Microsoft patch fixes Office zero-day
The current patches of Microsoft close i.a. a critical vulnerability in Office, which has been exploited by massively spammed Dridex banking trojans. Updating is the best protection.
Microsoft patch fixes Office zero-day
The current patches of Microsoft close i.a. a critical vulnerability in Office, which has been exploited by massively spammed Dridex banking trojans. Updating is the best protection.
DoubleAgent - does it really turn AV into malware?
A company offering protection against Zero-day exploits, exposes a vulnerability in Windows, which allegedly allows attackers to turn AV-products into malware. A lot of uncertainty has been created. On closer inspection, there is no reason to panic.
Data breach risks - are enterprises out of touch with reality?
It is notable that many respondents in a recent survey expressed confidence in their overall cybersecurity strategy. Looking at the coverage of recent data breaches, though, this degree of confidence might seem unwarranted. Still, there is light at the end of the tunnel: both governments and…
WikiLeaks Vault7 Year Zero
Agencies spy. That’s a trivial fact. And even if most of the leaked details have been known before, a bad feeling comes up when information is leaked that provides insight about the extent and the systematics of the agencies’ acitivities. Vault 7 Year Zero is the first set of documents and it…
Connected toy manufacturer suffers data breach
Manufacturer "Spiral Toys“ sells connected soft toys under the "Cloud Pets" brand. The toy transmits voice recordings between parents and their children. A massive data leak has now resulted in the exposure of this personal information to unauthorized individuals. About 800.000 registered users are…
Patch up, boys! Microsoft to stop publishing Security Bulletins
Many system administrators rely on Microsoft’s Security Bulletins to obtain information about critical security issues. However, from February’s Patch Tuesday onwards, Microsoft will no longer be publishing them. Instead, the company has chosen to replace the bulletins with an online database,…
Hacking a human heart
While the headline may conjure up romantic associations, the real background is more worrying. Researchers have discovered that the stationary transmitter used by a specific type of pacemaker suffers from a vulnerability which may have been exploitable remotely. The manufacturer released a software…
Gooligan's Islands - new Android malware discovered in third party app stores
The fact that there are many free apps on unofficial market platforms appeals to many users. This is especially true since a lot of the apps would cost money on Google Play. There is a downside to this, however, as recent findings about a new Android malware called "Gooligan" have shown.
The Kings in Your Castle, Pt #4
Oftentimes, there is talk about a "sophisticated" malware-based attack against an individual or an organization. The prevalent assumption is that a great deal of development work has gone into the attack tools. In the 4th part of the article series, Marion Marschalek and Raphael Vinot will…
The Kings in Your Castle Pt. #1
In an upcoming series of articles on the intricacies of targeted attacks, G DATA’s Marion Marschalek and Raphael Vinot of the Computer Incident Response Center Luxembourg (CIRCL) will shine a light on the internal workings of modern APTs and present their findings during the Troopers Conference in…