Security Alerts & News
by Tymoteusz A. Góral

History
#913 Ransomware leaves server credentials in its code
While SNSLocker isn’t a stand-out crypto-ransomware in terms of routine or interface, its coarse and bland façade hid quite a surprise. After looking closer at its code, we discovered that this ransomware contains the credentials for the access of its own server.

We also found out that they used readily-available servers and payment systems. This shows that the authors behind SNSLocker are in it for the same reason a lot of cybercriminals have moved to ransomware: easy setup of systems for massive infection, and quick return of income. However, they were either too quick or they aren’t investing that much on the operation when they left their credentials out in the open (the credentials have also been shared in social media by other security researchers). We have reported this finding to law enforcement agencies.
Read more
#914 DDoS attacks increase over 125 percent year over year
#913 Ransomware leaves server credentials in its code
#912 Qarallax RAT: Spying on US visa applicants
#911 Google to deprecate SSLv3, RC4 in Gmail IMAP/POP clients
#910 Many Lexus navigation systems bricked by over-the-air software update
#909 Firefox 47 fixes 13 vulnerabilities, removes click-to-activate plugin whitelist
#908 The new Apple App Store: subscription pricing, faster approvals, and search ads
#907 Unpatched DLink WiFi camera flaw remotely exploitable
#906 Symantec: Fake gaming torrents lead to potentially unwanted applications
#905 US warns banks of hacking threat to Swift system
#904 FireEye uncovers phishing campaigns targeting Apple users
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12