It’s Patch Tuesday again and, as per usual, both Microsoft and Adobe have pushed out patches for widely-used software packages. The Microsoft patches Microsoft’s December 2018 Patch Tuesday release is pretty lightweight: the company has plugged 38 CVE-numbered security holes, nine of which are considered to be Critical. Among the most notable bugs in this batch are CVE-2018-8611, an elevation of privilege vulnerability that arises when the Windows kernel fails to properly handle objects in … More
The post December 2018 Patch Tuesday: Microsoft patches Windows zero-day exploited in the wild appeared first on Help Net Security.
A future where the Internet of Things spreads exponentially is almost certain. Seemingly everybody wants these devices: consumers for the helpful features and manufacturers for the ability to collect data about the product and consumers’ use of it. Paul Calatayud, Palo Alto Networks’ CSO for the Americas, sees the IoT evolving into a new form of distributed computing powered by 5G and ever-increasing bandwidth speeds. The result will be intelligent, programmable devices that operate without … More
The post Securing and managing the enterprise Internet of Things appeared first on Help Net Security.
Mac-based malware has appeared on the list of the top ten most common types of malware for the first time in WatchGuard’s quarterly Internet security report. The Mac scareware appeared in sixth place in WatchGuard’s latest Q3 2018 report and is primarily delivered by email to trick victims into installing fake cleaning software. Researchers also found that 6.8 percent of the world’s top 100,000 websites still accept old, insecure versions of the SSL encryption protocol, … More
The post 6.8% of the top 100,000 websites still accept old, insecure SSL versions appeared first on Help Net Security.
ESET researchers have unearthed a new Android Trojan that tricks users into logging into PayPal, then takes over and mimics the user’s clicks to send money to the attacker’s PayPal address. The heist won’t go unnoticed by the victim if they are looking at the phone screen, but they will also be unable to do anything to stop the transaction from being executed as it all happens in a matter of seconds. The only thing … More
The post Android Trojan steals money from victims’ PayPal account appeared first on Help Net Security.
Trend Micro released its 2019 predictions report, warning that attackers will increase the effectiveness of proven attack methods by adding more sophisticated elements to take advantage of the changing technology landscape. “As we head into 2019, organizations must understand the security implications of greater cloud adoption, converging IT and OT, and increasing remote working,” said Greg Young, vice president of cybersecurity for Trend Micro. “Cybercriminals will continue to follow a winning formula – exploiting existing … More
Check Point has published its latest Global Threat Index for November 2018. The index reveals that the Emotet botnet has entered the Index’s top 10 ranking after researchers saw it spread through several campaigns, including a Thanksgiving-themed campaign. This involved sending malspam emails in the guise of Thanksgiving cards, containing email subjects such as happy “Thanksgiving day wishes”, “Thanksgiving wishes” and “the Thanksgiving day congratulation!” These emails contained malicious attachments, often with file names related … More