Kudos5 Stats

Yahoo Announces Breach of One Billion Accounts

Hot on the heels of Yahoo announcing a data breach of 500 million user accounts in September, the company has announced that they have suffered another breach of one billion accounts. Yes, you read that correctly- one BILLION accounts.

More
Kudos7 Stats

Netgear password vulnerability could lead to botnet style attacks

Netgear has announced a patch for software vulnerabilities in over 30 devices that can allow hackers access to the router password. The vulnerability gives attackers access to the router’s password recovery system in order to steal login credentials, giving them full access to the device and all of its settings.

More
Kudos2 Stats

Hundreds of Android Apps Containing Dresscode Malware Hiding in Google Play Store

Hundreds of malicious apps are showing up on the Google Play Store, disguised as legitimate applications. These malicious apps are carrying malware known as Dresscode. Dresscode is designed to infiltrate networks and steal data. It can also add infected devices to a Botnet, which is capable of carrying out denial-of-service (DDoS) attacks as well as taking part in spam email campaigns.

More
Kudos1 Stats

Over 1 Million Google Accounts Breached via Malicious Android Apps

The attack campaign, dubbed Gooligan, has breached the security of over one million Google accounts and is still growing at a rate of 13,000 new infections each day. Gooligan is a variant of the Ghost Push malware family of hostile downloaders which download apps onto infected devices without the user’s permission.

More
Kudos1 Stats

Over 400 Million Accounts Breached From FriendFinder Networks Inc.

​FriendFinder Inc. owns multiple adult themed websites including AdultFriendFinder.com, Cams.com, Penthouse.com, Stripshow.com and more. If you have ever signed up for one of these accounts, even if it was briefly out of curiosity, it is recommended that you change your password. This is the company’s second breach in just over a year.  Included in the 400 million breached accounts were 16 million deleted accounts.

More
Kudos4 Stats

Massive Cyberattack from Webcams and Other Connected Devices Broke the Internet- Here’s How it Happened

*Updated October 25th 2016 to include new information about the incident.

Starting in the early hours of Friday, October 21, 2016, a Distributed Denial of Service (DDoS) attack flooded one of the largest DNS server companies in the world, bringing half the Internet to a screeching halt.

More
Kudos0

Yahoo Announces Data Breach Affecting 500 Million Users

If you have a Yahoo account, you need to change your password now. If you reuse that password on any other online accounts, you should change that too.

Yahoo announced on Thursday September 22nd that they have been the victim of a substantial cyber attack that occurred in 2014, which stole information associated with 500 million accounts. Yahoo is currently working with law enforcement to determine the source of the attack.

More
Kudos0

Jigsaw Ransomware Wants to Play a Game, But Not in a Good Way

An unusual strain of ransomware has shown up on the scene, and it isn’t playing nicely at all. Dubbed “Jigsaw,” the ransomware was created in early March and made its way to the black market a week later, selling for around $140 USD. So far, it seems that there has been minimal sales of the malware. Luckily, it is not widespread yet.

More
Kudos0

Bank Credential Stealing Android Malware Is On The Rise

Cyber criminals are finding new ways to steal your money through your Android device. Lately, the use of Android malware that steals your banking credentials, with names such as Acecard or GMbot, is on the rise

More
Kudos0

Symantec Discovery Leads to Malicious App That Steals Viber Photos and Videos

Researchers at Symantec have recently discovered a malicious app that can steal photos and videos from the popular instant messaging and VoIP app Viber. The malicious app, Beaver Gang Counter, which was available on Google Play, positions itself as a score-keeping app for a card game. Instead of helping you keep score, it secretly searches for the directories that Viber uses to store images and video files, which it then sends to a remote server.

More
Kudos0

Fight Off Malicious Pokemon GO! Apps With The Help Of Norton Mobile Security

Overnight sensation Pokémon GO! has continued to explode over a week after its New Zealand, Australia, and the US on Wed July 6. July 13th the game was released in Germany and the following day for the UK. According to the developer, Pokémon GO! was released in 28 additional countries on July 16 in a huge European rollout, followed by Canada on July 17th.

More
Kudos0

13 Million MacKeeper User Accounts Exposed

Earlier this week, white hat hacker Chris Vickery announced that he was able to gain access to over 13 million MacKeeper user accounts. A vulnerability was exploited in the company’s servers, which exposed the usernames, email addresses and other personal information of 13 million customers.

More
Kudos1 Stats

Are Locky and Dridex on Summer Vacation?

A sudden drop in cybercrime activity related to major threat families Locky, Dridex, and Angler have Symantec cybersecurity experts taking note, but still keeping a vigilant eye on the associated malware gangs. One reason for the decrease may be the arrest of 50 people in Russia thought to be involved in the group behind the Lurk banking fraud.

More
Kudos1 Stats

FLocker Ransomware Now Targeting the Big Screen on Android Smart TVs

FLocker (short for "Frantic Locker") ransomware is now capable of locking up Android TV sets. This particular ransomware strain is not new, as it has been posing a threat to Android smartphones since May 2015. There are several thousand variants of this strain of malware, and one has now made its way onto smart televisions running Android OS.

More
Kudos1 Stats

Critical Adobe Flash Player Vulnerability Exploited in the Wild

A critical new vulnerability (CVE-2016-4171) has been exploited via targeted attacks in Adobe Flash Player 21.0.0.242 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. 

This vulnerability can cause a system crash and possibly allow an attacker to take control of the affected system.

More
Kudos2 Stats

Be Still My Bleeding Heart: The Latest OpenSSL Vulnerability Is Nothing To Worry About


On March 19th, 2015, website developers who use OpenSSL learned of several bugs, including a severe bug that could allow hackers to render a webserver or website unavailable to users.

What is OpenSSL?

The “Open” in OpenSSL means that any developers can work on the code in the project. The SSL refers to secure sockets layer, which is a form of security built into a web browser that is used to encrypt and decrypt data being sent across the web.

More
Kudos3 Stats

Beware of Hacked Twitter Accounts Posting Links to Adult Dating and Sex Personals

Over 2,500 Twitter accounts have been taken over by scammers and are tweeting links to adult dating and sex personals websites. Once the accounts were compromised, the attackers essentially “rebranded” the account by changing profile photos, biographies, and name of the accounts to match the websites they were promoting.

More
Kudos4 Stats

Adobe Releases Patch of 25 Flash Flaws

Hot on the heels of the zero-day flaw announced earlier this week, Adobe has released a patch today that patches 25 newly discovered vulnerabilities. The vulnerabilities that were found affect Flash for Windows, Mac OS X, Linux, and ChromeOS operating systems. These vulnerabilities can allow an attacker to take control of the affected computer if exploited.

More
Kudos1 Stats

Over 250 Million Email Credentials Retrieved in Data Breach, However, It May Not Be as Bad as it Seems

American cyber investigation company Hold Security has discovered a massive data breach of more than 250 million webmail accounts around the world.

The company’s founder, Alex Holden, reportedly told Reuters that:

“The discovery of 272.3 million stolen accounts included a majority of users of Mail.ru, Russia’s most popular email service, and smaller fractions of Google, Yahoo and Microsoft email users.”

More
Kudos3 Stats

BeautifulPeople.Com’s Ugly Data Breach

1.1 Million people are at the risk of having their private data exposed in the underground economy, also known as the Dark Web. Controversial website, BeautifulPeople.com, which claims to have “the largest network of attractive people in the world” has announced that they have become a recent victim of a data breach.

More
Kudos4 Stats

Four Tax Scams to Watch out for This Tax Season

Benjamin Franklin once said that the only certain things in life are death and taxes. While individuals, businesses, and tax preparers get ready for tax season at the beginning of each year, another certainty exists: Cybercriminals will attempt to victimize these entities with tax-related scams.

More
Kudos2 Stats

Android Lockdroid Variants Target Western Regions and Japan

One of the most prevalent Android ransomware threats in the West has now expanded to Asia, choosing Japan as its first target. Android.Lockdroid was spotted on March 11th, and disguises itself as a system update. Once the ransomware detects that it’s installed on a device in a certain country, it displays the ransom message in that country’s language.

More
Kudos2 Stats

Symantec Financial Threats Report Gives Consumers Security Tips

It’s tax season, so our finances are top of mind for many of us. Cybercriminals are thinking about our money, too. After all, most cybercrimes are committed for monetary gain. According to the Symantec report titled “Financial Threats 2015,” cyber thieves are developing stronger attacks on banks and other institutions to try to access our hard-earned money. Here’s an inside look at the top threats financial companies faced in 2015, plus tips on keeping your own bank accounts secure. 

More
Kudos2 Stats

Burrp Compromised. Angler Exploit Kit Delivers TeslaCrypt Ransomware

Cybercriminals regularly use exploit kits to innovatively find vulnerabilities in systems and infect users with malware. An exploit kit opens a medium for cyber criminals to communicate with your system and feed it codes that include different types of commands. These kits are big money in the underground economy and one of the most notorious among them is the Angler Exploit Kit.

More
Kudos1 Stats

Adobe Issues Emergency Patch for Newly-Discovered Flash Vulnerability

The discovery of a critical Adobe Flash Player zero-day vulnerability, CVE-2016-1010, “that could potentially allow an attacker to take control of the affected system” prompted Adobe to issue an emergency patch on March 10. Adobe says the vulnerability has been identified as “being used in limited, targeted attacks.”

More
Kudos0

Symantec Discovery Finds That Phishers Are Creating YouTube Channels to Document Their Attacks

Symantec recently discovered a phishing site for Amazon.com, which didn't seem out of the norm, at first. However, when taking a closer look at the HTML source code, an interesting comment from the attacker was uncovered. The "brag tag," found details that consisted of the name of the scam, "Scama Amazon 2016,” along with the attacker's name, website, and even a YouTube channel.

More
Kudos2 Stats

First Mac Ransomware Targets Apple Users

Between March 4th and 5th, 2016, Apple customers were the targets of the first Mac-focused ransomware campaign seen in the wild.  These users downloaded a compromised version of the installer for the Transmission BitTorrent client. The malicious Trojan, known as OSX.Keranger, like most ransomware, will encrypt a user’s files and demand a fee (in this case, one Bitcoin, or ~$400) to release the files.

More
Kudos1 Stats

Beware of W2 Phishing Emails Targeting Employees

With the IRS’s due date of April 18th looming overhead, fraudsters are rapidly trying to cash in on tax refunds. Over the past two weeks, we’ve seen an increase of BEC (business email compromise) fraudster scams involving requests for employee’s W2 taxpayer information. In this scam, the scammer pretends to be a member of upper management, and targets a more junior member of the organization.

More
Kudos3 Stats

Mobile Apps and IoT Devices Are an Overlooked Security Risk by Consumers – and That's a Problem

Today, Norton released findings from a survey of more than 5,000 consumers from U.S., U.K., Canada, Australia and Japan about their fears of and forays into the connected world. The survey makes clear that there are two types of people: those who understand smartphones and IoT devices come with risks, and those who do not.  

More
Kudos2 Stats

Cyber Security Top Tips for 2016

2015 was a banner year for cybercriminals. We reported on 53 events that made it into the headlines, however that was just what we reported. There were many more than that occurred.

We took a look at what was trending to try to predict the next “big things” in cyber security to be on the lookout for in 2016.

More
Kudos1 Stats

Latest Cyberthreat Intelligence for January

Symantec’s Global Intelligence Network (GIN) team has updated their intelligence page, which provides the most up-to-date analysis of cybersecurity threats, trends, and insights concerning malware, spam, and other potentially harmful risks. The GIN is a respected source of data and analysis for global cybersecurity threats, trends and insights.

More
Kudos2 Stats

Internet Scams Based on Current Events Plague Users

It’s sad to say, but cybercriminals have learned how to use our emotions against us. When we read media reports about accidents or watch videos of natural disasters on the news, it’s normal to feel empathy for the victims of tragic current events, or even concern for our own safety. Unfortunately, that’s when scammers have learned that we are at our most vulnerable, and they have an array of tools to take advantage of that.

More