TA505 Crime Gang Debuts Brand-New ServHelper Backdoor
The latest malware from TA505 has been seen targeting banks, retailers and restaurants with two different versions. Go to Source
U.S. Government Shutdown Leaves Dozens of .Gov Websites Vulnerable
As the shutdown continues into its 21st day, dozens of .gov websites haven’t renewed their TLS certificates. Go to Source
Yet Another Bypass: Is 2FA Broken? Authentication Experts Weigh In
A penetration testing tool called Modlishka can defeat two-factor authentication in the latest 2FA security issue. We asked a roundtable of experts what it all means. Go to Source
The Promise and Peril of 5G
As the hype at CES demonstrates, 5G is the newest and shiniest tech bauble out there: but security concerns loom. Go to Source
Intel Patches High-Severity Privilege-Escalation Bugs
Overall, the chip giant patched five vulnerabilities across an array of its products. Go to Source
At CES, Focus is On ‘Cool Factor’ Not IoT Security
When it comes to IoT, the priority at CES is the “wow factor” – but not so much a focus on security. Go to Source
‘Unprecedented’ DNS Hijacking Attacks Linked to Iran
The attacks, targeting several countries to redirect traffic and harvest credentials, have been linked to Iran. Go to Source
Google Search Results Spoofed to Create Fake News
The technique can be used to spread disinformation while leveraging the trust people have in Google’s search results. Go to Source
Critical Flaw in Cisco’s Email Security Appliance Enables ‘Permanent DoS’
A remote attacker could exploit the vulnerability simply by sending an email. Go to Source
ICEPick-3PC: A Sophisticated Adware That Collects Data En Masse
Researchers think an organized crime gang is running the massive campaigns, prepping for large-scale follow-on attacks on Android users. Go to Source