Today Microsoft released 12 security updates, with four of them being marked as critical. Microsoft updates are labeled critical when the vulnerability could be exploited by a remote user to execute code on the attacked machine.
Vssadmin.exe is a utility bundled with Windows that allows you to administer Shadow Volume Copies. Unfortunately, this tool is also being used by Ransomware developers to make it harder for you to recover your files. This article explains how Shadow Volume Copies work and why it is important for every user to disable vssadmin.exe.
A new version of CryptoWall has been released that displays a redesigned ransom note, new file names, and now encrypts a file's name along with the data as well. A new version of CryptoWall has been released that displays a redesigned ransom note, new file names, and now encrypts a file's name along with the data as well.
A new ransomware has started to become seen on various computer support forums that encrypts your data and then appends the firstname.lastname@example.org string to the filename. Thankfully Kaspersky's RakhniDecryptor tool is able to decrypt this infection.
It is bad enough when a ransomware infection encrypts your data and demands a ransom, but it's even worse when shoddy programming destroys it instead. This is what happened in a new variant of the Power Worm ransomware where bad programming encrypts your data using AES encryption and then throws away the key
A new version of TeslaCrypt has been released that is now using the ccc extension when encrypting files. This version utilizes the same payment site as previous variants and requires a 2 bitcoin, or approximately $500 USD, ransom in order to decrypt your files.
Today Apple released numerous security updates that resolve a total of 142 vulnerabilities in their iOS, watchOS, OSX, iTunes, and Safari products. Some vulnerabilities are the same throughout various Apple products if they share a similar codebase.
A new file-encrypting ransomware has been discovered that appears to be installed via targeted Remote Desktop or Terminal Service attacks. This ransomware, which we call LowLevel4, encrypts your data with AES encryption and then demands 4 Bitcoins to get your files back.
Microsoft released today a security update for Internet Explorer 10, Internet Explorer 11, and Microsoft Edge that updates the bundled Adobe Flash libraries. This patch is only available for users of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.
Adobe has released an emergency update that resolves 3 critical security vulnerabilities, including the one that was discovered by TrendMicro this week. All three of these vulnerabilities could allow an attacker to remotely execute commands on a vulnerable computer.
A new report from Bit9 and Carbon Black details how 2015 was the worst year in history for OSX malware. In a 10 week study conducted by both organizations it was discovered that 2015 had 5 times more malware than all of 2010-2014 combined. OSX users need to take security seriously or they are bound to be affected by future malware.
The latest zero-day exploit for Flash that was reported by TrendMicro is expected to be patched by an Adobe updated coming out on October 19th. This exploit is a critical vulnerability as it allows attackers to create specially crafted web pages that can execute any command on your system.
Microsoft recently announced that they have updated their malicious removal tool to detect and remediate the TeslaCrypt ransomware infection due to the increased distribution and activity detected in August. This announcement just means that Microsoft has added further detection for this ransomware and will remove it via MSRT.
If you have not updated Windows this week, then you need to get updating. Yesterday Microsoft released six security updates, with three of them being marked as critical. If you have not updated Windows this week it is imperative that you do so as soon as possible.
Today just as Adobe released a giant update for Flash and Reader that resolves numerous critical vulnerabilities, TrendMicro announced that they have discovered another new unpatched zero-day exploit in Flash. This exploit is actively being used by attackers in spear-phising emails against several Ministries of Foreign affairs.
New updates are available for Adobe Acrobat, Reader and Flash Player that resolve numerous security vulnerabilities. These 2 updates resolve a whopping 69 vulnerabities, with many of them being labeled as critical. These vulnerabilities range from information disclosure to remote code execution.
A new vulnerability has been disclosed for the QTS operating system used by QNAP storage devices. This vulnerability allows remote OSX users to potentially read and write arbitrary files on a QNAP device through the Apple Filing Protocol (AFP).
Threatpost has reported that there is a publicly disclosed vulnerability in Netgear routers is currently being used by attackers to modify a router's DNS entries. All users of Netgear routers should immediately disable Remote Administration. with instructions found in this article.