Recently I started playing with the awesome PowerUpSQL tool by guys at NetSPI. I was interested in the ability to attack an Active Directory (AD) environment using access to aRead More →
The iOS ecosystem is usually described as a closed ecosystem, under the strict control of Apple. However, there are still ways to get around this tight control. Remember the Haima app? ThatRead More →
Only 2.5 per cent of userbase affected. Add Android Forums to the growing list of web properties that have suffered a security breach. One in 40 members of the forumRead More →
It’s only a couple of weeks since WikiLeaks unleashed the first batch of its Vault 7 CIA documents, revealing the agency’s spying and hacking capabilities. Now the organization has releasedRead More →
A remote code execution flaw in the SAP Windows client opens the door for ransomware attacks targeting enterprises that rely on various SAP products to manage and keep track ofRead More →
Last week, KrebsOnSecurity received an email from eBay. The company wanted me to switch from using a hardware key fob when logging into eBay to receiving a one-time code sentRead More →
After last month security researchers discovered the first-ever Word document spreading macro malware on macOS, last week, researchers from Fortinet spotted a Word document that contained macro scripts that distributedRead More →
Security researchers from Malwarebytes have discovered a new malvertising campaign targeting visitors of several adult websites, spreading the Ramnit trojan and focusing on users from Canada and the UK. AccordingRead More →
The vast majority of malware incidents that take place at industrial facilities around the world are just accidental infections, albeit a very small number of targeted attacks have also beenRead More →
LastPass says it patched one of two separate bugs that affected its Chrome and Firefox browser extensions, which if exploited, would have allowed a third-party to extract passwords from usersRead More →
