Security Alerts & News
by Tymoteusz A. Góral

History
#394 Samsung Windows laptop owners urged to download fix to MitM vulnerability
The flaw is tied to a feature called “Samsung SW Update Tool 2.2.5.16” designed keep Samsung laptop users’ drivers and software up to date. Security researchers at Core Security discovered the vulnerability in November 2015 and disclosed the flaw March 4 after Samsung issued the patch to fix the problem.
#393 Off-the-Record (OTR) protocol patched against remote code execution flaw
Users of secure messaging apps such as Pidgin, Adium and others built upon libotr, the Off-the-Record protocol, are being urged to update immediately to current versions after the discovery of a critical flaw that can be used in targeted attacks to expose encrypted communication.
#392 Bangladesh bank hackers fail in bid to net $1bn
Cyberthieves who targeted Bangladesh's central bank tried to get away with $1bn, reports Reuters.
#391 Spike in ransomware spam prompts warnings
Security firms are warning about a sudden "huge" surge in junk mail messages containing ransomware.
#390 Australian Communications and Media Authority ACMA spruiks default IoT spectrum worldwide
The Australian Communications and Media Authority (ACMA) has addressed the issues associated with licensing spectrum for the Internet of Things (IoT), arguing in favour of a default spectrum band for all devices across the globe -- or, alternatively, sensors that can identify which country a device is operating in.
#389 Gaps in CA system? Banking trojan with a valid Comodo root certificate
A banking Trojan is hitting the market with a valid root certificate and a set of installation directions. It shows that there are some real security gaps in the current Certificate Authorities system.
#388 Android banking trojan masquerades as Flash Player and bypasses 2FA
Active users of mobile banking apps should be aware of a new Android banking trojan campaign targeting customers of large banks in Australia, New Zealand and Turkey. The banking malware, detected by ESET security products as Android/Spy.Agent.SI, can steal login credentials from 20 mobile banking apps.The list of target banks includes the largest banks in each of the three target countries (A full list can be found in the final section of this article). Thanks to its ability to intercept SMS com
#387 Google has confirmed it is removing toolbar PageRank
Google has confirmed with Search Engine Land that it is removing Toolbar PageRank. That means that if you are using a tool or a browser that shows you PageRank data from Google, within the next couple weeks it will begin not to show any data at all.
#386 Ubuntu drops support for AMD's Catalyst GPU driver
Ubuntu developers have deprecated the fglrx / Catalyst Linux display stack for Ubuntu 16.04 LTS. Users of this upcoming Ubuntu release are now encouraged to use the open-source Radeon display stack.
#385 MIT creates algorithm that speeds up page load time by 34 percent
MIT's Polaris framework will work by creating dependency graphs for each Web page, which dictates the most efficient order in which all the page resources need to be loaded.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12