Starbucks free Wi-Fi caught secretly mining cryptocurrency

Starbucks free Wi-Fi caught secretly mining cryptocurrency

A tech CEO noticed the free Wi-Fi at his local Starbucks didn't exactly come without a price after discovering the network was secretly jacking his computing power to mine crypto-currency.
By Robert Abel Dec 15 2017, 11:20AM
Banking trojans sneak into Google Play again

Banking trojans sneak into Google Play again

Banking trojans have once again made their way past Google Play's security mechanisms, this time to target the Polish Financial sector.
By Robert Abel Dec 13 2017, 11:22AM
Cryptominer uses hidden browser windows to keep on mining

Cryptominer uses hidden browser windows to keep on mining

A new drive-by cryptominer is using a unique technique which allows malicious site owners and threat actors to keep mining Monero even after closing their browser windows.
By Robert Abel Dec 4 2017, 10:28AM
Firefox tests in-browser breached site notifications

Firefox tests in-browser breached site notifications

Firefox is testing out a warning system that will notify users when they visit breached sites and offer the option to be notified if a site they previously visited becomes breached in the future.
By Robert Abel Dec 4 2017, 10:28AM
Cobalt malware leverages recently patched 17-year-old Microsoft flaw

Cobalt malware leverages recently patched 17-year-old Microsoft flaw

Just in the nick of time...
By Robert Abel Nov 30 2017, 1:28PM
Fake Symantec site spreads OSX.Proton password stealer

Fake Symantec site spreads OSX.Proton password stealer

A security researcher using the Twitter handle @noarfromspace last week spotted a fake Symantec blog spreading a new variant of the OSX.Proton password stealer.
By Robert Abel Nov 29 2017, 11:01AM
Bitcoin Gold issues critical advisory after spotting suspicious files

Bitcoin Gold issues critical advisory after spotting suspicious files

Bitcoin Gold issued a critical alert and expanded the recall window for the Windows Wallet installer after a link on its Download page and the file downloads on its Github release page were found to be serving two suspicious files.
By Robert Abel Nov 29 2017, 11:01AM
Symantec patches certificate spoofing flaw in Install Norton product

Symantec patches certificate spoofing flaw in Install Norton product

Symantec patched a certificate spoofing vulnerability in its Install Norton Security product that occurs when downloading Norton for Mac.
By Robert Abel Nov 24 2017, 10:40AM
Windows Movie Maker scammers leverage Google SEO

Windows Movie Maker scammers leverage Google SEO

While SEO best practices help brands reach the widest possible audiences by garnering more web traffic, these same tactics can also be leveraged to help cyber-criminals reach the most victims.
By Robert Abel Nov 14 2017, 10:47AM
Former Yahoo chief executive Mayer testified before Congress, blamed Russia

Former Yahoo chief executive Mayer testified before Congress, blamed Russia

Former Yahoo chief executive Marissa Mayer apologises for the two massive data breaches at Yahoo that occurred during her tenure and resulted in 3 billion credentials being stolen, blaming Russian agents for at least one of them.
By Robert Abel Nov 13 2017, 10:32AM
Facebook asks users to send nudes to prevent revenge porn

Facebook asks users to send nudes to prevent revenge porn

File under whiskey tango foxtrot.
By Robert Abel Nov 7 2017, 1:23PM
Arabic, Urdu, Persian, Pashto InPage processor used by 3 malware families

Arabic, Urdu, Persian, Pashto InPage processor used by 3 malware families

An exploit in the InPage word processor program was used as an attack vector by three malware families.
By Robert Abel Nov 7 2017, 11:00AM
Apple addresses KRACK exploits in iOS and macOS updates

Apple addresses KRACK exploits in iOS and macOS updates

Apple has finally addressed the KRACK vulnerabilities in its latest macOS High Sierra, Sierra, El Capitan, iOS 11.1, tvOS and watchOS.
By Robert Abel Nov 3 2017, 10:42AM
Apache OpenOffice patches four vulnerabilities in 4.1.4 update

Apache OpenOffice patches four vulnerabilities in 4.1.4 update

Apache OpenOffice patched four medium vulnerabilities in the suites word processing and graphics apps.
By Robert Abel Nov 1 2017, 11:02AM
Hacktivists take Catalan independence fight online

Hacktivists take Catalan independence fight online

Hackers from the hacktivist group Anonymous targeted websites run by Spain's Ministry of Public Works and Transport in support of the Catalan independence movement.
By Robert Abel Oct 30 2017, 12:33PM
Criminals mimic popular cryptocurrency exchange in Google Play

Criminals mimic popular cryptocurrency exchange in Google Play

Cyber-criminals took advantage of popular cryptocurrency exchange Poloniex's lack of an official app to dupe unsuspecting users into downloading credential stealing malware.
By Robert Abel Oct 25 2017, 12:13PM
Android malware on Google Play grows botnets, launches DDoS attacks

Android malware on Google Play grows botnets, launches DDoS attacks

The Sockbot malware has made its way into at least eight Apps in the Google Play Store with the intent of adding devices to botnets and performing DDoS attacks.
By Robert Abel Oct 20 2017, 10:42AM
Ykcol and Asasin Locky variants released within short time frame

Ykcol and Asasin Locky variants released within short time frame

At least two new Locky ransomware variants have been released within less than a month of each other although one of the variants is broken for the time being due to a malformed spam campaign.
By Robert Abel Oct 17 2017, 9:54AM
Critical zero-days found in three popular WordPress plugins

Critical zero-days found in three popular WordPress plugins

Critical zero-day vulnerabilities in three popular Wordpress plug-ins could allow attackers to completely take over a vulnerable site.
By Robert Abel Oct 5 2017, 10:44AM
Apple patches a potentially critical vulnerability with iOS 11.0.01 update

Apple patches a potentially critical vulnerability with iOS 11.0.01 update

Apple's iOS 11.01 seems to have addressed previous problems that prevented users from sending emails from Outlook.com and Exchange accounts along with at least one potentially critical security flaw.
By Robert Abel Sep 29 2017, 9:51AM