Breaking News




Source: Veracode.com

Sep 16, 2016
You probably get a lot of email. Do you give every email the same level of attention? Do you read, craft a thoughtful response, and immediately complete any follow-on tasks for every single email message as it comes in? If you do, congrats – but you probably don’t spend your days doing much else! Whether you know it or not, you have a policy regarding your emails. Maybe you automatically route...

Enlarge This post has been rewritten throughout to make clear that the MAC-bypass vulnerability allows attackers to append pseudorandom data to encrypted attachments. It doesn't allow attackers to choose the underlying plaintext of the tampered attachment or to replace one attachment with another. The revision also makes clear that the compression is effective only while the modified attach...


Source: Kaspersky (securelist.com)

Sep 16, 2016
 Download PDF Introduction The telecommunications industry keeps the world connected. Telecoms providers build, operate and manage the complex network infrastructures used for voice and data transmission – and they communicate and store vast amounts of sensitive data. This makes them a top target for cyber-attack. According to PwC’s Global State of Information Security, 2016, IT security incide...


Source: Kaspersky (securelist.com)

Sep 16, 2016
While ransomware is a global threat, every now and then we see a variant that targets one specific region. For example, the Coinvault malware had many infections in the Netherlands, because the authors posted malicious software on Usenet and Dutch people are particular fond of downloading things over Usenet. Another example is the recent Shade campaign, which targets mostly Russia and CIS. Toda...


Source: Kaspersky (securelist.com)

Sep 16, 2016
In early June, 2016, the Russian police arrested the alleged members of the criminal group known as Lurk. The police suspected Lurk of stealing nearly three billion rubles, using malicious software to systematically withdraw large sums of money from the accounts of commercial organizations, including banks. For Kaspersky Lab, these arrests marked the culmination of a six-year investigation by t...


Source: Kaspersky (securelist.com)

Sep 16, 2016
For malware writers, Google Play is the promised land of sorts. Once there, a malicious application gains access to a wide audience, gains the trust of that audience and experiences a degree of leniency from the security systems built into operating systems. On mobile devices, users typically cannot install applications coming from sources other than the official store, meaning this is a seriou...


Source: Kaspersky (securelist.com)

Sep 16, 2016
Almost every Android OS update includes new security features designed to make cybercriminals’ life harder. And, of course, the cybercriminals always try to bypass them. We have found a new modification of the mobile banking Trojan, Trojan-Banker.AndroidOS.Gugi.c that can bypass two new security features added in Android 6: permission-based app overlays and a dynamic permission requirement for...


Source: Kaspersky (securelist.com)

Sep 16, 2016
In a nutshell Backdoor.OSX.Mokes.a is the most recently discovered OS X variant of a cross-platform backdoor which is able to operate on all major operating systems (Windows,Linux,OS X). Please see also our analysis on the Windows and Linux variants. This malware family is able to steal various types of data from the victim’s machine (Screenshots, Audio-/Video-Captures, Office-Documents, Keyst...