Thursday, August 17, 2017
           (757) 873-6707                     Monday - Friday, 9 am - 5:30pm
Attackers Backdoor Another Software Update Mechanism Researchers at Kaspersky Lab said today that the update mechanism for Korean server management software provider NetSarang was compromised and serving a backdoor called ShadowPad.
Patched Flash Player Sandbox Escape Leaked Windows Credentials One of Tuesday's Flash Player patches was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue.
Mamba Ransomware Resurfaces in Brazil, Saudi Arabia Researchers at Kaspersky Lab have seen a resurgence of Mamba ransomware pop up recently in Brazil and Saudi Arabia.
Updates to Sofacy, Turla Highlight 2017 Q2 APT Activity Attackers behind APT campaigns have kept busy in Q2 2017, adding new ways to bypass detection, crafting new payloads to drop, and identifying new zero days and backdoors to help them infect users and maintain persistence on machines.

Latest News

Locky Ransomware Variant Slips Past Some Defenses

Ransomware called IKARUSdilapidated is managing to slip into unsuspecting organizations as an unknown file.

Flash’s Final Countdown Has Begun

The impending demise of Adobe Flash will create legacy challenges similar to Windows XP as companies begin to wean themselves off the vulnerable code base.

Maersk Shipping Reports $300M Loss Stemming from NotPetya Attack

A.P. Moller -Maersk said June's NotPetya wiper malware attacks would cost the world's largest shipping container company $300M USD in lost revenue.

Google Removes Chrome Extension Used in Banking Fraud

Google has removed the Interface Online Chrome extension from the Chrome Web Store. The plugin was used by criminals in Brazil to target corporate users with the aim of stealing banking credentials.

Seven More Chrome Extensions Compromised

The list of compromised Chrome extensions that hijack traffic and substitute advertisements on victims’ browsers grows.

Spam Domains Imitating Popular Banks Spreading Trickbot Banking Trojan

Researchers at My Online Security and the SANS Internet Storm Center have analyzed spam campaigns utilizing plausible imitations of legitimate banking domains to spread the Trickbot banking malware.

Blizzard Entertainment Hit With Weekend DDoS Attack

Blizzard Entertainment was hit with a crippling DDoS attack over the weekend that followed similar attacks last week that knocked gamers offline.

Windows Search Bug Worth Watching, and Squashing

Patches are available—and should be applied—that address a critical vulnerability in Windows Search that some are calling the next WannaCry. Others aren't so ready to do that.

Smart Locks Bricked by Bad Update

LockState's CEO says he is “deeply sorry” about an erroneous wireless update that bricked hundreds of smart locks.

Researchers Find Phishing Site Encrypted with AES

A phishing site seeking Apple credentials and victim payment card information is encrypted with AES, researchers at Ring 0 Labs said.