On a recent engagement, our testers were faced with a single page web application which was used to generate PDF documents. This web application contained a multi-step form that ultimatelyRead More →
our researchers discovered a new and massive IoT Botnet, ‘IoTroop’. Due to the urgency of this discovery, we quickly published our initial findings in order to alert the cyber security community. SinceRead More →
Basetools underground hacking forum was breached, hackers demand a $50K ransom to avoid sharing stolen data, including admin identity, with law enforcement. A hacker that goes online with the TwitterRead More →
Microsoft fixed a vulnerability that could allow hackers to steal Windows login credentials without any user interaction. Microsoft fixed a serious vulnerability that could allow attackers to steal Windows NTLMRead More →
The second season of award-winning TV thriller Mr. Robotpremiered with a scene that sent shivers down the cybersecurity world’s spine. In uncomfortably realistic detail, hackers virtually broke into a smart home,Read More →
Behold The Smart Lock! In case anyone would doubt its smartness, it is literally imprinted. Fitted with an enormously loud speaker – advertised as a feature to raise a solidRead More →
UPDATE Researchers are warning of two critical vulnerabilities in global satellite telecommunications company Inmarsat’s SATCOM systems. The vulnerabilities impact thousands of customers running the newest version of its AmosConnect platform, typicallyRead More →
Apparently, a pirate download of Microsoft Office could be the root of all the trouble. Kaspersky has acknowledged that code belonging to the US National Security Agency (NSA) was liftedRead More →
Getting any business up and running is a major challenge, but keeping it going from strength to strength is just as difficult, and requires owners to remain energized as they strive toRead More →
Yet another lesson in how not to secure your network. Coinhive has admitted to a security breach leading to hackers hijacking cryptocurrency mining scripts on legitimate websites. The cryptocurrency miningRead More →
The Financial details of some of the world’s richest people are set to be published after the Offshore Legal Firm Appleby suffered a data security incident. A new financial data leakRead More →
Despite the obligatory logo and clever name, this week’s assault on crypto, the so-called DUHK attack (Don’t Use Hardcoded Keys), isn’t likely to be part of many threat models. Though the attackRead More →
A new ransomware outbreak today and has hit some major infrastructure in Ukraine including Kiev metro. Here are some of the details about this new variant. Drive-by download via watering holeRead More →
Microsoft explains how its next-gen security can protect files from being encrypted by ransomware extortionists. The Windows 10 Fall Creators Update is rolling out now with a security feature thatRead More →
Several transportation organizations in Ukraine and as well as some governmental organizations have suffered a cyberattack, resulting in some computers becoming encrypted, according to media reports. Public sources have confirmedRead More →
APNIC Deputy Director General Sanjaya confirmed that Whois data were accidentally exposed online included authentication details. The Asia-Pacific Network Information Centre (APNIC) is a non-profit organization that provides Internet addressingRead More →
The source code of a new Android Remote Administration Tool is available on GitHub, it is dubbed AhMyth Android RAT. You just have to download and test it. The source code ofRead More →
The CSE CybSec Z-Lab Malware Lab spotted a new botnet, dubbed Wonder botnet, while it was investigating malicious code in the dark web. While investigating the malicious code in the darkRead More →
Users of the popular cryptocurrency exchange Poloniex have been the target of two credential stealing apps, discovered on Google Play disguised as legitimate Poloniex mobile apps. Apart from harvesting Poloniex login credentials,Read More →
The development team at NetBSD is going to implement the KASLR (kernel Address Space Layout Randomisation) for 64-bit AMD processors. The KASLR coding technique allows randomizing the location of memory whereRead More →
