Chinese cyberspies are evolving their tactics, focusing on IT staffers, relying more and more on spear-phishing instead of malware, and gathering code signing certificates from hacked software companies in the preparation of future supply-chain attacks. | Continue reading
The Node Package Manager (npm) team avoided a disaster today when it discovered and blocked the distribution of a cleverly hidden backdoor mechanism inside a popular —albeit deprecated— JavaScript package. | Continue reading
Link11, a DDoS mitigation firm, says that DDoS attacks fell 60% across Europe following the takedown of WebStresser, the largest DDoS-for-hire portal on the market. | Continue reading
For more than a week hackers have started scanning the Internet, searching for machines running Oracle WebLogic servers. Scans started after April 17, when Oracle published its quarterly Critical Patch Update (CPU) security advisory. | Continue reading
PDF files can be weaponized by malicious actors to steal Windows credentials (NTLM hashes) without any user interaction, and only by opening a file, according to Assaf Baharav, a security researcher with cyber-security Check Point. | Continue reading
A judge sentenced a Michigan man to 87 months —7 years 3 months— in prison for hacking into a county jail's computer system and modifying prisoner records in an attempt to get an inmate released early. | Continue reading
Microsoft announced today that the next Windows 10 feature update will be called "April 2018 Update" and will be released this Monday. With this update Microsoft is focusing on helping people making the most of their time by introducing new features that make it easier and faste … | Continue reading