Exploit This

Security News, Exploits, and Vulnerabilities.

Microsoft Pushes Patches for Dozens of Flaws

Microsoft today released nine update bundles to plug at least 55 distinct security vulnerabilities in its Windows operating system and other software. Three of the patches fix bugs in Windows that Microsoft considers “critical,” meaning they can be exploited remotely to compromise vulnerable systems with little or no help from users, save for perhaps clicking a link or visiting a hostile Web site.

DKIM technology on guard of your mail

Over the last decade DKIM signatures have become an important technology in the extensive list of methods for fighting against spam. In this article we investigate the structure of DKIM, reveal the main advantages and downsides of this technology and explore typical spammers’ tricks for forging DKIM signatures.

Anthem Breach May Have Started in April 2014

Analysis of open source information on the cybercriminal infrastructure likely used to siphon 80 million Social Security numbers and other sensitive data from health insurance giant Anthem suggests the attackers may have first gained a foothold in April 2014, nine months before the company says it discovered the intrusion.

Phishers Pounce on Anthem Breach

Phishers and phone fraudsters are capitalizing on public concern over a massive data breach announced this week at health insurance provider Anthem in a bid to steal financial and personal data from consumers.

Citing Tax Fraud Spike, TurboTax Suspends State E-Filings

TurboTax owner Intuit Inc. said Thursday that it is temporarily suspending the transmission of state e-filed tax returns in response to a surge in complaints from consumers who logged into their TurboTax accounts only to find crooks had already claimed a refund in their name.

China To Blame in Anthem Hack?

Bloomberg reports that U.S. federal investigators probing the theft of 80 million Social Security records and other sensitive data from insurance giant Anthem Inc. are pointing the finger at state-sponsored hackers from China. Although unconfirmed, that suspicion would explain a confidential alert the FBI circulated last week warning that Chinese hackers were targeting personally identifiable information from U.S. commercial and government networks.

Yet Another Flash Patch Fixes Zero-Day Flaw

For the third time in two weeks, Adobe has issued an emergency security update for its Flash Player software to fix a dangerous zero-day vulnerability that hackers already are exploiting to launch drive-by download attacks.

Data Breach at Health Insurer Anthem Could Impact Millions

Anthem Inc., the nation’s second largest health insurer, disclosed Wednesday that hackers had broken into its servers and stolen Social Security numbers and other personal data from all of its business units. Given the company’s size, this breach could end up impacting tens of millions of Americans.

Hacked Hotel Phones Fueled Bank Phishing Scams

A recent phishing campaign targeting customers of several major U.S. banks was powered by text messages directing recipients to call hacked phone lines at Holiday Inn locations in the south. Such attacks are not new, but this one is a timely reminder that phishers increasingly are using lures blasted out via SMS as more banks turn to text messaging to communicate with customers about account activity.

Spammers against hurricanes and terrorist attacks

A few days ago we came across an excellent example of a mass mailing where spammers took full advantage of this universal fascination with destruction.

%d bloggers like this: