Perhaps the most dangerous banking Trojan to emerge since the takedown of the Gameover Zeus botnet last summer, the Dyre banking Trojan has been credited with millions of dollars in losses around the world. Although most modern antivirus suites detect the original version of Dyre as of this writing,
A security researcher from Web security firm Sucuri recently discovered a cross-site scripting (XSS) vulnerability present in every default installation of WordPress, a popular content management system (CMS) used by millions of websites around the world. The vulnerability, which is part of the defa
Security researchers recently discovered a new strain of malware that uses unique – and somewhat extraordinary – measures to avoid detection and analysis. Known as Rombertik, this malware strain is unique even among other forms of self-destructing malware due to its unusual evasion techniques. Once
In a report issued by security firm FireEye last October, a group of hackers known as APT28 has been secretly targeting government organizations around the world in an attempt to gather as yet unknown information in a campaign with its roots in Russia. Specifically, FireEye was able to determine tha
Last week, this blog reported on a dangerous strain of malware, known as PoSeidon that is targeting the POS systems of small retailers including bars and restaurants. A recent report issued by security firm Trustwave indicates that yet another malware variant specifically targeting POS systems has b
Researchers recently discovered a new strain of malware, known as PoSeidon, designed to steal credit and debit card information from compromised POS devices. PoSeidon has already been implicated in numerous breaches targeting numerous businesses including restaurants, bars, and hotels. Unlike previo
The FBI recently released a warning to all WordPress users detailing a plot by terrorist organization ISIS to exploit vulnerable sites to display pro-ISIS messages. According to the FBI report, ISIS and its many sympathizers around the world are targeting WordPress sites – especially those operated
Researchers at IBM Trusteer recently discovered a new banking Trojan which has been dubbed Tsukuba. This relatively simple, but effective example of financial malware is a part of the ‘proxy changers’ family that uses social engineering techniques to harvest victims’ online banking credentials and o
A critical vulnerability has been discovered in one of the most popular WordPress plugins in use today. This plugin, known as WordPress SEO by Yoast, reports more than 14 million downloads (according to the Yoast website) – making it one of the most widely used plugins for WordPress. This means that
High level security researchers recently discovered a vulnerability in all supported versions of Microsoft Windows that affects the security afforded by industry-standard encryption protocols. This flaw, which has been dubbed “FREAK” (Factoring RSA Export Keys), was originally thought to only affect