This malware will partially mutate every 20 minutes to avoid detection Dexphot’s main purpose is to silently mine cryptocurrency and generate revenue for the attackers. Researchers have documented the use of a process hollowing technique to disguise the presence of cryptocurrency mining malware on infected systems. On Wednesday, Trend Micro ...
Read More »
20 VPS providers to shut down on Monday, giving customers two days to save their data
At least 20 web hosting providers have hastily notified customers today, Saturday, December 7, that they plan to shut down on Monday, giving their clients two days to download data from their accounts before servers are shut down and wiped clean. The list of providers that notified customers about their ...
Read More »Two malicious Python libraries caught stealing SSH and GPG keys
Image: ZDNet The Python security team removed two trojanized Python libraries from PyPI (Python Package Index) that were caught stealing SSH and GPG keys from the projects of infected developers. The two libraries were created by the same developer and mimicked other more popular libraries — using a technique called ...
Read More »iOS apps could really benefit from the newly proposed Security.plist standard
Image: Ivan Rodriguez Earlier this month, security researcher Ivan Rodriguez proposed a new security standard for iOS apps, which he named Security.plist. The idea is simple. App makers would create a property list file (plist) named security.plist that they would embed inside the root of their iOS apps. The file ...
Read More »Here’s how to enable DoH in each browser, ISPs be damned
DNS-over-HTTPS: Where is each browser on this? DoH support is already present in all major browsers. Users just have to enable it and configure it. All six major browser vendors have plans to support DNS-over-HTTPS (or DoH), a protocol that encrypts DNS traffic and helps improve a user’s privacy on ...
Read More »Popular apps on Google Play linked to old remote code execution bugs
Bill Gates: I messed up Microsoft’s chance to beat Android Microsoft co-founder Bill Gates says the antitrust case stopped Microsoft delivering a mobile OS. The latest versions of popular apps hosted on Google Play are harboring known vulnerabilities that could subject users to Remote Code Execution (RCE) attacks. When we ...
Read More »Chrome, Edge, Safari hacked at elite Chinese hacking contest
Image: Tianfu Cup China’s top hackers have gathered this weekend in the city of Chengdu to compete in the Tianfu Cup, the country’s top hacking competition. Over the course of two days — November 16 and 17 — Chinese security researchers will test zero-days against some of the world’s most ...
Read More »Intel, Mozilla, Red Hat, and Fastly partner to make WebAssembly a cross-platform runtime
Image: The Bytecode Alliance Intel, Mozilla, Red Hat, and Fastly announced today the creation of the Bytecode Alliance, an open-source foundation that will work to make WebAssembly into a cross-platform runtime that can be used on native mobile, desktop, and server environments, and not just inside browsers. WebAssembly is a ...
Read More »Phones and PCs sold in Russia will have to come pre-installed with Russian apps
Image:Szabo Viktor The Russian Parliament is debating a bill that will force all electronic equipment sold in Russia — such as smartphones, computers, and smart TVs — to ship pre-installed with apps from Russian tech firms. According to lawmakers, “the bill will protect the interests of Russian Internet companies and ...
Read More »Proofpoint acquires insider threat intelligence firm ObserveIT in $225 million deal
Cybersecurity: How technology can affect your organization’s goals Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, talks with Tonya Hall about the various technologies that could be keeping organizations from reaching their cybersecurity goals. Proofpoint has acquired threat management provider ObserveIT in a deal aimed at bolstering the ...
Read More »