Summary:Google and a security company don’t see eye-to-eye over a bug that can cause some Android devices to reboot under a remote attacker’s orders. By Liam Tung | January 28, 2015 — 10:32 GMT (02:32 PST) Some Android security bugs Google won’t fix because it can lead to other difficulties, and some bugs it’s in […]
Archive | January, 2015
Over Two Million Cars in the US Can Be Hacked Remotely A device used by Progressive Insurance
By Ionut Ilascu 19 Jan 2015, 10:41 GMT A device used by Progressive Insurance to collect information about their customers’ driving behavior has been found to be insecure and allow remote control of the vehicle. The dongle, called Snapshot, is connected to the OBD II port of the car and tracks the driver’s actions at […]
Canada Bans Installation of Software Updates Without User’s Explicit Consent
By Ionut Ilascu 19 Jan 2015, 13:00 GMT In an effort to limit distribution of malware, the government of Canada has enforced legislation that prohibits businesses to install software on someone else’s computer system without the express accord of the user. The law is part of Canada’s Anti-Spam Legislation (CASL) and applies since January 15. […]
Spear-Fishing Website Hosts Outlook Web App Phishing Page IMPORTANT READ
By Ionut Ilascu 15 Jan 2015, 21:54 GMT The web page looks real, has high chances of success A Russian website designed for spear-fishing activities has been compromised to host a phishing page seeking to capture the log-in details for Outlook Web App. Security researchers who observed the campaign discovered that it was targeted at […]
Hackers Can Use A $10 Wall Charger To Intercept Anything Typed On Wireless Microsoft Keyboards
By Rob Price Jan. 13, 2015 A security researcher claims to have developed a USB wall charger that can eavesdrop on almost any wireless Microsoft keyboard, VentureBeat is reporting — and he’s released instructions on how to build it online. The device, called the KeySweeper, masquerades as a working USB wall charger. However, it secretly […]
Skeleton Key’ malware unlocks corporate networks
By Charlie Osborne for Zero Day | January 13, 2015 The newly-discovered “Skeleton Key” malware is able to circumvent authentication on Active Directory systems, according to Dell researchers. The Dell SecureWorks Counter Threat Unit (CTU) team published their findings in an advisory notice this week. According to the security researchers, the “Skeleton Key” malware allows […]
Almost 1 Billion Android Devices No Longer Receive Critical Security Updates
By Ionut Ilascu 12 Jan 2015 Any security bugs reported for the WebView core component of Android versions prior to KitKat (4.4) are no longer a priority for the Android security team, researchers have learned. At the moment, 60.9%, or almost one billion, of the Android user base still relies on JellyBean (4.3) and lower […]
McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 uses the same secret key across different customers’ installations
McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 uses the same secret key across different customers’ installations, which allows attackers to obtain the administrator password by leveraging knowledge of the encrypted password. Description XML Entity Injection: Users with authenticated access to the ePO-web application and who are assigned permissions with the ability to […]
New Variant of Vawtrak Banking Trojan Delivered by Chanitor Downloader
By Ionut Ilascu 12 Jan 2015, 15:00 GMT Be Aware The emails claim to deliver important messages, such as voicemails, invoices, and faxes, but the end file is a malicious executable (SCR). A new strain of the Vawtrak banking Trojan has been discovered by security researchers, who observed that it was delivered by malware downloader […]
Netflix Credentials Targeted by Phishing Campaign BE AWARE
By Ionut Ilascu 9 Jan 2015, 00:07 GMT A new malicious email campaign has been observed by security researchers to target customers of Netflix by feeding them a message purporting to be an important notification from the media streaming service. The new phishing attempts may come on the background of recent complaints from some users […]
MspPortalPartner News 
Recent Comments