Extracting Hashes & Plaintext Passwords from Windows 10
2015-09-11
Windows 10 is here. Well… it’s sort of been here for some time, but it’s fully rolled out now and soon we will begin to see enterprise adoption. I, likeRead More →
US Department of Energy Hacked 159 Times in 4 Years
2015-09-11
Between 2010 and 2014, the US Department of Energy (DoE) was attacked by unknown parties 159 times, as USA Today is reporting based on edited documents obtained through the FreedomRead More →
3D printer blueprints for TSA luggage-unlocking master keys leak online
2015-09-11
That padlock on your bag? Easy to open by anyone now. The integrity of more than 300 million travel locks has been compromised after 3D printing files for a rangeRead More →
Excellus healthcare hack puts 10m Americans at risk of identity theft
2015-09-11
Miscreants infiltrated network in 2013 … discovered last month. Health insurance company Excellus said hackers broke into its servers and may have made off with the personal details of 10.5Read More →
New Android ransomware locks out victims by changing lock screen PIN
2015-09-11
Infected owners must choose between paying $500 and performing factory reset. Malicious apps that disable Android phones until owners pay a hefty ransom are growing increasingly malevolent and sophisticated asRead More →
Musical Chairs Campaign Found Deploying New Gh0st RAT Variant
2015-09-10
Researchers have peeled back the layers on a new campaign that spans multiple years and involves a new variant of the ubiquitous Gh0st remote access tool (RAT). The campaign, now believed toRead More →
Once seen as bulletproof, 11 million+ Ashley Madison passwords already cracked
2015-09-10
Programming errors make 15.26 million accounts orders of magnitude faster to crack. When the Ashley Madison hackers leaked close to 100 gigabytes worth of sensitive documents belonging to the onlineRead More →
Android Stagefright Exploit Code Released to Public
2015-09-10
Joshua Drake, the researcher who found the so-called Stagefright vulnerability in Android, today released exploit code to the public, which he hopes will be used to test systems’ exposure toRead More →
DD4BC Hacker Group Blackmails Companies for Bitcoin Using DDOS Attacks
2015-09-10
A group of hackers that goes under the name of DD4BC, first spotted in September 2014, has recently intensified its activity, launching over 141 DDOS attacks in the past year.Read More →
Turla APT Group Abusing Satellite Internet Links
2015-09-10
Poorly secured satellite-based Internet links are being abused by nation-state hackers, most notably by the Turla APT group, to hide command-and-control operations, researchers at Kaspersky Lab said today. Active forRead More →
Police develop MAC-sniffing software to track stolen devices
2015-09-09
The L8NT could help law enforcement track and find Wi-Fi enabled gadgets. On Tuesday, local media reported that David Schwindt, a 14-year veteran from Iowa City, has designed software whichRead More →
Android Malware Secretly Subscribes Victims to Premium SMS Services
2015-09-09
The Android.Trojan.MKero.A malware is making a comeback in Androidland, and this time around, hackers found a method to bundle it with legitimate apps, capable of bypassing Google’s Bouncer app scanningRead More →
iOS 8.4.1 Kernel Vulnerabilities in AppleHDQGasGaugeControl
2015-09-09
When auditing iOS kernel executable, we found that the code quality ofcom.apple.driver.AppleHDQGasGaugeControl is very bad. In this blog, we will disclose 3 vulnerabilities in this kernel extension on the latestRead More →
Microsoft Patches Graphics Component Flaw Under Attack
2015-09-09
Microsoft today patched a vulnerability in its graphics component present in Windows, Office and Lync that has been publicly attacked, and is one of five vulnerabilities patched this month thatRead More →
Cyberespionage group caught borrowing banking malware code
2015-09-09
Russia’s Pawn Storm group uses a malware dropper based on the leaked Carberp source code. A group of hackers that target military and government organizations has recently borrowed code fromRead More →
Relax, Windows 10 doesn’t have a malicious ‘keylogger’
2015-09-08
“Microsoft is recording what you type and say,” says one random website vaguely reporting on Windows 10, written by an author who has likely never participated in the Windows Insider programRead More →
Hundreds million legit websites could serve Ransomware because of Script Injection compromise
2015-09-08
Heimdal Security published an interesting post on the increase in malicious scripts that are being injected into legit websites in order to serve ransomware. Heimdal Security recently published an interestingRead More →
3l33t haxxors don’t need no botnet, they just pinch passwords
2015-09-08
Crooks can thrive by ‘living off the land’ rather than forging elaborate schemes. Half of all breaches Dell’s SecureWorks outfit has responded to over the last year have been aRead More →
Reverse-Engineering iOS Apps: Hacking on Lyft
2015-09-08
If you’ve ever needed to know how another piece of code works, or have been at the mercy of someone else’s bugs, you can always look at the source code…Read More →
Time to patch your firmware! Backdoor discovered in Seagate NAS drives
2015-09-08
If you have not recently updated the firmware for your Seagate wireless NAS drives, now is the time to do so. Researchers at Tangible Security have discovered a series ofRead More →
