency (NSA), Gen. Keith Alexander, stood before the Senate Judiciary Committee to discuss actions being taken in the wake of Edward Snowden’s disclosures. Gen. Alexander didn’t disclose all of the preventative measures […]

Hacked Cybercrime Forum Exposes Nearly 20,000 “Bad Actors”: Cyber-criminals targeted an online community and stole member information and login credentials from the site’s forum database late Tuesday. What sets this attack apart from similar data breaches is the fact that the victims were part of a community of Eastern European cyber-criminals. Schadenfreude, indeed. “Verified” happens […]

Hackers use Amazon cloud to scrape mass number of LinkedIn member profiles: LinkedIn is suing a gang of hackers who used Amazon’s cloud computing service to circumvent security measures and copy data from hundreds of thousands of member profiles each day. “Since May 2013, unknown persons and/or entities employing various automated software programs (often referred […]

Malicious Ads from Yahoo Just the Tip of the Iceberg: When Fox-IT published their report regarding malvertisements coming from Yahoo, they estimated the attack began back on December 30, 2013, while also noting that other reports indicate the attack may have begun earlier. Meanwhile, Yahoo intimated a different timeframe for the attack, claiming “From December […]

Uploader.swf flash file in vBulletin forum vulnerable to XSS: Attention! vBulletin forums users, there is a flash file in the vBulletin forum software which is vulnerable to Cross site scripting(XSS). The file “Uploader.swf” is located either in located in ‘clientscript/yui/uploader/assets’ or ‘/core/clientscript/yui/uploader/assets’. “It has come to our attention that there is a security issue in […]

Slovenian hacker sentenced to jail for ‘malicious’ program: A Slovenian court on Monday sentenced to 58 months in jail Matjaz Skorjanc, the creator of the “Mariposa Botnet”, a vast network of virus-infected computers used by criminal hackers. Skorjanc was found guilty of “creating a malicious computer programme for hacking information systems, assisting in wrongdoings and […]

NSA Spies Who Purchased This Snooping Device Also Bought…: We were already aware of the existence of illicit marketplaces teeming with tools for cybercriminals looking to subvert the security of online networks. But one of the latest revelations from the cache of documents stolen by NSA whistleblower Edward Snowden is the fact that NSA hackers […]