Custom-made malware installed on an offline computer can use a hard drive's LED to send out sensitive data from infected computers to nearby cameras.
The Linux team has patched a security flaw in the Linux kernel that can be exploited to gain root-level code execution rights from a low-privileged process.
A new variant of the Lockdroid Android ransomware has chosen a unique way of unlocking devices by asking users to speak a code provided after paying the ransom.
A newly discovered ransomware family calling itself Patcher is targeting macOS users, but according to security researchers from ESET, who discovered the ransomware last week, Patcher bungles the encryption process and leaves affected users with no way of recovering their files.
Yesterday, Bleeping Computer's Lawrence Abrams came across a new ransomware family that he named Trump Locker based on the email address crooks listed in the ransom note, and an image of US President Donald Trump the ransomware displayed before its ransom note.
Top Bitcoin trading platform Bitfinex was hit yesterday late night by what its experts categorized as a "severe DDoS attack."
Today we have a deal for a training bootcamp on a variety of programming languages such as Ruby, C#, & Docker essentials, CSS, Pascal, Bootstrap 4, Elang, Go, and Julia. This bundle is normally priced at $999, but has been discounted 96% to $34 as part of this deal. Certificates of completion will be included at the end of the course
A well-organized cyber-espionage group is infecting computers at selected targets in Ukraine, turning on their microphone to record nearby audio, stealing documents, and storing exfiltrated data inside Dropbox accounts, according to security firm CyberX, who recently came across the malware used in these attacks.
A malvertising campaign has specifically targeted and redirected Chrome users to a website they couldn't leave unless they agreed to install a rogue Chrome extension.
Google confirmed yesterday it was shutting down its Site Search service, which is the commercial version of the free service Google Custom Search, also known as Custom Search Engine (CSE).
Today Microsoft released the MS17-005 Security Update for Adobe Flash Player (4010250), which patches a remote code execution vulnerability in Adobe Flash Player. This update resolves the same vulnerabilities patched by Adobe on February 14th in their APSB17-04 update.
Today, Avast released a decryptor for CryptoMix victim's that were encrypted while in offline mode. Offline mode is when the ransomware runs and encrypts a victim's computer while there is no Internet connection or the computer cannot connect to the ransomware's Command & Control server.
The way in which Firefox caches intermediate CA certificates allows a third-party to deduce various details about website visitors and also link advertising profiles to private browsing sessions.
Both Java and Python contain similar security flaws that allow an attacker to bypass firewalls by injecting malicious commands inside FTP URLs.
Under the coordination of the UK government, rights holders and today's top two search engines have reached and signed an agreement that will demote piracy-related links in search results.
The PHP team has unanimously voted to integrate the Libsodium library in the PHP core, and by doing so, becoming the first programming language to support a modern cryptography library by default.
Malware samples used in the recent attacks against several Polish banks contained planted evidence that attempted to blame the attacks on Russian-speaking hackers.