Original release date: May 22, 2015 The Internet Crime Complaint Center (IC3) has released its Internet Crime Report for 2014, indicating that scams relating to social media — including doxing, click-jacking, and pharming — have increased substantially over the past five years. US-CERT encourages users to review the IC3 Alert for details and refer to the US-CERT Tip ST04-014 for information on social engineering and phishing attacks. This product is provided subject to this Notification and this Privacy & Use policy.
If you date online, especially at “adult” dating sites, you may want to reconsider how much data you share with these organizations. This week, a researcher found a stolen user data dump from a very popular adult dating site. Watch the video to learn the details, and find out how to learn whether or not you are affected by this and other breaches
Are you getting sick of SSL/TLS and other cryptography related vulnerabilities? I sure am! Nonetheless, we need to keep on top of them in order to keep our communications private. In today’s daily video I cover Logjam, a new named vulnerability having to do with the Diffie-Hellman key negotiation
Logjam is a new attack against the Diffie-Hellman key-exchange protocol used in TLS. Basically: The Logjam attack allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography
Vulnerability Note VU#177092 KCodes NetUSB kernel driver is vulnerable to buffer overflow Original Release date: 19 May 2015 | Last revised: 19 May 2015 Overview KCodes NetUSB is vulnerable to a buffer overflow via the network that may result in a denial of service or code execution.
Last week was full of a wide range of information security news; from the latest critical Microsoft updates, to a new virtualization system vulnerability, and finishing off with malware targeting a popular video game. If you find yourself falling behind with the latest security intelligence, you’re not alone. Don’t worry though, we’re here to pick up the slack.
A new vulnerability arised in Safari Web Browser that can lead to an address spoofing allowing attackers to show any URL address while loading a different web page. While this proof of concept is not perfect, it could definitely be fixed to be used by phishing attacks very easily.
Unless you have been hiding under a rock this week you have heard about VENOM . The first article that I saw was from ZDNet with the headline of Bigger than Heartbleed, Venom security vulnerability threatens most datacenters . Pretty provocative stuff.