Apple has shut down what appears to have been the first, fully-functional ransomware targeting Mac computers. This particular form of cyber threat involves malware that encrypts the data on your personal computer so you can no longer access it. Afterwards, the hackers request that you pay them in a hard-to-trace digital currency – in this case, bitcoin – in order for you to retrieve your files. This ransomware, called KeRanger,” was first reported by researchers at Palo Alto Networks. They also
Google today patched two critical holes in its problematic Android Mediaserver component which would allow an attacker to use email, web browsing, and MMS processing of media files to remotely execute code. With this latest vulnerability, Google has patched its Mediaserver more than two dozen times since the Stagefright vulnerability was discovered in August.
Facebook has paid $15,000 (€13,600) to an independent security researcher who discovered a simple way of resetting passwords for other accounts, setting a new passphrase and effectively taking over profiles.
Apple has yet to patch a series of bypass vulnerabilities in iOS that could enable an attacker to sidestep the passcode authorization screen on iPhones and iPads running iOS 9.0, 9.1, and the most recent build of the mobile operating system, 9.2.1.
“By doing so, I knew that I would get a shitload of public attention, which I did,” McAfee said. “That video, on my YouTube account, it has 700,000 views. My point is to bring to the American public the problem that the FBI is trying to [fool] the American public. How am I going to do that, by just going off and saying it? No one is going to listen to that crap.
A security research firm announced Sunday its discovery of what is believed to be the world’s first ransomware that specifically goes after OS X machines. "This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom,” Ryan Olson, of Palo Alto Networks, told Reuters.
A functional quantum computer large enough to crack traditional RSA encryption may still be in the future, but the U.S. National Security Agency is taking the possibility seriously. In January, it posted an FAQ on the technology’s potential.
Email scam artists last week tricked an employee at data storage giant Seagate Technology into giving away W-2 tax documents on all current and past employees, KrebsOnSecurity has learned. W-2 forms contain employee Social Security numbers, salaries and other personal data, and are highly prized by thieves involved in filing phony tax refund requests with the Internal Revenue Service (IRS) and the states.