In-brief: Chris Poulin of IBM blogs over at Recorded Future that malicious attacks on connected vehicles are a couple of years off. But the genie is already out of the bottle.
Search Results for "ransomware"
Hacking Team Breach Unleashes New Adobe Flash Zero Day
In Brief: As a result of a hack at Hacking Team, and the subsequent disclosure of nearly 400 BG of documents and tools, a new zero day targeting all versions of Adobe Flash has been reported in the wild. Last Sunday, the firm known as Hacking Team was breached. Amid the 400GB of company disclosed from the controversial Italian company were some zero days. These include two Adobe Flash and Windows kernel zero days. One of the Flash zero days is what Hacking Team described on an internal document as “the most beautiful Flash bug for the last four years.” Adobe has issued an security bulletin for CVE-2015-5119, which affects Windows, Linux, and Apple products. Successful exploitation can result in a crash and remote access to the infected machine. Adobe has said it is working on an emergency patch, which could come as early as today. Trend Micro has identified […]
Concept Worm Could Spread Between Networked Attached Storage Systems
Kelly Jackson Higgins over at Dark Reading has a really interesting story about a researcher who is building a NAS worm. That’s right: some automated malware that will be capable of roaming the Internet finding and compromising consumer network attached storage (NAS) devices. Higgins interviewed Jacob Holcomb, a security analyst at the firm Independent Security Evaluators, has rolled more than two dozen previously unknown and undiscovered (‘zero day’) software vulnerabilities in NAS products into a proof-of-concept, self-replicating worm. According to Higgins, the worm scans for vulnerable services running on NAS systems — mostly web servers — and identifies the type of NAS device and whether it harbors the bugs. If a known, vulnerable platform is discovered, the worm launches the corresponding exploit from its quiver to take control of the device. Compromised devices are then used to scan for other, similar devices. Holcomb has already informed affected vendors – a list that includes […]
iPhone and iPad Hijacking: What You Need To Know
The past 24 hours has seen a spate of stories warning about a spate of ‘ransomware’ attacks on iPhones and iPads – especially in the the UK and Australia. According to the reports, compromised devices are locked and owners are instructed to email a ransom (variously: $100, $50, €100) to one “Oleg Pliss” to have their devices unlocked. These attacks aren’t really news. In fact, the Oleg Pliss scam appears to have been circulating for close to six months. However, it’s worthwhile reviewing what we do (and don’t) know about these latest attacks on mobile devices. Accordingly, Security Ledger has put together a short FAQ that tells you what you need to know about the latest mobile scam, and to dispel some of the rumors floating around in the Internet ether. What’s Going On? According to news reports and complaints on Apple Support forums, owners of iPhones and iPads are having their devices locked. […]
Security Ledger Sponsors
Reporting costs money. As an independent, cybersecurity news website, Security Ledger couldn’t continue to do the work we do without the generous support of our sponsor companies and organizations. These firms underwrite our reporting because they value independent voices in the technology media. Join us in thanking them for their continuing support of The Security Ledger!