Web Security News, Articles and Updates

Jerry's Artarama hit with hack

Jerry's Artarama hit with hack

By

A letter has gone out to customers of Jerry's Artarama advising that its online portal "may have been attacked" by a hacker and customer information "may have been compromised."

Voter database hack in Illinois by foreign intruder compromises info of 200K

Voter database hack in Illinois by foreign intruder compromises info of 200K

By

Personal information of Illinois voters is believed to have been siphoned in a cyberattack, possibly of foreign origin.

Details leaked on 71K Minecraft World Map users

Details leaked on 71K Minecraft World Map users

By

Troy Hunt, an Australian researcher, tweeted out a warning of a dump of some 71,000 user accounts leaked from MinecraftWorldMap.com.

FBI-owned Megaupload web pages serving up porn, adult services

FBI-owned Megaupload web pages serving up porn, adult services

By

Several web pages associated with the former file-sharing site Megaupload - seized by the FBI over four years ago in an online piracy investigation - are now serving up pornographic content and junk ads.

WoSign mistakenly assigns two user certificates

WoSign mistakenly assigns two user certificates

By

A Chinese certificate authority mistakenly handed out legitimate user certificates for Github and the University of Central Florida (UCF) to a couple of unauthorized users.

Opera resets all user passwords following incursion

Opera resets all user passwords following incursion

By

Opera is alerting customers of its web browser that its sync system was breached.

GozNym malware is proficient in German, new malicious campaign proves

GozNym malware is proficient in German, new malicious campaign proves

By

Thirteen German financial institutions and their subsidiaries have recently felt the wrath of GozNym as the downloader and banking malware hybrid intensifies its campaign against European banking customers.

City of Sarasota hit with ransomware

City of Sarasota hit with ransomware

By

Although a ransomware attack hit the city of Sarasota, Fla. in February, owing to an ongoing criminal investigation, details of the attack are only now being revealed.

Trust exercise: Symantec's new website security expert is reaching out to hacker community

Trust exercise: Symantec's new website security expert is reaching out to hacker community

By

Tarah Wheeler, whom Symantec recently hired as principal security advocate and senior director of engineering for its Website Security team, is reportedly pledging to foster ties with the independent hacker community.

PilotFish source codes selling on dark web, report

PilotFish source codes selling on dark web, report

By

In what is being flagged as a threat to the health care sector, the source code of all of PilotFish Technology's software has been posted to the dark web.

WikiLeaks postings of Turkish emails included active links to malware

WikiLeaks postings of Turkish emails included active links to malware

By

WikiLeaks' practice of delivering unfiltered information to its readers backfired after a researcher discovered that its collection of leaked Turkish government emails contained over 300 active links to malware files hosted on the controversial site.

McAfee Labs: Lavians Inc. repackaging utilities programs with browser hijacker

McAfee Labs: Lavians Inc. repackaging utilities programs with browser hijacker

By

Software company Lavians Inc. is offering free utilities applications for download that actually contain the Bing.vc browser hijacker software, Intel's McAfee Labs warned in a blog post yesterday.

Email accounts of Hillary Clinton and 100+ Democratic officials hacked

Email accounts of Hillary Clinton and 100+ Democratic officials hacked

By

As the FBI investigation into the hack of the Democratic National Committee broadens, it is being reported that the private email accounts of Hillary Clinton and more than 100 Democratic officials also have been breached.

Report: Spyware used to dox Vietnam Airlines is lurking in other Vietnamese institutions

Report: Spyware used to dox Vietnam Airlines is lurking in other Vietnamese institutions

By

Spyware that was recently found to have infiltrated Vietnam Airlines has also embedded itself in the website operations of various Vietnamese institutions, warned cybersecurity firm Bkav, the Vietnam News Agency reported.

Overpopulated with traffic: Australian online census swamped by DDoS attack

Overpopulated with traffic: Australian online census swamped by DDoS attack

By

The website hosting the online form for Australia's national census was brought down by a series of DDoS attacks on Tuesday, temporarily preventing some of the country's citizens from participating in the population survey.

Facebook hit with hoax scams purporting terror incidents and celebrity deaths

Facebook hit with hoax scams purporting terror incidents and celebrity deaths

By

Facebook users are being lured into giving up their credentials in response to alarming messages about terror incidents and celebrity deaths.

Apparent DDoS attack sinks swimmer Michael Phelps' website

Apparent DDoS attack sinks swimmer Michael Phelps' website

By

Michael Phelps is a world champion in the swimming pool, but on the Internet he just got blown out of the water by an apparent distributed denial of service (DDoS) attack that shut down his commercial website.

VIDEO: Web servers running on HTTP/2 found with multiple denial-of-service vulnerabilities

VIDEO: Web servers running on HTTP/2 found with multiple denial-of-service vulnerabilities

By

In an analysis of five separate manufacturers' web servers running on the new HTTP/2 protocol, cybersecurity firm Imperva found that all five were vulnerable to at least one of four high-profile denial-of-service vulnerabilities.

HEIST attack on SSL/TLS can grab personal info, Black Hat

HEIST attack on SSL/TLS can grab personal info, Black Hat

By

A new technique unveiled at Black Hat can attack the SSL/TLS and other secure channels purely in the browser.

Updated Firefox browser, now with bolstered security

Updated Firefox browser, now with bolstered security

By

Version 48 of the Mozilla's web browser Firefox has just been released offering new features intended to improve the stability and security of the browsing experience.

Kaminsky: Infosec must innovate, or we may lose the Internet as we know it

Kaminsky: Infosec must innovate, or we may lose the Internet as we know it

By

Cybersecurity expert Dan Kaminsky called upon members of the information security community to more openly share innovations, ideas and code to preserve the Internet and its freedoms before they are "regulated into destruction."

Expect spike in cyberattacks during Brazil Olympics

Expect spike in cyberattacks during Brazil Olympics

By

The upcoming contest could prove more problematic than ever for IT security professionals.

Google rolls out HSTS encryption to safeguard web browsing

Google rolls out HSTS encryption to safeguard web browsing

By

Google has enhanced encryption on its google.com domain with the rollout of HTTP Strict Transport Security (HSTS).

NameCheap DNS hijack redirects visitors to old Conficker IP address

NameCheap DNS hijack redirects visitors to old Conficker IP address

By

Several websites using the FreeDNS hosting service from NameCheap have had visitors redirected to malicious, cloned sites via an IP address that once hosted command-and-control servers for the Conficker worm.

Windows 10 free upgrades end today, many upgrading 'due to security'

Windows 10 free upgrades end today, many upgrading 'due to security'

Today sees the end of free upgrades to Windows 10. Security requirements drove twice as many organisations in EMEA (28 percent) to upgrade to Windows 10 compared to North America (14 percent).

Russian web hub Deer.io offering stolen goods and exploit services, report

Russian web hub Deer.io offering stolen goods and exploit services, report

By

A robust underground marketplace for the sale of stolen products from compromised accounts as well as shady online services has been detected in Russia.

Researcher scores $10K+ bounty for digging up Vine's source code

Researcher scores $10K+ bounty for digging up Vine's source code

By

A researcher earned $10,080 from Twitter's bug bounty program after discovering he could access a supposedly private online registry that led him to the complete source code for Twitter's Vine video-sharing service.

Pornhub subscriber info exposed, but relax, it was a bug bounty exploit

Pornhub subscriber info exposed, but relax, it was a bug bounty exploit

By

White hat hackers seeking a $20,000 bug bounty were able to gain remote code execution and tap into the inner workings of popular porn site Pornhub.

Chrome browser extensions discovered engaging in Facebook click fraud

Chrome browser extensions discovered engaging in Facebook click fraud

By

Google has removed a group of malicious browser extensions from its Chrome Web Store, after an independent researcher discovered the programs were hijacking users' Facebook accounts for click-fraud purposes.

Hackers compromising checkout process on retail sites, redirecting shoppers to phishing page

Hackers compromising checkout process on retail sites, redirecting shoppers to phishing page

By

Researchers at Sucuri has uncovered a sampling of novel e-commerce attacks that combine the classic duplicity of phishing schemes with the insidiousness of malicious webpage redirects.

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US