In 2014, Symantec observed a 70 percent increase in scams distributed via social media, which often spreads rapidly because people are more likely to click something posted by a friend. Criminals hijacked the power of “social proof” – the idea that we attribute more value to something if it’s shared or approved by others.
Until now, it has been hard to know exactly what each update and upgrade contains. While security fixes were enumerated—as they have been for Patch Tuesday for many years—information about the non-security portion of the updates was scant. Microsoft's public release notes for each update package were virtually non-existent—and this in spite of the company producing internal documentation to tell its OEM partners what was changing. After pushback from IT departments and end users alike, the compa
tarting on June 30, 2016, Google will no longer accept new Flash display ads from advertisers. On January 2, 2017, even old Flash ads will be blocked from appearing, making Google's ad network mostly Flash-free. The one exception seems to be video ads, as Google notes that "video ads built in Flash will not be impacted at this time."
NCR has received reliable reports of NCR and Diebold ATMs being attacked through the use of external skimming devices. These devices are plugged into the ATM network cables and intercept customer card data. Additional devices are attached to the ATM to capture the PIN. A keyboard overlay was used to attack an NCR ATM, a concealed camera was used on the Diebold ATM. PIN data is then likely transmitted wirelessly to the skimming device.
Experts with Kaspersky Lab’s Global Research and Analysis Team, who today at the Kaspersky Lab Security Analyst Summit disclosed research on the group and the malware it spreads, say there’s enough evidence surrounding the attacks to suggest it’s the first ever Portuguese-speaking attack group.
A family of Java-based malware that has given attackers a backdoor into Windows, Linux, Mac OS X, and Android devices since 2013 has risen from the dead once again as a "commercial" backdoor-as-a-service.
A hacker, or hacking group, published via Twitter what they said were records of 9,000 DHS employees. According to technology news site Motherboard, the hacker has said he will soon share the personal information of 20,000 DoJ employees, including staff at the FBI.