News - Page 4 category archyve:

SwiftKey Vulnerability

Specialists working at the Chicago-based security company NowSecure have recently identified a new vulnerability in SwitfKey, which is a third-party keyboard application. The application itself is pre-installed on more than 600 million Samsung devices, which means that hackers can access a great number of devices and even take over a user’s network traffic to execute the arbitrary code. Specialists claim that this exploit affects not all Samsung devices. According to them, Samsung Galaxy S6, the S6 Edge, and Galaxy S4 Mini are the main devices that are at risk. Of course, there is also a possibility that this exploit might work on different Samsung Galaxy phones because this keyboard application is installed on them. Read more »

LogJam - a new flaw in an encryption algorithm

Researchers working at Microsoft and other institutions have detected a new SSL flaw. The flaw itself is called LogJam and its detection suggests that 8% of top million websites using HTTPS (protocol for secure communication) are vulnerable and it does not matter that users see a padlock icon in the address bar. Researchers claim that email services that use the TLS protocol might also be at risk. Luckily, companies are creating updates in order to fix this flaw; however, there is a possibility that a number (around 20 000) of websites will be blocked after the release of updates. It is likely that only those websites that are older and whose code has not been updated for a long time will be affected. Read more »

The Intricate Web of Ad Injection

Google’s Online Security researchers have recently conducted a study together with the University of California, Berkeley and Santa Barbara to examine the often confusing and dangerous web of ad injection systems. Even though there was never a doubt that adware developers, distributors, and parties associated with them are well-established in the virtual world, the findings of this study are truly astounding. For one, it was found that a shocking 5.5% of IPs connecting to Google sites were presented with injected ads. Note that injected ads are controlled by software installed onto operating systems, and they should not be confused with online advertising services, such as Google AdWords. So, how dangerous is the activity of adware, or advertisement-supported software/ad injectors? Read more »

A Facebook Worm to be careful about

Even though a detection by an antimalware tool known as Trojan.Agent.ED is a generic one, malware experts at Anti-Spyware-101.com have discovered that in quite a few cases this detection is linked to a newly crafted Internet worm often referred to as the Facebook Worm or Kilim Facebook Worm. If you have encountered anything associated with Trojan.Agent.ED you should take immediate measure to investigate what kind of infection is active on your PC, and you should remove it immediately. Do not take any chances with this infection as you could face devastating consequences. Read the rest of this article and find out how the Kilim Facebook Worm functions and why its removal is of paramount importance. Read more »

Lenovo superfish vulnerability

Lenovo superfish vulnerability

Superfish adware is one of the many applications out there that one wouldn’t want on her computer. So naturally, you would avoid these kinds of programs in the wild, but what happens when they are pre-loaded into your laptop’s setup? This is what happened with Lenovo laptops that had Superfish software pre-loaded, and it opened vulnerability on the said computers that would have allowed hackers to steal user’s credit card number information and other personal data. Needless to say, users had to scramble to remove Superfish software from their computers in order to avoid potential identity thefts. Read more »

The Equation Group is capable of spying on YOU

Researchers working at Kaspersky Lab in Russia have recently detected a new threat actor that has been active for years. It is called the Equation group. The group has been given this name because it uses various algorithms and sophisticated methods in order to implement their operations. In particular, RC5 encryption algorithm is visible in malware produced by this group. Read more »

FessLeak

It is essential that you install up-to-date security software and use your mind when browsing the web to ensure that FessLeak cannot corrupt your Windows operating system. The clandestine threat is also known as Cryptolocker, and if you let it in your PC, you will have all of your personal files encrypted. Unfortunately, many users do not find a way to decrypt personal files, and this is why FessLeak Ransomware is considered to be one of the most obnoxious and harmful threats out there. Even though the infection cannot delete your files, there are no guarantees that you will be able to restore them. Regardless of the outcome, it is most important that you remove the threats associated with FessLeak and take care of your virtual security. Read more »

Your version of Google Chrome is potentially vulnerable and out of date

Your version of Google Chrome is potentially vulnerable and out of date

If you have received an email stating that “Your version of Google Chrome is potentially vulnerable and out of date,” you have to report it as spam. The fictitious email is a tool employed by cyber criminals to distribute a malicious ransomware threat. Of course, it is dangerous to have your operating system affected by a ransomware, or any other malicious threat for that matter. Ransomware is very difficult to remove, and if you trust that your version of Google Chrome is potentially vulnerable and out of date, you might let in a malicious Trojan without even realizing it. This Trojan could unleash CTB-Locker, and various other ransomware threats that require immediate removal. Read this report to learn how ransomware can attack and affect your operating system. This report also provides a few removal tips that you can use to delete ransomware from your PC. Read more »

Elevation of Privilege

Elevation of Privilege is a key component of the design phase in the Microsoft Security Development Lifecycle. It is one of the ways to go about threat modeling, and it helps to figure out potential threats software, and computer systems might face. Needless to say, security bugs in Elevation of Privilege and other essential security components are not something one would want to have. However, there recently was a backlash between Google and Microsoft because the former revealed a security bug in Windows 8.1 related to Elevation of Privilege before Microsoft issued a patch. Read more »

Poodle Sniffs Out Your Data

Obviously, we do not mean an actual canine because that would be too far-fetched, but there is something related to cyber security that is called POODLE. We think that you should pay attention to it because even the U.S. Department of Homeland Security pointed out how important it is to take care of this issue immediately. While dealing with POODLE does not depend on users themselves, we would like to address this matter in this article, letting you know more about this disturbing vulnerability. Read on to find out more about this vulnerability and potential security threat. Read more »