Security News

US Treasury sanctions Russian research institute behind Triton malware

ZDNet Zero Day - Fri, 10/23/2020 - 14:42
US imposes sanctions against Russia's Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM).
Categories: Security News

Apple notarizes six malicious apps posing as Flash installers

ZDNet Zero Day - Fri, 10/23/2020 - 13:31
Apple notarization process bypassed for the second time in six weeks.
Categories: Security News

Phishing groups are collecting user data, email and banking passwords via fake voter registration forms

ZDNet Zero Day - Fri, 10/23/2020 - 10:04
With the election window closing, phishing groups are striking the iron while it's hot.
Categories: Security News

Nvidia tackles code execution flaws, data leaks in GeForce Experience

ZDNet Zero Day - Fri, 10/23/2020 - 06:52
The worst of the bugs is an uncontrolled search path issue with severe, exploitable consequences.
Categories: Security News

FBI, CISA: Russian hackers breached US government networks, exfiltrated data

ZDNet Zero Day - Thu, 10/22/2020 - 16:04
Intrusions blamed on a Russian hacker group known as Energetic Bear.
Categories: Security News

NSA whistleblower Edward Snowden granted permanent residency in Russia

ZDNet Zero Day - Thu, 10/22/2020 - 14:50
Edward Snowden has been living in Russia since June 2013.
Categories: Security News

EU sanctions Russia over 2015 German Parliament hack

ZDNet Zero Day - Thu, 10/22/2020 - 11:47
Germany had been asking and pushing EU officials for an official statement and sanctions against Russia since earlier this year.
Categories: Security News

Firefox 'Site Isolation' feature enters user testing, expected next year

ZDNet Zero Day - Thu, 10/22/2020 - 09:09
Users can test Firefox Site Isolation in Nightly builds.
Categories: Security News

New Windows RAT can be controlled via a Telegram channel

ZDNet Zero Day - Thu, 10/22/2020 - 05:39
New RAT shows a rising trend in the cybercrime underground, with more malware being released with control-by-Telegram features.
Categories: Security News

SEC issues Kik $5 million penalty over illegal cryptocurrency offering

ZDNet Zero Day - Thu, 10/22/2020 - 03:51
The US regulator alleged that Kik’s ICO flouted investment and securities law.
Categories: Security News

US blames Iran for spoofed Proud Boys emails threatening Democrat voters

ZDNet Zero Day - Wed, 10/21/2020 - 19:44
US claims Iran is behind a wave of emails purporting to be from right-wing Proud Boys group that threatened registered Democrat voters with repercussions if they didn't vote for Trump.
Categories: Security News

WordPress deploys forced security update for dangerous bug in popular plugin

ZDNet Zero Day - Wed, 10/21/2020 - 11:31
More than one million WordPress sites were running a vulnerable version of the Loginizer plugin.
Categories: Security News

Adobe releases another out-of-band patch, squashing critical bugs across creative software

ZDNet Zero Day - Wed, 10/21/2020 - 04:25
10 products are impacted, including Photoshop, Illustrator, Dreamweaver, and InDesign.
Categories: Security News

MobileIron enterprise MDM servers under attack from DDoS gangs, nation-states

ZDNet Zero Day - Wed, 10/21/2020 - 00:00
Threat actors range from DDoS botnets to Chinese state-sponsored hacking groups.
Categories: Security News

Google releases Chrome security update to patch actively exploited zero-day

ZDNet Zero Day - Tue, 10/20/2020 - 15:28
Google Chrome 86.0.4240.111 released with a fix.
Categories: Security News

Microsoft says it took down 94% of TrickBot's command and control servers

ZDNet Zero Day - Tue, 10/20/2020 - 14:38
TrickBot survived an initial takedown attempt, but Microsoft and its partners are countering TrickBot operators after every move, taking down any new infrastructure the group is attempting to bring up online.
Categories: Security News

NSA publishes list of top vulnerabilities currently targeted by Chinese hackers

ZDNet Zero Day - Tue, 10/20/2020 - 10:00
NSA urges US public and private sector to apply patches or mitigations to prevent attacks.
Categories: Security News

Google removes two Chrome ad blockers caught collecting user data

ZDNet Zero Day - Tue, 10/20/2020 - 08:45
Nano Adblocker and Nano Defender have been removed from the official Chrome Web Store.
Categories: Security News

Seven mobile browsers vulnerable to address bar spoofing attacks

ZDNet Zero Day - Tue, 10/20/2020 - 08:00
Vulnerabilities allow attackers to trick users into accessing malicious sites while showing the incorrect URL in the address bar.
Categories: Security News

Ransomware gang donates part of ransom demands to charity organizations

ZDNet Zero Day - Tue, 10/20/2020 - 04:30
The Darkside ransomware gang has donated $10K it received as part of ransom demands to Children International and The Water Project.
Categories: Security News