Security Alerts & News
by Tymoteusz A. Góral

History
#675 Locky ransomware spreads via Flash and Windows kernel exploits
In early April of this year a zero-day exploit (designated as CVE-2016-1019) was found in Adobe Flash Player. This particular flaw was soon used by the Magnitude Exploit Kit, which led to an Adobe out-of-cycle patch. This flaw was being used to lead to drive-by download attacks with Locky ransomware as the payload.

However, this did not end the threat for users. We recently saw a new variant of this attack that added an unusual twist. On top of the Flash exploit, an old escalation of privileges exploit in Windows (CVE-2015-1701) was used to bypass sandbox technologies.
Read more
#682 A dramatic rise in ATM skimming attacks
#681 Phony Google update spreads data-stealing Android malware
#680 U.S. labels Switzerland an internet piracy haven
#679 Google patches 9 security flaws in new Chrome browser build
#678 GCHQ has disclosed over 20 vulnerabilities this year, including ones in Apple iOS
#677 The critical hole at the heart of our cell phone networks
#676 AV comparatives: Anti-Spam Test (PDF)
#675 Locky ransomware spreads via Flash and Windows kernel exploits
#674 Almost two-thirds of software companies contributing to open source
#673 Hacking Slack accounts: As easy as searching GitHub
#672 Toymaker’s website pushes ransomware that holds visitors’ files hostage
#671 Google's OnHub is the first WiFi router to support IFTTT
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12