Security Alerts & News
by Tymoteusz A. Góral

History
#672 Toymaker’s website pushes ransomware that holds visitors’ files hostage
The website belonging to Maisto International, a popular maker of remote-controlled toy vehicles, has been caught pushing ransomware that holds visitors' files hostage until they pay a hefty fee.

Malicious files provided by the Angler exploit kit were hosted directly on the homepage of Maisto[.]com, according to antivirus provider Malwarebytes. The attack code exploits vulnerabilities in older versions of applications such as Adobe Flash, Oracle Java, Silverlight, and Internet Explorer. People who visit Maisto[.]com with machines that haven't received the latest updates are surreptitiously infected with the CryptXXX ransomware. Fortunately for victims in this case, researchers from Kaspersky Lab recently uncovered a weakness in the app that allows users to recover their files without paying the extortion demand. People infected with ransomware in other drive-by attacks haven't been so lucky.
Read more
#682 A dramatic rise in ATM skimming attacks
#681 Phony Google update spreads data-stealing Android malware
#680 U.S. labels Switzerland an internet piracy haven
#679 Google patches 9 security flaws in new Chrome browser build
#678 GCHQ has disclosed over 20 vulnerabilities this year, including ones in Apple iOS
#677 The critical hole at the heart of our cell phone networks
#676 AV comparatives: Anti-Spam Test (PDF)
#675 Locky ransomware spreads via Flash and Windows kernel exploits
#674 Almost two-thirds of software companies contributing to open source
#673 Hacking Slack accounts: As easy as searching GitHub
#672 Toymaker’s website pushes ransomware that holds visitors’ files hostage
#671 Google's OnHub is the first WiFi router to support IFTTT
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12