The Merkle |
Exploit Kits Are No Longer Popular Among Cyber Criminals
The Merkle It is never a bad sign when criminal activity on the internet is seemingly quieting down. The number of cyber attacks driven by exploit kits has almost dried up over the past few weeks, although no one knows for sure why that is the case. Rest assured … |
|
'Sundown' Rises as New Threat in Depleted Exploit Kit Landscape
Dark Reading Attacks involving the use of exploit kits dropped off dramatically and have remained low ever since Russian authorities arrested over four-dozen individuals believed to be associated with the Angler EK last year. But a few kits remain active and … |
Christian Post |
iOS 10.3 Security Patch: Fix for Ransomware-Prone Mobile Safari Exploit Arrives
Christian Post One of the recent ways victimized iOS 10 users by way of a Mobile Safari browser exploit. But according to a blog post by the mobile-focused cybersecurity company, Lookout, Apple was able to provide a fix for the Mobile Safari browser exploit on iOS … |
(credit: Wikimedia)
Developers of the widely used LastPass password manager are scrambling to fix a serious vulnerability that makes it possible for malicious websites to steal user passcodes and in some cases execute malicious code on computers running the program.
The flaw, which affects the latest version of the LastPass browser extension, was briefly described on Saturday by Tavis Ormandy, a researcher with Google’s Project Zero vulnerability reporting team. When people have the LastPass binary running, the vulnerability allows malicious websites to execute code of their choice. Even when the binary isn’t present, the flaw can be exploited in a way that lets malicious sites steal passwords from the protected LastPass vault. Ormandy said he developed a proof-of-concept exploit and sent it to LastPass officials. Developers now have three months to patch the hole before Project Zero discloses technical details.
“It will take a long time to fix this properly,” Ormandy said. “It’s a major architectural problem. They have 90 days, no need to scramble!”
Read 4 remaining paragraphs | Comments