Malware

Expert: Patch Bluekeep Now or Face WannaCry Scenario

The flaw known as BlueKeep could be as dangerous as EternalBlue, the basis of recent malware like WannaCry, according to a report by BitSight.

Dark Web Looms Large as Enterprise Threat

New research from the firm Bromium finds dark web listings are booming as operators offer tailored access to enterprise networks.

Do Cities deserve Federal Disaster Aid after Cyber Attacks?

As cyber attacks on municipalities mount, is it time to start treating them like the manmade disasters they are?

Israeli Group Exploited WhatsApp to Spy on Users

An Israeli firm has exploited a flaw in the popular messaging mobile app WhatsApp to plant spyware on iPhones and Android. One phone call is all it takes for software developed by the Israeli firm NSO Group to install itself on a vulnerable iPhone or Android device, according to a published report in the FT Times. The publication broke the news, saying it potentially affects 1.5 billion users of the Facebook-owned WhatsApp messaging application, on Monday. WhatsApp quickly issued a fix for the exploit, described in an alert on the Facebook website as “a buffer overflow vulnerability in WhatsApp VOIP stack” that allows for “remote code execution via specially crafted series of SRTCP packets sent to a target phone number.” “WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed […]

Drive-By Malware Uses Google Sites for Drive by Download Attacks

New malware, LoadPCBanker, is leveraging Google’s Sites to spread via drive-by download attacks, according to a new report. Companies are advised to block uploads and downloads from the service.