HummingBad Android Malware Connected to YiSpecter iOS Attacks

The same group of cybercriminals behind a strain of iOS malware uncovered last year have apparently diversified and now dabble in Android malware. The group, dubbed Yingmob, has been running a malware campaign named HummingBad that controls 10 million Android devices globally and rakes in $300,00...

Jkanime Site Infected, Redirecting to Exploit Kit, Ransomware

An anime site popular in Mexico and South America was this week infected with malware redirecting visitors to a Neutrino Exploit Kit landing page. The site, Jkanime, streams anime video and has 33 million monthly visitors. Neutrino is currently the top dog among exploit kits after two of the bigg...

Nuclear, Angler Exploit Kit Activity Has Disappeared

Criminal hackers are fickle about their attack vectors. You need to look no further for evidence of this than their constant migration from one exploit kit to another. And while there is an expansive menu of exploit kits, attackers do seem to congregate around a precious few. Researchers who stud...

Mobile Triada and Horde Variants Bypass Android Security

Two mobile variants of Triada and Horde malware have been spotted in the wild by Check Point Software Technologies researchers who warn the latest samples have adopted dangerous new techniques including the ability to evade Google’s security on some OS versions. The Android Trojan called Triada,...

Researcher finds a way to Delete and Modify Facebook Messages Sent to Other Users

Sometimes I receive emails from our readers who wanted to know how to hack Facebook account, but just to delete some of their messages they have sent to their friends or colleagues mistakenly or under wrong circumstances like aggression. How to hack a Facebook account? It is probably the biggest...

Check Point Protect - Customized SSL, Exported ContentProvider, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Check Point Protect published at the 'play' market has multiple vulnerabilities...

Viking Horde Malware Co-Ops Android Devices for Ad Fraud

The latest Android malware campaign to wend its way through Google’s Play marketplace can leverage victims’ phones for ad fraud, carry out DDoS attacks, send spam, and more, researchers warn. Dubbed Viking Horde, the campaign ropes Android devices into a botnet without their owners being any the...

vBulletin decodeArguments serialized object vulnerability

Added: 04/15/2016 CVE: CVE-2015-7808 Background vBulletin is PHP software for building community websites. Problem A vulnerability in vBulletin 5 Connect allows remote attackers to execute arbitrary PHP code by placing a specially crafted serialized object in the arguments parameter to the...

vBulletin decodeArguments serialized object vulnerability

Added: 04/15/2016 CVE: CVE-2015-7808 Background vBulletin is PHP software for building community websites. Problem A vulnerability in vBulletin 5 Connect allows remote attackers to execute arbitrary PHP code by placing a specially crafted serialized object in the arguments parameter to the...

vBulletin decodeArguments serialized object vulnerability

Added: 04/15/2016 CVE: CVE-2015-7808 Background vBulletin is PHP software for building community websites. Problem A vulnerability in vBulletin 5 Connect allows remote attackers to execute arbitrary PHP code by placing a specially crafted serialized object in the arguments parameter to the...

Check Point Response to BadLock vulnerabilities

...

Cisco FirePower series firewall vulnerability that allows malware to bypass detection-vulnerability warning-the black bar safety net

CISCO FirePower series firewall devices there is a security vulnerability that allows malware to bypass detection mechanisms. Cisco is working to issue a security update program to a critical Vulnerability, CVE-2 0 1 6-1 3 4 5 the vulnerability affects Cisco one of the latest products-FirePower...

Cisco's 'High Severity' Flaw Lets Malware Bypass FirePower Firewall

Technology vendor Cisco is pushing out security updates to customers to address a critical vulnerability found in its recently introduced line of FirePower firewall products. The vulnerability, according to Cisco, allows attackers to slip malware onto critical systems without detection. The flaw...

PT-2021-3057

Name of the Vulnerable Software and Affected Versions 802.11 standard affected versions not specified Check Point GAiA affected versions not specified Description The issue concerns a flaw in the authentication procedure of the 802.11 standard, which underlies Wi-Fi Protected Access WPA, WPA2, an...

AirDroid Patches Vulnerability Exposing Android Data

A critical vulnerability impacting 50 million Android users running the popular AirDroid application has been patched. AirDroid, an app that allows you link an Android device to a computer and send SMS messages, run apps and add contacts via a Wi-Fi connected web browser, released the patch Jan...

Check Point response to ZoneAlarm DLL injection

...

eBay Vulnerability Opens Users Up to Phishing, Data Theft

Researchers are warning that some visitors to eBay.com could be tricked into opening a page on the site that could expose them to phishing attacks and data theft. The vulnerability exists in the site’s online sales platform, according to Roman Zaikin, a researcher with Check Point. With it, an...

Check Point response to NTP "panic threshold" Bypass Vulnerability (CVE-2015-5300)

...

Check Point Response to CVE-2016-0728 kernel: Possible use-after-free vulnerability in keyring facility

...

Check Point Response to CVE-2016-0777 and CVE-2016-0778 - OpenSSH Client vulnerabilities

Symptoms - Qualys Security team discovered two vulnerabilities in the roaming code of the OpenSSH client CVE-2016-0777 and CVE-2016-0778: SSH roaming enables a client, in case an SSH connection breaks unexpectedly, to resume it at a later time, provided the SSH server also supports it. Solution T...