Despite what Hollywood would have you believe, most hackers aren’t chugging Monster Energy drinks while laughing maniacally at binary code, and they’re not testing the security of every nanny cam and laptop in America. But internet-savvy pederasts, cyberbullies, and identity thieves do exist, so a certain amount of parental technophobia is warranted.
The ransomware known as TeslaCrypt has enhanced its code—to include unbreakable encryption and a rash of upgrades.
TeslaCrypt was first designed to target computers that have specific computer games installed—but has since widened its purview. The trojan will encrypt all files and lock victims out of their systems, and then ask for ransom for the decrypt key, which can vary between $150 and $1000 worth of bitcoins.
It looks like the Stagefright flaw is a modern day horror movie franchise for Android device users, as it has returned yet again, retaining its status of being a real and consistent danger on affected devices. This is despite promises from Google to have fixed the Stagefright flaw prior.
The way the FBI tells it, the encryption on Apple’s iOS is so secure, nothing can break it. Well, not so fast. As reported by the Washington Post, researchers at Johns Hopkins University say they’ve found a bug that allows them to break the encryption of iMessages, decoding photos and videos.
A pilot project launched by vulnerability handler MITRE to address stagnation in the assignment of bug identification numbers has been shelved less than a day after its announcement and before its scheduled launch today.
The pilot was devised in response to complaints by security researchers and MITRE board members about the stalled allocation of CVE numbers.
During the first day of the Pwn2Own 2016 hacking contest that's taking place in Vancouver, Canada, hackers took home $282,500 for finding new security flaws in applications such as Adobe Flash, Google Chrome, and Apple Safari.
Leaders after the first day are the 360Vulcan Team (Qihoo 360) after they have demonstrated two successful exploits that pocketed them $132,500.
Millions of Android users are at risk of a new Metaphor exploit that can take over Samsung, LG and HTC phones in under 20 seconds. The hack gives attackers access to the targeted phones including the ability to inject malware and take control over key smartphone functions.
Symantec is advising users of its Endpoint Protection (SEP) software to update their systems, after three vulnerabilities were reported in the computer defense tools.
Two of the bugs – a cross-site scripting (XSS) flaw, and a SQL injection vulnerability – are in the SEP Management Console, a web-based portal you can log into over a network or locally on the SEP management server. Both of the programming blunders can be exploited by a user logged into the console to gain higher privileges within the system.
L33tdawg: Good thing someone is working on an intrusion detection system for automobiles!
Physical weaknesses in memory chips that make computers and servers susceptible to hack attacks dubbed "Rowhammer" are more exploitable than previously thought and extend to DDR4 modules, not just DDR3, according to a recently published research paper.
