Security Alerts & News
by Tymoteusz A. Góral

History
#2147 LastPass bugs allow malicious websites to steal passwords
LastPass patched three separate bugs that affected its Chrome and Firefox browser extensions, which if exploited, would have allowed a third-party to extract passwords from users visiting a malicious website.

All bugs were discovered by Tavis Ormandy, a security researcher working for Google's Project Zero.

One bug affected the LastPass for Chrome extension, while the other two affected the company's Firefox add-on.
Read more
#2149 Soundwaves used to produce fake data from accelerometers
#2148 A new trend in Android adware: abusing Android plugin frameworks
#2147 LastPass bugs allow malicious websites to steal passwords
#2146 Winnti abuses GitHub for C&C communications
#2145 Lithuanian con artist scams two US tech giants out of $100 million
#2144 Chinese crooks use fake cellular telephony towers to spread Android malware
#2143 Hackers: We will remotely wipe iPhones unless Apple pays ransom
#2142 DoubleAgent: 0day code injection and persistence technique
#2141 Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs
#2140 New LLTP ransomware appears to be a rewritten venus locker
#2139 Swearing trojan continues to rage, even after authors’ arrest
#2138 Bitcoin scams: Beware of crooks trying to steal your cryptocurrency with these schemes
#2137 Word document spreads macro malware targeting both Windows and macOS
#2136 New WikiLeaks dump: The CIA built Thunderbolt exploit, implants to target Macs
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12