You Are Here: Home » E-Threats » Alerts

Wearable Plain-Text Communication Exposed Through Brute-Force, Bitdefender Finds

The 6-digit pin code used to obfuscate Bluetooth communication between smartwatches and Android devices can be brute-forced into exposing messages in plain-text, according to Bitdefender’s Research Team. Everything from SMS messages to Facebook or Google Hangouts chats are constantly being forwarded to your smartwatch. So all this communication should be safe, right? It turns out that, with a little ingenui...

Hackers Grab Yahoo Credentials through Mail Activity Reports Campaign

Yahoo users are being targeted by a new phishing campaign that helps hackers grab their credentials and hijack accounts. Bitdefender was already blocking the malicious URLs spreading in inboxes worldwide. The phishing campaign starts with messages that bypass the e-mail provider’s antispam filters, reaching the Inbox folder. The e-mails pose as "mail activity reports" and copy Yahoo’s email format to look l...

Dyre Banking Trojan Still Phishing for Data, US-CERT Warns

A new phishing campaign employs the Dyre banking Trojan to steal account credentials from enterprises and financial institutions, according to an alert by the Department of Homeland Security. In the advisory, US-CERT said the phishing campaign uses various tactics, but mostly malicious PDF email attachments to download malware. “Phishing emails used in this campaign often contain a weaponized PDF attachment...

New Scareware Campaign Tricks Users with Fake Antivirus

A new type of scareware advertisement tricks users into believing their systems are infected and need expert help to remove the malware, Bitdefender warns. The malware-spreading mechanism is quite simple: the fake AV ads pop up unexpectedly when browsing the web, after the user’s computer has been previously infected with adware. Malicious ads usually enter the system under the form of an innocent-looking b...

Bitdefender Warns Stock Brokers of New ‘Wolf of Wall Street’ Scam

Millions of penny stock spam emails have been flooding inboxes these days, spreading a new ‘Wolf of Wall Street’ scam and inflating stock values of a mineral deposit company based in Canada, according to the Bitdefender Antispam Lab. With over 3 million unique samples, the wave started to grow last Thursday and soon became the largest stock spam attack in 2014, and also the most successful. The transactions...

SSL 3.0 “Poodle” Flaw Opens Encrypted Data to Eavesdropping

A vulnerability in the design of the SSL 3.0 protocol can be exploited to intercept secure cookies transmitted between clients and servers in a reasonable amount of time, Google announced in blog post. Three Google researchers uncovered the “Poodle” (Padding Oracle On Downgraded Legacy Encryption) flaw which affects a large number of Internet-connected servers that can to fall back to the vulnerable SSL v3...

ShellShock Roundup: What to do if You are Vulnerable

A security vulnerability on the GNU Bourne Again Shell reported Wednesday is claiming victims in the wild. The flaw – known to the tech world as CVE-2014-6271 and CVE-2014-7169 - allows a remote attacker to run arbitrary code (read malware) on a vulnerable server under certain conditions. The most vulnerable targets to date are web servers that run Apache CGI scripts written in Bash or calling system() or p...

Linux, OS X Users May Be Vulnerable to Bash Flaw Exploit

A bug discovered in Bash Shell, a command-line interface used by Linux and Unix, could leave web servers, systems and embedded devices such as routers vulnerable to cyber-attacks. Cyber-criminals are getting ready to launch multiple attacks, and Bitdefender warns users and sys admins to be cautious with the vulnerability.  Although code allowing the exploit of Bash-using CGI scripts is already available on...

Malware Writers Target SMB Employees with Fake Policy Violation

A new cyber-crime attack tricks SMB employees into downloading Zbot and other Trojans by accusing them of violating company policy, according to antivirus software provider Bitdefender. The spam wave started to accelerate a week ago with dozens of unique .ARJ compressed files infecting computers, as the Bitdefender AntiSpam Laboratory has determined.  The malware attack is based on Zbot or Zeus, which inclu...

Dyre malware targets millions of Salesforce users, stealing passwords and bypassing 2FA

We're all used to the idea of malware which snoops upon our online banking, attempting to steal our login credentials to help hackers gain access to our bank accounts. Many of us are also aware of spyware trojan horses that target users of other websites, including popular webmail services or social networks, in the hope of plundering private information or using the platforms as a springboard for other att...

© 2012 Powered By Bitdefender

x
Loading...
Scroll to top