Cybersecurity is an important part of our daily lives, whether people are aware of it or not. Building awareness that being secure online is everyone’s responsibility is a key part of fighting cybercrime. This is why one of the themes of this year’s National Cyber Security Awareness Month is the ‘Stop. Think. Connect™’ campaign, which promotes…
Read MoreIndependent security researcher Rafay Baloch recently disclosed a serious vulnerability in Android’s built-in browser. The vulnerability allows the same origin policy of the browser to be violated. This could allow a dangerous universal cross-site scripting (UXSS) attack to take place. An attacker could potentially use an IFRAME to load a legitimate site for which the…
Read MoreOur coverage on the Bash bug vulnerability (more popularly known as “Shellshock”) continues as we spot new developments on Shellshock-related threats and attacks. Here is a list of our stories related to this threat: Shellshock: A Technical Report – this technical brief describes the vulnerability in detail, as well as outlying which platforms are affected….
Read MoreIt seems like the floodgates have truly opened for Shellshock-related attacks. We have reported on different attacks leveraging the Bash bug vulnerability, ranging from botnet attacks to IRC bots. We have also mentioned that we spotted Shellshock exploit attempts in Brazil. It appears that these attempts were not limited to that country alone. We saw…
Read MoreGiven the severity of the Bash vulnerability, also known as Shellshock, it is no wonder that we’re seeing a lot of attacks leveraging this. Just hours after this vulnerability was reported, malware payload such as ELF_BASHLITE.A emerged in the threat landscape. Other payload like PERL_SHELLBOT.WZ and ELF_BASHLET.A were also spotted in the wild, which have capabilities to…
Read More