Create an amazing hacking tool (Keyloggger) just by using Notepad. A keylogger is a hacking tool of the newbie but sometimes highly skilled hackers also use them. These are very easy toRead More →
Siemens has released a firmware update that addresses two vulnerabilities in its BACnet Field Panel building automation controllers. This week Siemens has released a firmware update for its BACnet FieldRead More →
Three years ago, researchers at Yandex discovered a complex server infection, dubbed Mayhem, that embeds itself deep within a system by compiling a shared object and running as a service. ThisRead More →
The Security Service of Ukraine warning their citizens of a new “large-scale” cyber attack similar to NotPetya that could take place between Oct 13 and 17 In June the NotPetya ransomware compromised thousands ofRead More →
SMS Privacy is available as a Tor hidden service, and it turns out ~10% of users actually use it that way. This post details what I found when somebody created aRead More →
When network administrator James Lockmuller bought 11 dirt-cheap Android phones via Amazon he thought he had a perfect solution for communicating with his warehouse team stretched across a 73,000 square-footRead More →
Researchers spotted a new Facebook scam that could deceive also tech-savvy people and trick them into giving the attacker access to their Facebook accounts. Don’t trust message apparently sent from any of yourRead More →
Detected by ESET products as Android/DoubleLocker.A, the ransomware is based on the foundations of a particular banking Trojan, known for misusing accessibility services of the Android operating system. However, DoubleLocker doesn’tRead More →
Attackers take advantage of people using corporate email addresses for consumer services. A phishing campaign which sees cybercriminals send messages claiming to be from Netflix is targeting business email accountsRead More →
Equifax service set up for obtaining free and discounted credit reports had been redirecting users to websites offering a fake Flash Player installer. The independent security analyst Randy Abrams discovered an Equifax serviceRead More →
In our context DDE works by executing an application, that will provide the data (data provider). In a previous post1 We discussed using DDE in MSExcel to gain command execution,Read More →
The Australia’s foreign intelligence Agency ASD has revealed military sensitive information has been stolen by hackers who breached a Department of Defence contractor. The Australia’s foreign intelligence agency, the Australian Signals DirectorateRead More →
The suite of payment infrastructure and management systems SmartVista created by the BPC Group is vulnerable to SQL Injection attacks. Researchers at security firm Rapid7 have publicly disclosed a SQLRead More →
CVE-2017-11779 fixed by Microsoft in October of 2017, covers multiple memory corruption vulnerabilities in the Windows DNS client. The issues affect computers running Windows 8/ Server 2012 or later, and can beRead More →
Security researchers from Kaspersky Lab have discovered a new strain of ATM malware dubbed ATMii that could be used to empty an ATM. Security researchers from Kaspersky Lab have discovered a new strainRead More →
Appeal of ransomware sees sales rise from $250,000 in 2016 to over $6m in 2017 – and some ransomware sellers are now pocketing a salary of over $100,000 a year.Read More →
The bug exposed customers’ email addresses, their billing account numbers, and the phone’s IMSI numbers. T-Mobile has patched the bug. Until last week, a bug on a T-Mobile website letRead More →
Microsoft October Patch Tuesday addresses the CVE-2017-11826 Office Zero-Day vulnerability that has been exploited in the wild in targeted attacks. Yesterday we discussed Microsoft’s October Patch Tuesday addressed three critical zero-day securityRead More →
Who knew there could be ways to analyze our sleep patterns other than the sleep tracking apps and fitness bands. Credits to a WhatsApp exploit, some interested person can monitorRead More →
Do you want the user’s Apple ID password, to get access to their Apple account, or to try the same email/password combination on different web services? Just ask your usersRead More →
