Author: Dan Parker

A week ago, some visitors to high-profile websites were redirected to browser exploits that installed malware on their PCs, courtesy of the malware advertisements on those websites. The malicious advertisements were discovered between August 19 and August 22, and users didn’t have to click these advertisements to be infected. Researchers from Dutch security firm Fox-IT reported the attack affected visitors to Deviantart.com, Java.com, IBTimes.com, eBay.ie, TVgids.nl, Photobucket.com and Kapaza.be. The websites were not hacked; rather, the malicious ads were distributed through the online ad network AppNexus. (AppNexus removed the ads quickly, which had abused the automated-bidding placement process.) “These websites have not…

According to a new report released by the infosec experts at Check Point Thursday morning, a new bug found in the guts of broadband routers around the globe could leave up to 12 million desktops, laptops, smartphones and tablets vulnerable to exploitation over the next six months. The problem is the result of an error in HTTP cookie management that pops up whenever a user visits a webpage from their preferred device. This means that basically any device which uses the Internet through your home router is at risk, and marks one of the largest vulnerabilities discovered in the personal networking space…

The popular Virtual Private Network (VPN) service, HideMyAss have updated their desktop and mobile apps to version three. The new version introduces a new interphase with several new features making it easier to select and connect to a VPN connection. The app is designed to make it easy to comprehend for users with little or no technical knowledge. The software will help the non-savvy users further understand privacy issues whilst those more experienced users will also be impressed with the higher efficiencies compared with rivals. Instead of using technical terms, HMA! Pro VPN v3 offer a choice between three security settings: INSTANT…

We’re running out of places to hide. The anonymous browsing protocol Tor is to undergo a remodel after news of leaks in the ceiling were discovered early last month. Both the FBI and the NSA have used their own methods to undermine the security of the anonymity relay service, each deploying tactics relative to their understanding of how the network was run over the past several years. The FBI exploited javascript files in the Firefox program used to connect to Tor, whereas the NSA took the backdoor route, attempting to track and tag the activity of users who connect to the…

While the streets of Hong Kong witness mass protests, the Chinese cyberspace is exploding with complaints about yet another case of censorship. Instagram has been banned in mainland China, but it is still available in Hong Kong where pro-democracy students are revolting against Beijing. Videos and photos of the pro-democracy movement in Hong Kong have been flooding Instagram for over a week and it looks like the authorities do not want people in mainland China to access them. Instagram is yet to confirm the block, but it said that it would look into the situation. However, web monitoring services like…

This week, details have emerged about a new strain of malware which is capable of hijacking major ad publication platforms on iOS devices, injecting itself into pop-ups in order to gain root access to a user’s phone. According to the latest release of the Virus Bulletin newsletter, the infection, known as “AdThief”, has affected around 22 million ad displays on 75,000 separate jailbroken devices running nearly every cracked version of iOS on the iPhone 4 and 4s, and above. Initially discovered by independent mobile security researcher Claud Xiao of China back in March, the problem has only grown in spread and…

The recent take down of Silk Road 2.0 was a part of a much larger crackdown operation by the FBI and UK’s National Crime Association in several countries, seizing several darknet domains. The police have arrested 17 individuals from several countries and the bust has resulted in the shutdown of more than 25 other Tor anonymized websites, including the Silk Road 2.0. The authorities had earlier reported that they had shut down 400 websites, but the number has now been replaced with 27. With incomplete records of the investigation, there is much speculation about the technologies used by the FBI to crack…

A group of unknown hackers carried out a well-planned multi-vector DDoS attack on a video gaming website. The attack peaked at almost 110 Gbps and sent more than 90 million packets per second. However, the attack was successfully countered by new Behemoth Scrubbers by Incapsula. Last week, Incapsula contacted the VPNCreative team and told us about the attack. The attack took place within a month of launching the Behemoth scrubbers deployed in five data centers: Los Angeles, San Jose, London, Frankfurt, and Miami. The attack started on June 21 and continued until July 28, lasting for 38 days, which was much longer than initially…